This CDK application sets up a central API Gateway with integrations to multiple APIs in different accounts using VPC Endpoints. All of the network traffic from the central HTTP ApiGateway is private, using PrivateLink via the VPC Endpoints and VPC Endpoint Services which are created in the providing accounts.
-
Deploy the backend providing APIs
- EC2 Provider stack, which exposes a simple Todo API using EC2.
- ECS Provider stack, which exposes a simple read-only API using ECS Fargate.
-
Export four different environment variables:
The
TODO_SERVICE_NAMEreferences the VPC Endpoint Service created in theEC2 Providerstack. TheDOGNAME_SERVICE_NAMEreferences the VPC Endpoint Service created in theECS Providerstack.$ export AWS_ACCOUNT=111111111111 $ export AWS_REGION=us-west-2 $ export TODO_SERVICE_NAME=com.amazonaws.vpce.us-west-2.vpce-svc-xxxxxxxxxxxxxxxxx $ export DOGNAME_SERVICE_NAME=com.amazonaws.vpce.us-west-2.vpce-svc-xxxxxxxxxxxxxxxxx
-
Deploy the stacks using the
Makefilewhich is much simplier:$ make deploy
Take note of the URL output from the
global-apigwstack. This is the URL which will be used to access all of the providing APIsglobal-apigw.HttpApiEndpoint = https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/
Once deployed, this creates global-apigw stack. You can test it using the below commands:
$ # Test out the todo stack
$ curl https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/todo
$ curl -d data="new data" https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/todo
$ curl https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/todo
$
$ # Test the dog name stack
$ curl https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/dogs
$ curl https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/dogs/males
$ curl https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/dogs/females