The API Task on AWS private cloud architecture includes a Control Room and a API Task environment, each setup on separate AWS VPCs connected through VPC peering.

Hosting the API Tasks environment in a separate AWS private cloud enables you to scale the API Tasks environment easily based on your organizational requirements. This ensures that the latency is minimal when running the API Tasks.

The following diagram illustrates API Tasks on AWS private cloud architecture:

Architecture diagram of API Task on AWS Virtual Private Cloud

Components

There are four components in API Tasks on AWS private cloud architecture:

  1. Control Room AWS account.
  2. API Task AWS account.
  3. VPC peering between both accounts.
  4. Cross account DNS configuration.

Control Room AWS account

Use the Control Room AWS account to install and set up your Control Room. If you already have Control Room on AWS private cloud, you need to deploy the Control Room CloudFormation stack in the VPC. If you are deploying a new setup, you must download and set up the Control Room using the Automation 360 installer.

For a new setup, install the Control Room on your AWS EC2 instance. The installer allows you to connect the Control Room to the AWS account and start the Automation Anywhere Cloud Service automatically.

API Task AWS account

The API Task AWS account VPC hosts the API Task environment. This AWS account VPC contains all the compute resources required for the running API Tasks.

Use the API Task On-prem CloudFormation template and configure the AWS Elastic Kubernetes Service (EKS) cluster. You can scale this EKS cluster based on your workload requirements.

VPC peering between both accounts

After you configure both the AWS accounts, you must establish a VPC peering connection between both AWS VPCs. VPC peering connection enables you to route the data traffic between both accounts privately using IPv4 addresses configured in their respective routing tables.

Cross account DNS configuration

Once the VPC peering connection is active, you must configure the DNS for the private IPv4 addresses. This ensures that both accounts are accessible to each other through the configured domain names.