I'm looking for a solution to route traffic from our main domain (company.com) to various ECS services across different AWS accounts. We have our domain set up in account A but need to send requests to services in account B and account C based on the URL path. Specifically, I want any requests that match `/api/v1/B/*` to go to service B, while requests to `/api/v1/C/*` should go to service C. I've considered setting up ALBs in each account and handling the routing based on path rules, but I'm unsure if that's possible. What's the best practice for achieving this setup?
5 Answers
Also, check out some AWS documentation on path-based routing on ALBs. There's helpful information that can guide you through your setup if you need more details: [Path-Based Routing on ALB](https://go.aws/4l9EfLi).
One effective way to handle this is by using CloudFront. You can set up the ALBs as origins in CloudFront and apply the path-based routing rules there. This way, you can cleanly route traffic without complications.
Just remember, if you decide to use an HTTP redirect on an ALB listener for path matching, it will create an extra hop in your routing. This might impact things like POST requests since they can't carry payloads through redirects. If you're looking for alternatives, API Gateway is another option worth exploring.
Alternatively, if you have VPC Lattice in use, it can simplify the process. You can publish each ECS service into a cross-account service network, which takes care of path routing and authentication without needing a separate load balancer. It's very efficient!
You could also consider using private links for routing between accounts. This will allow you to manage traffic securely without exposing your services publicly.
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads