Reputation: 11
Connect AWS Amplify React Dashboard to backend services in private VPC
I have created a private subnet in a VPC with a couple of private RDS databases and microservices to retrieve handle request from a react dashboard deployed using AWS amplify.
While I can use security groups to restrict access to different private subnet resources, I am having difficulty creating a secure connection between the Amplify front end and the Private VPC backend.
I have used AWS API gateway service to route requests to the subnet microservice. I have spoken to a solution architect who suggested a VPC endpoint could solve the problem, but it seems that this just helps with internal communication within the private VPC.
I have tried creating a HTTP API VPC link, but I am not sure how to test if it is working.
I have tried creating a REST API VPC link but I am having difficulty setting up a working network load balancer to connect it to.
I would appreciate any suggestions on how set up a secure connection
Upvotes: 1
Views: 3682
Answers (1)
Reputation: 31
The short answer is you can't connect between your front-end, which sits on your user's browser, directly with backend resources on a private subnet. What Amplify does is use Cloudfront to distribute your react front end to user browsers. It's not responsible to help the front-end communicate with other non-Amplify related back-end services.
You could consider the following instead:
- You will need to connect to the private service in your private subnet via a public endpoint on a public subnet.
- The front end code (from the user browser or mobile app) will send a request to this public endpoint along with authorization token (after user authentication).
- This public endpoint, which will receive the request via an Application Load Balancer or API gateway will then relay the user request to the RestFUL services sitting in your private subnet.
- I also recommend you develop a RestFUL backend service to handle R/W requests to the database.
For secure communication, you can allow only HTTPS requests to keep user traffic encrypted. Hope this helps.
Upvotes: 1
Related Questions
- AuthError - Error: Amplify has not been configured correctly
- React App not redirecting properly on AWS Amplify
- Connecting AWS Api Gateway and private ALB
- Access Denied Error from protected routes from react app hosted on AWS Amplify
- Cannot connect my AWS api gateway with my local host
- How to run proxy for react/redux application on AWS Amplify
- How to integrate aws-amplify authentication with react-admin?
- Access AWS Secrets from React Amplify APP
- How to create Amplify React app from AWS CLI
- aws amplify re-configuration, delete an existing config and create a new