[{"data":1,"prerenderedAt":62},["ShallowReactive",2],{"pattern-apigw-private-lambda":3},{"id":4,"title":5,"architectureURL":6,"cleanup":7,"contributors":10,"deploy":12,"description":15,"extension":16,"framework":17,"gitHub":18,"highlight":6,"introBox":24,"language":30,"level":31,"meta":32,"patternArch":33,"resources":47,"s3URL":6,"services":6,"stem":55,"testing":56,"videoId":6,"__hash__":61},"patterns\u002Fpatterns\u002Fapigw-private-lambda.json","Amazon API Gateway private API to AWS Lambda",null,{"text":8},[9],"Delete the stack: \u003Ccode>sam delete\u003C\u002Fcode>.",[11],"content\u002Fcontributors\u002Falice-goumain.json",{"text":13},[14],"sam deploy","Create an private API Gateway integrated with Lambda","json","AWS SAM",{"template":19},{"repoURL":20,"templateURL":21,"projectFolder":22,"templateFile":23},"https:\u002F\u002Fgithub.com\u002Faws-samples\u002Fserverless-patterns\u002Ftree\u002Fmain\u002Fapigw-private-lambda","serverless-patterns\u002Fapigw-private-lambda","apigw-private-lambda","template.yaml",{"headline":25,"text":26},"How it works",[27,28,29],"This pattern deploys an Amazon API Gateway private API with a Lambda integration.","The AWS Lambda function is written in Python3.9. The function returns a small message and a status code to the caller.","The private API can only be invoked from the VPC endpoint defined in its resource policy","Python","200",{},{"icon1":34,"icon2":39,"line1":43},{"x":35,"y":36,"service":37,"label":38},20,50,"apigw","API Gateway (private)",{"x":40,"y":36,"service":41,"label":42},80,"lambda","AWS Lambda",{"from":44,"to":45,"label":46},"icon1","icon2","",{"bullets":48},[49,52],{"text":50,"link":51},"How to invoke a private API","https:\u002F\u002Fdocs.aws.amazon.com\u002Fapigateway\u002Flatest\u002Fdeveloperguide\u002Fapigateway-private-api-test-invoke-url.html",{"text":53,"link":54},"Create an interface VPC endpoint for API Gateway execute-api","https:\u002F\u002Fdocs.aws.amazon.com\u002Fapigateway\u002Flatest\u002Fdeveloperguide\u002Fapigateway-private-apis.html#apigateway-private-api-create-interface-vpc-endpoint","patterns\u002Fapigw-private-lambda",{"text":57},[58,59,60],"To create the private API you need to already have in your environment : a VPC with an internet gateway, a public subnet with a NAT and an EC2 instance, a Security Group that allows port 443 from anywhere, a VPC Endpoint for execute-api associated with the private subnet, the security group and with Private DNS names ENABLED","To be able to invoke a private API you need to : Log into an instance that is in the same VPC and subnet as your VPC Endpoint and in the same security group or which security group is allowed to make requests to the Enpoint's security group","On the instance, open a terminal and execute the curl command with the API URL","x0Tsv4kuz1vepWlylo8QO7_jPVrLNNW8GVePlvbnigQ",1778846882531]