How do I integrate an API Gateway REST API with an Application Load Balancer?

3 minute read
2

I want to integrate an Amazon API Gateway REST API with an Application Load Balancer.

Short description

To integrate your API Gateway REST API with a public Application Load Balancer, use API Gateway HTTP integration.

For private Application Load Balancers, use an API Gateway virtual private cloud (VPC) link to first connect to a private Network Load Balancer. Then, use the Network Load Balancer to forward API Gateway requests to the private Application Load Balancer.

Note: For REST API, there's no direct API Gateway integration for private Application Load Balancers.

Resolution

Integrate an API Gateway REST API with a public Application Load Balancer

Prerequisites:

  • Access to a public Application Load Balancer and its DNS name
  • An API Gateway REST API resource with an HTTP method

Complete the following steps:

  1. Open the API Gateway console.
  2. Choose the API that you want to integrate with the Application Load Balancer.
  3. Under Resources, for Methods, choose the HTTP method that your API uses.
  4. Choose Integration Request.
  5. Under Integration Request, for Integration Type, choose HTTP.
    Note: To pass the entire API request and its parameters to the backend Application Load Balancer, create an HTTP proxy integration. Or, create an HTTP custom integration. For more information, see Set up HTTP integrations in API Gateway.
  6. In the Endpoint URL field, enter either the Application Load Balancer's default DNS name or a custom DNS name. Then, add the configured protocol of its listener. For example, an Application Load Balancer that's configured with an HTTPS listener on port 8080 requires the https://domain-name:8080/ endpoint URL format.
    Important: Use the port and listener rules of your choice to create an HTTP listener or HTTPS listener for the Application Load Balancer. For more information, see Listeners for your Application Load Balancers. For an Application Load Balancer that's configured with an HTTPS listener, an API Gateway-supported certificate authority must issue the associated certificate. If you must use a certificate that's self signed or issued by a private certificate authority, then set insecureSkipVerification to true in the integration's tlsConfig.
  7. Choose Save.
  8. Deploy the API.

Integrate an API Gateway REST API with a private Application Load Balancer

Complete the following steps:

  1. Use API Gateway VPC link integration to integrate your API with a private Network Load Balancer.
  2. Use the Network Load Balancer to forward the API request to the private Application Load Balancer.
5 Comments

Great content, Brent!

replied a year ago

Is the private integration still relevant? No way to connect to private ALB without VPC Link and NLB??

Shachar
replied 6 months ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied 6 months ago

Is this info still accurate?

in this documentation mentions that both are allowed, not only NLB. Not sure about apigateway (not apigatewayv2), though.

Alisson
replied 21 days ago

Thank you for your comment. We'll review and update the Knowledge Center article as needed.

profile pictureAWS
MODERATOR
replied 20 days ago