This Wing platform plugin deploys
all API Gateways (cloud.Api) and AWS Lambda functions (cloud.Function) into a VPC.
See #5057
This requires Wing v0.53.8 or above.
- Let's say you have a Wing with a
cloud.Api,cloud.Functionand other awesome things (see main.w as an example). - Install the AWS CDKTF Provider:
npm i @cdktf/provider-aws- Download apigateway-vpc.js to your project:
curl https://raw.githubusercontent.com/ekeren/wing-apigatway-vpc/main/apigateway-vpc.js -o apigateway-vpc.js- Compile with this plugin:
wing compile -t tf-aws -p ./apigateway-vpc.js main.w- Run terraform apply:
cd target/main.tfaws
terraform init
terraform applyAt the end of your terraform apply, you should see something like this:
my-gateway-behind-vpc_Endpoint_Url_E71A5235 = "https://cxv1weg8ei.execute-api.us-east-1.amazonaws.com/prod"
This is the URL of the cloud.Api that you defined.
Let's check that indeed our endpoint cannot be accessed from the public internet:
curl https://cxv1weg8ei.execute-api.us-east-1.amazonaws.com/prod/dogs
curl: (6) Could not resolve host: cxv1weg8ei.execute-api.us-east-1.amazonaws.comNow, let's run our function, which tries to access the API from within the VPC (all functions are automatically added to the VPC).
aws lambda invoke --function-name consumer-c8b7be45 out.json
cat out.json
"woof"You should also strongly consider using your terraform backend state inside S3 Backend (see guide)