I am creating a rest api using AWS API Gateway and ASP.Net Web Api as the backend service. I have created an ASP.Net Web Api application and hosted it on AWS EC2 instance. Now I want to connect this api hosted on EC2 to the AWS API Gateway.
I searched on internet a lot but found no examples for API gateway with EC2. All the examples are either for Lamda or for HTTP proxy.
There is no special EC2 integration with API Gateway. You should use the same instructions for building an HTTP integration, just specifying the address of your EC2 instance as the integration endpoint.
NOTE: You may want to consider using some additional components like Elastic Load Balancing (ELB) and/or Elastic Beanstalk to improve reliability of your integration backend.
Related
We are developing an Angular App, and we need to use the Microservice Aggregation(AWS API Gateway) pattern.
But we need to consume the REST Services which are going to deploy in API Gateway, to test while developing.
We have Spring boot REST Services as microservices.
I am developing a microservice which will run on AKS in production. I have to expose these service APIs through API management however challenge here is that API management is not available in same subscription. In that case, do i need to expose microservices publicly so API management can access it or vNet pairing between multiple subscriptions will help & microservice will be accessible in API management without exposing publicly.
You can add backend and APIM to different VNET and try to setup peering, that should work. Alternatively expose endpoints publicly, but with mutual certificate authentication.
VNET Peering and mutual certificate authentication are solutions as mentioned by Vitaliy.
Another possible solution is the APIM Self-Hosted Gateway. This is a new feature recently added to APIM. The new self-hosted gateway can be deployed to AKS cluster which might be a possible solution to your issue. This way you will need only to expose the APIM API endpoints.
https://learn.microsoft.com/en-us/azure/api-management/self-hosted-gateway-overview
https://learn.microsoft.com/en-us/azure/api-management/how-to-deploy-self-hosted-gateway-kubernetes
I deployed Swagger APIs in an ec2 instance working with port number. Then, I want to integrate with API gateway for reverse proxy and cors policy. How can I do that? Can any one help on this?
i am able to combine all swagger apis in api gateway.Import the swagger json file in apigateway and add the integration methods according to the requirement either lambda or html or aws services and deploy the api.
We have integrated API Management with Service Fabric in Azure as outlined in this document. Everything is up and running, but we would like to ensure that the traffic between API Management and Service Fabric Stateless Service (ASP.NET Core) is encrypted using HTTPS. Currently the API Management logs show that the traffic is HTTP.
Is there a way to enable HTTPS (or at least encrypted) traffic between API Management and Service Fabric?
APIM gets those http endpoint from SF itself by calling IServiceResolutionClient.ResolveServicePartitionAsync. Are you sure your stateless service is configured with HTTPS scheme at Service Fabric end?
So I have a very small micro service architecture built using Eureka service discovery. The problem I am facing right now is that I only want my service endpoints to accept request from my api gateway, as it is right now you can just make a request straight to the service and hit that service endpoint. Is this a problem Kubernetes would solve? Or Is there a more practical way of doing this?
You should be using network policies to control the traffic between the services.
In kubernetes the services you want to expose internally use service type ClusterIP. This is default anyway which means services are accessible within cluster only. your api gateway is exposed as load balancer service type which then takes traffic from external world and talks to services internally. Depending on your cloud provider you can use firewall in front of load balancer since you can compromise security by simply exposing load balancer. e.g. azure kubernetes you could use application gateway. You can also replace the api gateway with ingress controller. it's very powerful reverse proxy controller which you can expose directly to traffic and that would talk to your services internally.
You really need to understand concepts so i would recommend following links
https://kubernetes.io/docs/concepts/services-networking/service/
https://blog.getambassador.io/kubernetes-ingress-nodeport-load-balancers-and-ingress-controllers-6e29f1c44f2d