I seem to be stuck with my architecture for ECS Microservices. Current State :
- ECS cluster with 2 EC2 instances in private subnets exposing a dockerized node express endpoint on port 3000 (1 service, 2 running tasks)
- NAT gateway route out from VPC's default route table
- internal NLB in front of those 2 EC2 instances.
- VPC Link created in API Gateway for targeting the NLB.
- API gateway integration with the VPC link (what do I enter as the endpoint URI? is it the DNS of the NLB? or custom domain name in step 6)
- Created custom domain name for the API gateway
when I try to send a request to customdomainname:3000/task. I expected the task to be run However I do not get any response(There was an error connecting to customdomainname:3000/task).
Everything works perfectly fine if its an internet facing Application load balancer and instances in public subnet, but I need to use the VPC link approach to secure my application.
I understand my question might be vague, but I would appreciate any input and insights from anyone who has worked on this before
