I'm looking at the documentation for AWS Amplify and am confused about the correct way to use Authentication to call an API Gateway Endpoint.
At the bottom of the page it says this:
THIS IS NOT A RECOMMENDED ARCHITECTURE and we highly recommend you leverage AWS AppSync or API Gateway as the endpoint to invoke your Lambda functions.
and I need some help getting on the right track because I'm very confused
I think the THIS IS NOT A RECOMMENDED ARCHITECTURE comment is referring to the code example immediately above it. The code example shows an example of directly invoking a lambda function, not proxying it through the API Gateway.
API: {
endpoints: [
{
name: "MyCustomLambda",
endpoint: "https://lambda.us-east-1.amazonaws.com/2015-03-31/functions/yourFuncName/invocations",
service: "lambda",
region: "us-east-1"
}
]
}
Related
I would like to add a preexisting lambda authenticator to the routes of a preexisting http api gateway using the serverless framework. I have followed the docs, whereby I have specified the authorizer details under provider.httpApi (lines 15 to 18), and I have referenced the authorizer on the route(s) below (line 27 & 28). Though I get the error message:
Cannot setup authorizers for externally configured HTTP API
What am I doing wrong here? It must be for a HTTP API gateway and not a REST API gateway as thats what the current infra is configured as. Thanks
It looks like you're using an externally configured HTTP API (I'm guessing from the id being set). In such a situation, you cannot configure authorizers in this manner, you can only do so when you're provisioning HTTP API as a part of your serverless service. What you can do there, is to setup a shared authorizer in a more manual way as described in docs here: https://www.serverless.com/framework/docs/providers/aws/events/http-api#shared-authorizer
I came across this post when researching how to use API gateway authorizers and serverless framework. I was terraforming the API gateway therefore needed to terraform the authorizer as well. When created, I stashed the authorizer ID in a parameter store entry. This is a 6 character alphanumeric value such as tw9qgj. I then referenced the parameter as follows:
custom:
authorizerId: ${ssm:api_gateway_authoriser}
Then added the following block to each API e.g.
- httpApi:
path: /protected
method: get
authorizer:
id: ${self:custom.authorizerId}
I try to setup basic integration between api gateway directly to my ECS backed service in VPC.
my application exposes GET /ping method that return 200 "pong" - very basic
so I ve created basic api method
I am totally clueless as there are many tutorials that are describing how to integrate api-gateway with ELB or with SNS but nothing about ECS/fargate or EC2. but if I had to use ELB - why I need api gateway in first place :/ ?
can someone point me to any documentation?
Since your original questions sounds like you are look for documentations. Look at this . https://aws.amazon.com/blogs/compute/using-amazon-api-gateway-with-microservices-deployed-on-amazon-ecs/
Goal: I have an Angular 5 client that I wish to centralise logging to AWS CloudWatch so that I can view all logs (from the web client, API, lambdas, DynamoDB) in one place.
Solution considered:
(1) Create an API on the AWS Api Gateway with the CloudWatch Logs (AWS Service)
(2) Angular 5 client will post all logging to this API.
Problem:
I am having difficulty configuring the AWS Api Gateway correctly. The documentation on this is particularly sparse. I have created a simple test API with the following configuration.
Basic API configuration
This is a POST method on the API. The TestAPIRole has permission to PutEventLogs to CloudWatch.
I ran a test with the following data:
Test message
And I get the following response:
Response from test message
I think I haven't configure the API right but I am not sure what else to try. Has anyone tried to configure AWS API Gateway to post log events to Cloudwatch?
Has anyone tried to configure AWS API Gateway to post log events to Cloudwatch?
We have an error-logger API (API Gateway + Lambda) we use at work. At the minimum, it's just a simple POST endpoint that receives what the frontend (ours is in React) error handler sends. The Lambda simply writes to CloudWatch and we aggregate them through ElasticSearch.
I am trying to test an implementation of aws apigateway on an existing webapplication's REST endpoint on aws. This endpoint is for bulk updates using POST/PATCH methods
Looking into the vast and lengthy documentation on AWS site, it talk about IAM roles for authentication.
Any high-level tips on implementing API gateways will be appreciated, to get started.
Choosing IAM Role in Authorization and also Choosing Other Authorizers (Lambda or Cognito) are also optional.
Do simple Steps and you are ready.
Create an API.
Goto Resources>>Actions>>create Method (POST/PATCH).
Integration Type Choose HTTP and enter your endpoint Url
Resources >> Action >> Deploy API
It will deploy apigateway application and provide you Endpoint url to use.
Again:
Choosing Models, API Keys, Client Certificates, Custom Domain, Authorizers and VPC setup all are optional.
Its simple and easy.
Most of my experience with Bluemix so far has been using the web management console. I would now like to start using the cloud foundry rest API.
I've had a look through the cf rest API documentation for creating a service instance and see this:
{
"space_guid": "bbbeed31-f908-477a-aab9-8cdcd19e1348",
"name": "my-service-instance",
"service_plan_guid": "fe173a83-df28-4891-8d91-46334e04600d",
"parameters": {
"the_service_broker": "wants this object"
},
"tags": [
"accounting",
"mongodb"
]
}
I have no idea what I need to set for the tags or parameters for a Bluemix service. How can I find this out on for each bluemix service?
When I instantiate a service using the Bluemix web console, is it possible to view the rest API requests that are submitted in the background so that I can reverse engineer the API calls??
You won't be able to see the commands sent by the BlueMix console directly, but you could replicate the commands with the Cloud Foundry CLI and set an environment variable of CF_TRACE=true to output all requests to STDOUT. You can also set it as CF_TRACE=/path/to/file.
The UUIDs could be changed. If you're going to use the API, you'll need to look things up by name, find their UUIDs, and then use them in subsequent requests. I've been working on something similar, that really should have been implemented as a Terraform provider: https://github.com/EngineerBetter/cf-converger