HTTPS to HTTP on AWS EC2

Question

I have an API deployed to an EC2 instance (AWS), which is based on HTTP. Now, there is a front-end that wants to access my API. The front-end is a web app hosted on another server, which is based on HTTPS. Due to the difference in the protocols (at least it is what I can guess), the browser complains about the security.

Now I want to create an API gateway, which connects HTTPS and my HTTP API. Is there an easy way to do it with AWS?

Answer 1

There are some simple methods to make secured connection.

1. No extra cost. Create free SSL certificate using cert bot or something else, integrate it in your application API in EC2 (in case you point your app dirrectly to EC2 instance).
2. No extra cost. Create free SSL certificate with API Gateway and configure your API to use that certificate.
3. (Recommended) Generate certificate using AWS Certificate Manager. Create a load balancer and create HTTPS listener on port 443, add that cert to the listener and. Create rule in that https listener to forward request to a target group with your instance (or attach an auto scaling group). You can also use method 1 to make connection between your EC2 and your load balancer secured.
4. Similar to method 2, but add certificate to CloudFront, make your load balancer an endpoint of Cloudfront.

If you want to use API Gateway, It's recommended to use Lambda instead of EC2. Lambda is high availability, lower cost, automatically scalable and easier to integrate with API Gateway.

Try this if you still want to use EC2