Set up VPC links for HTTP APIs in API Gateway - Amazon API Gateway

Set up VPC links for HTTP APIs in API Gateway

VPC links enable you to create private integrations that connect your HTTP API routes to private resources in a VPC, such as Application Load Balancers or Amazon ECS container-based applications. To learn more about creating private integrations, see Create private integrations for HTTP APIs in API Gateway.

A private integration uses a VPC link to encapsulate connections between API Gateway and targeted VPC resources. You can reuse VPC links across different routes and APIs.

When you create a VPC link, API Gateway creates and manages elastic network interfaces for the VPC link in your account. This process can take a few minutes. When a VPC link is ready to use, its state transitions from PENDING to AVAILABLE.


If no traffic is sent over the VPC link for 60 days, it becomes INACTIVE. When a VPC link is in an INACTIVE state, API Gateway deletes all of the VPC link’s network interfaces. This causes API requests that depend on the VPC link to fail. If API requests resume, API Gateway reprovisions network interfaces. It can take a few minutes to create the network interfaces and reactivate the VPC link. You can use the VPC link status to monitor the state of your VPC link.

Use the following command to create a VPC link. To create a VPC link, all resources involved must be owned by the same AWS account.

aws apigatewayv2 create-vpc-link --name MyVpcLink \ --subnet-ids subnet-aaaa subnet-bbbb \ --security-group-ids sg1234 sg5678

VPC links are immutable. After you create a VPC link, you can’t change its subnets or security groups.

Use the following command to delete a VPC link.

aws apigatewayv2 delete-vpc-link --vpc-link-id abcd123

VPC links for HTTP APIs are supported in the following Regions and Availability Zones:

Region name Region Supported Availability Zones
US East (Ohio) us-east-2

use2-az1, use2-az2, use2-az3

US East (N. Virginia) us-east-1

use1-az1, use1-az2, use1-az4, use1-az5, use1-az6

US West (N. California) us-west-1

usw1-az1, usw1-az3

US West (Oregon) us-west-2

usw2-az1, usw2-az2, usw2-az3, usw2-az4

Asia Pacific (Hong Kong) ap-east-1

ape1-az2, ape1-az3

Asia Pacific (Mumbai) ap-south-1

aps1-az1, aps1-az2, aps1-az3

Asia Pacific (Seoul) ap-northeast-2

apne2-az1, apne2-az2, apne2-az3

Asia Pacific (Singapore) ap-southeast-1

apse1-az1, apse1-az2, apse1-az3

Asia Pacific (Sydney) ap-southeast-2

apse2-az1, apse2-az2, apse2-az3

Asia Pacific (Tokyo) ap-northeast-1

apne1-az1, apne1-az2, apne1-az4

Canada (Central) ca-central-1

cac1-az1, cac1-az2

Europe (Frankfurt) eu-central-1

euc1-az1, euc1-az2, euc1-az3

Europe (Ireland) eu-west-1

euw1-az1, euw1-az2, euw1-az3

Europe (London) eu-west-2

euw2-az1, euw2-az2, euw2-az3

Europe (Paris) eu-west-3

euw3-az1, euw3-az3

Europe (Stockholm) eu-north-1

eun1-az1, eun1-az2, eun1-az3

Middle East (Bahrain) me-south-1

mes1-az1, mes1-az2, mes1-az3

South America (São Paulo) sa-east-1

sae1-az1, sae1-az2, sae1-az3

AWS GovCloud (US-West) us-gov-west-1

usgw1-az1, usgw1-az2, usgw1-az3