New serverless pattern - Multi Account Private API Gateway #2515
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…thub.com:usama-khan98/serverless-patterns into usama-khan98-feature-multi-account-private-apigw
bfreiberg
requested changes
Nov 27, 2024
| 2. During the prompts: | ||
| - Enter **stack name** and desired **AWS Region**. | ||
| - Enter **Instance type** either `t2.micro` or `t2.small` | ||
| - Enter **unique [AMI Id](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html)** from chosen region. |
Contributor
There was a problem hiding this comment.
What AMI do I need to search for?
|
|
||
| ## How it works | ||
|
|
||
| This pattern utilizes four accounts and their respective templates. |
Contributor
There was a problem hiding this comment.
Suggested change
| This pattern utilizes four accounts and their respective templates. | |
| This pattern utilizes three accounts and their respective templates. |
Contributor
There was a problem hiding this comment.
remove this and others, keep one at the root folder if necessary
| @@ -0,0 +1,80 @@ | |||
| { | |||
| "title": "Enabling East/West Communication in Multi-Account AWS Architectures with Private API Gateway", | |||
Contributor
There was a problem hiding this comment.
Title needs to be 75 characters or less, please reword
| "name": "Usama Ali Khan", | ||
| "image": "https://media.licdn.com/dms/image/v2/D4E03AQHcLMpZ1LV9UQ/profile-displayphoto-shrink_800_800/profile-displayphoto-shrink_800_800/0/1685892371158?e=1737590400&v=beta&t=RaPZkIgm7m3thW4PyKSQNn_w9fMbYBeu5PPrQ6K4vBU", | ||
| "bio": "Usama is a Technical Account Manager at Amazon Web Services.", | ||
| "linkedin": "https://www.linkedin.com/in/usama-ali-khan/" |
Contributor
There was a problem hiding this comment.
Suggested change
| "linkedin": "https://www.linkedin.com/in/usama-ali-khan/" | |
| "linkedin": "usama-ali-khan" |
| "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/sfn-athena-cdk-python", | ||
| "templateURL": "serverless-patterns/multi-account-private-apigw", | ||
| "projectFolder": "multi-account-private-apigw", | ||
| "templateFile": "multi-account-private-apigw/centralAccount/template.yaml" |
Contributor
There was a problem hiding this comment.
Suggested change
| "templateFile": "multi-account-private-apigw/centralAccount/template.yaml" | |
| "templateFile": "centralAccount/template.yaml" |
bfreiberg
reviewed
Nov 27, 2024
Comment on lines
139
to
142
| 3. For **/image** path, use the following curl command (*you can update the prompt and image name as needed*): | ||
| ```bash | ||
| curl --location --request POST 'https://abcdefghij.execute-api.eu-west-1.amazonaws.com/Prod/image' \ | ||
| --data 'A bustling futuristic city at night with neon signs, towering skyscrapers, flying vehicles, and busy street life, in the rain. Detailed and atmospheric.' --output image.jpg |
bfreiberg
reviewed
Nov 27, 2024
| ## Testing | ||
| 1. Once you have deployed all the Stacks, [connect to your EC2 instance using SSH](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connect-to-linux-instance.html) or [using EC2 Instance Connect](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connect-linux-inst-eic.html) in **Central Account**. | ||
|
|
||
| 2. After connecting to the EC2 instance, run the following `curl` command from the outputs to test the **/text** path (you can add `-v` flag for verbose response): |
Contributor
There was a problem hiding this comment.
What do you mean by "from the outputs"?
…ragraph from the code and fixed the title
bfreiberg
requested changes
Nov 28, 2024
Contributor
bfreiberg
left a comment
bfreiberg
left a comment
There was a problem hiding this comment.
Looks almost perfect, just some minor adjustments
Co-authored-by: Ben <9841563+bfreiberg@users.noreply.github.com>
Co-authored-by: Ben <9841563+bfreiberg@users.noreply.github.com>
Co-authored-by: Ben <9841563+bfreiberg@users.noreply.github.com>
bfreiberg
approved these changes
Nov 28, 2024
Contributor
|
Looks good, thanks for your contribution. Your pattern will be merged to Serverlessland soon. |
usama-khan98
deleted the
usama-khan98-feature-multi-account-private-apigw
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available: 2516
Description of changes:
New SAM templates to create Private REST API Gateway in multiple accounts and integrate with the central account.
This pattern deploys four separate AWS accounts: a client account with an EC2 instance and VPC Endpoint for testing, a central account hosting the main API Gateway and routing components, an account with an ECS Fargate service behind a private API Gateway, and another account with a Lambda function integrated with Amazon Bedrock for image generation. Each account contains its own AWS resources to ensure proper communication and isolation.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.