Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New repo - Invoking private API custom domain from step function workflow #2669

Open
2 of 12 tasks
sahilk225579 opened this issue Feb 11, 2025 · 0 comments
Open
2 of 12 tasks

New repo - Invoking private API custom domain from step function workflow #2669

sahilk225579 opened this issue Feb 11, 2025 · 0 comments
Labels
repo-issue

Comments

@sahilk225579
Copy link
Contributor

sahilk225579 commented Feb 11, 2025
edited
Loading

Description

This solution demonstrates how users can securely invoke a private REST API gateway with a custom domain from Step function workflow. In this architecture, a state machine uses the arn:aws:states:::http:invoke state using EventBridge Connection to invoke the Private API endpoint.

Using EventBridge connection we can now create connections to private APIs, to access resources in VPCs. This setup ensures that the API remains inaccessible from the public internet while still allowing invocations from AWS resources securely.

The solution leverages AWS Serverless Application Model (SAM) to streamline deployment and configuration of these resources, making it easy to implement this secure, scalable solution.

language

English

runtime

N/A

Level

300

Type

Examples

Use case

Interactive workload

Primary image

https://github.com/aws-samples/aws-invoke-private-apigateway-step-function/blob/main/image/architecture.png

IaC framework

AWS SAM

AWS Serverless services used

  • Amazon API Gateway
  • Amazon DynamoDB
  • Amazon EventBridge
  • AWS IoT
  • AWS Lambda
  • Amazon Rekognition
  • Amazon S3
  • AWS Step Functions
  • Amazon SNS
  • Amazon SQS
  • Amazon Transcribe
  • Amazon Translate

Description headline

The Step functions allows invoking the Private REST API Gateway using the EventBridge connections and can be used with both Standard and Express workflows.

Repo URL

https://github.com/aws-samples/aws-invoke-private-apigateway-step-function/tree/main

Additional resources

Whats new AWS Blog - https://aws.amazon.com/about-aws/whats-new/2024/12/amazon-eventbridge-step-functions-integration-private-apis/
Securely share AWS resources across VPC and account boundaries with PrivateLink, VPC Lattice, EventBridge, and Step Functions - https://aws.amazon.com/blogs/aws/securely-share-aws-resources-across-vpc-and-account-boundaries-with-privatelink-vpc-lattice-eventbridge-and-step-functions/
Call HTTPS APIs in Step Functions workflows - https://docs.aws.amazon.com/step-functions/latest/dg/call-https-apis.html
Custom domain names for private APIs in API Gateway - https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-custom-domains.html
Amazon VPC Lattice - https://docs.aws.amazon.com/vpc-lattice/latest/ug/what-is-vpc-lattice.html

Author Name

Sahil Kapoor

Author Image URL

https://avatars.githubusercontent.com/u/190598271?v=4

Author Bio

I am a Cloud Support Engineer at AWS

Author Twitter handle

No response

Author LinkedIn URL

https://www.linkedin.com/in/sahil-kapoor-503391a7/

leave

Raising this solution as a repo as suggested here
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
repo-issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sahilk225579