I have created an API using AWS API Gateway. Now I want to log each of the request on each method of each resource. Also, I need the source IP address of the client accessing the route. How can I accomplish this without writing custom code in the API functions ?
The default CloudWatch logs for your API should include all headers, including the X-Forwarded-For header which will contain the source IP address. (See http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-stage-settings.html)
If you need custom logging you will need to implement this in your Lambda functions. You could take advantage of something like Apex or Serverless and write some automation to manage your Lambda functions and share duplicate code.
Related
Can the namespace preferences and program preferences be set via REST API calls? If yes, what is the syntax for it?
Generally in Cloud Data Fusion, when we intend to perform the action on GCP side, like create/delete/restart etc. instance, it's feasible to use domestic Google Cloud API, giving the opportunity to interact with a service endpoint via JSON/HTTP calls interface as described in Google Cloud API design document.
Dedicated to Data Fusion you can follow the Cloud Data Fusion REST API reference document, nicely explaining the methods for composing REST API HTTP calls to manage Data Fusion instances, moreover every method description from the documentation contains Google API Explorer sub-panel, to get handy experience building JSON request on a live data.
Said above, I assume your initial question is related more to CDAP REST API, as it includes the methods for pure CDAP instance metadata/namespaces/application configuration.
From the user perspective your workflow might be the following:
Identify the CDAP API endpoint as explained in this guideline;
Compose an HTTP PUT/GET request relevant to Data Fusion
Namespace/Metadata/Preferences/Configuration
object via CDAP RESTful API.
Yes of course! You have two methods.
The first method is creating it from the platform. Follow the steps below:
Open your data fusion instance
Go to System Admin => Configuration => Make HTTP calls
To create a namespace, submit an HTTP PUT request:
PUT /v3/namespaces/<namespace-id>
Link of CDAP: CDAP
The second method is using terraform.
I have an external REST based API that I need to create a connection to in order to retrieve data on a regularly scheduled basis (for BI purposes). This API is fairly robust, and supports around 60 distinct endpoints. Also, this same API is used to access information across multiple client sub-domains (e.g. client1.apisource.com, client2.apisource.com, client3.apisource.com, etc.). In other words, the API endpoints are the same for each client subdomain.
So what I'm trying to figure out is whether it's possible to create a single ADF that contains a complete set of pipeline actions for each endpoint THAT uses a "dynamic" URL based on the client subdomains? In other words...what I'm trying to see if its possible to create a single ADF that can manage a dynamic list of base URLs.
I tried to parameterize the HTTP and REST connections, but this doesn't appear to Is this possible yet. Any thoughts? Thanks!
Here is an example of a Web Activity to call a REST API using parameters and expressions. The URL can be an expression like:
#concat('https://management.azure.com/subscriptions/',pipeline().parameters.SubscriptionID,'/resourceGroups/',pipeline().parameters.ResourceGroup,'/providers/Microsoft.Sql/servers/',pipeline().parameters.Server,'/databases/',pipeline().parameters.DW,'?api-version=2014-04-01')
My API endpoint type is edge-optimized. I have a custom domain name API like www.example.com and I want to add a new CloudFront which to block specific countries request in front of my API Gateway.
How to add a new CloudFront in front of my API Gateway and use the same domain name (www.example.com)? I am confused. Is it possible to do that?
Any advice will be appreciated.
Yes it is possible to do that. You should follow the following steps.
Create a origin for your API Gateway inside your CloudFront
distribution. There you should enter the endpoint of your API Gateway
for the origin domain name.
Then you need to create a behavior inside
the CloudFront distribution which forwards requests that match a
specific path pattern to your API Gateway. (Make sure that you put
the Minimum TTL to as 0, since we don't want to cache the the API
requests)
See the following documentation for further reference.
Custom origins
Cache behaviors
I have a REST API created in AWS API Gateway with backend implemented using AWS Lambda functions. There are nearly 50 API calls and underlying lambda functions. Now I want to store each of the API call url, params and request body along with error/response to some log table in our database. Is there any way I can accomplish this without modifying the code of each and every lambda function for the same. I have a custom authorizer lambda function on most of the API calls. So, I thought about writing the logic to insert to DB in that function. But the problem is that I cannot get access to the output in the authorizer function. Is there any other way where I can access the input and output both ?
The custom authorizer function is intended to make authorization decisions only and is not supported for this use-case.
Please see response in AWS API Gateway: Is it possible to add source IP address in each API method?
Thanks,
Ryan
When we create End Point, it has external address to access it. So, if I try to call it from another End Point it will use some traffic.
I want to create End Point available from outside (Api), and another end point for accessing to datastorage. Second End Point shouldn't have external access, and could be called only inside App Engine from another applications (first service with external address). Just for security and minimization traffic.
So, is it possible to create End Point that available only for another End point and applications from Container Engine? Or i should do it in another way?
I find your question rather vague. Are you trying to access one endpoint from within the same app engine application? You could extract the endpoint code into a static method and call that method. There's no good reason to use endpoints for such a scenario.
If you try to access your endpoint from another App Engine application:
Cloud Endpoints are public by default. If you restrict the access things like the Google JavaScript client won't work anymore because you'll block the proper discovery of your endpoints.
You can restrict access to your endpoints by injecting the HttpServletRequest into your endpoint #ApiMethod and filter by the requester's IP or a custom header. You could also inject the User object into your endpoint method and do a service account oauth authentication to access your endpoint from another app engine instance or project.
Hope this helps
Local access to AppEngine's datastore is possible through:
JPA, JDO, the low level API (https://cloud.google.com/appengine/docs/java/datastore/) If you need a wrapper, i'm using Objectify in all my projects, but there's also slim3 (see link).