AWS API Gateway Basics

by

Introduction

APIs are mechanism that facilitates two software components communicating with each other. APIs act as a front door for applications to access data, business logic or functionality from backend services.

AWS API Gateway is a service that facilitates the creation, publishing, maintenance, monitoring and security of your APIs at any scale.

  • It is a highly available, scalable, managed service for APIs.
  • It can perform Authentication and Authorization.
  • It can perform throttling, metering, caching.
  • Manage Request/Response (Lambda functions)

API Gateway is a key component for building serverless web applications.

AWS official website contains great information about API Gateway features, pricing and use cases. You can can check up to date information on this link.

Integrating API Gateway with Lambda

This is one of the common setup for many web application.

Now, I’ve written a post about AWS Lambda basics and I will be reusing the lambda function from that post. However you can select any other lambda function for the same purpose.

Lets create a very simple API using Web Console.

We can now click Create API button on the page and a new API will be created.

Create a Resource

Lets create a resource name library as shown below:

Next, we will create create a Get Method for this resource.

Create a Get Method

For now, lets keep things simple and Create a Method by selection action from Action Dropdown. Following screen shows the Get Setup where I have selected a Lambda function library for integration.

We can now click Save button on the page to create the Get Method.

Next, we will Deploy the API to a Stage.

Deploy API

We can deploy the API by simply clicking on the Deploy API action as shown below:

This will show the following dialog and here we can create a stage (in this case dev) to deploy the API:

Once we click the Deploy button, our API will be deployed to this stage. Following picture shows the stage editor, where we can do more configurations as needed. The Invoke URL shown below is the endpoint for the API.

and we can now visit this URL and following picture shows the data from the Lambda function:

Integrating another Lambda Function with API Gateway

I’ve written another lambda function using AWS Web Console. This function just returns a random string:

Next, following steps shown earlier, I’ve created a resource and method in API Gateway for this lambda function:

Once done, we can visit the Invoke URL link to see the result:

So, at this point, we have two resources and we can add more resources and methods to API Gateway if we want in the similar fashion.

Protecting API Endpoints using Cognito

Lets bring in Authentication and Authorization to the mix and see how we can control access to randomcode functionality in a way that it is not accessible to unauthorized users.

We will be using Cognito UserPool for this purpose. You can check this post, which will walk you through the basics of Cognito.

In API Gateway dashboard, go to Authorizers section and click Create New Authorizer button:

Next, we will provide some details for the Authorizer. For Type, we selected Cognito and the corresponding UserPool. For Token Source, we mentioned that it will be available via Authorization header. Click Create button once ready:

Wiring up Authorizer with The API Resource

We now have created an Authorizer and next step is to wire this up with the randomcode API endpoint. We can simple go to method setting of the resource and our newly created Authorizer will show up in the list for Authorization setting and we can simply select it from the list, as shown below:

With this setting in place, we can now Deploy the API to publish the changes. Once deployment is done, we can try visit the URL for randomcode API again and this time, we got the following message:

So, the endpoint is now protected from unauthorized access. We will cover more about Cognito authentication and authorization capabilities in later posts.

Summary

In this post, we learned the basics of AWS API Gateway and how this is a great service for developers to quickly and easily create and publish APIs at scale.

We also covered a typical arrangement of making a lambda function call through an API Endpoint and we did that by creating a resource and Get method setting via the web console.

We then added another resource for a different lambda function (randomcode) and we saw that how we can restrict access to this API endpoint via AWS Cognito UserPool.

We will be covering more serverless components in upcoming posts and will revisit API Gateway again and learn more settings, features and usage scenarios.

Let me know if you have some questions or comments. Till next time, Happy Coding.

1 thought on “AWS API Gateway Basics”

  1. Pingback: .NET On AWS – Basics – Hex Quote

Comments are closed.