How to configure private API gateway with Lambda function in AWS SAM (Serverless Application Model)

Tram Ho

During work, or having problems, notes here always avoid forgetting

What is a lambda function

Lambda function is a very good service of AWS has just appeared in recent years. It allows users to get their programs up and running without having to install an environment like EC2. However, the Lambda function cannot be run on its own, it needs a trigger event, be it called via API, or via Jobs form from AWS CloudWatch. And it’s not all for a system but just a part of it. It is often the role of business logic, receiving information, retrieving information from other modules, returning results or writing data to the Database (DynamoDB or S3). If there is a cost for the server such as E2, then it only charges based on the time the function is called. Very economical, isn’t it. Documentation about Lambda function

What is API Gateway

Literally, API Gateway provides a way for external parties to communicate with system resources, such as api, or s3. With a variety of options, it can be restricted to pre-made permissions, keys, or to limit the IP address. API Gateway Documentation

What is SAM

SAM is an AWS service that helps deploy, install and configure system services and modules automatically on the AWS environment, via the configuration file template.yaml. Very convenient in the process of developing, testing and deploying with different parameter settings for each environment. Documentation about AWS SAM

Configure these services together

Below is a sample content of a typical yaml file.

Points to note

Set API gateway as private

Vpce limit

Point to this API when defining a Lambda function

With the above definition, we have defined it at the same time

  1. API gateway
  2. Lambda function
  3. … can configure both S3, DynamoDB …

How to deploy SAM to AWS environment via cli

Note: you need to install

Refer to the settings here

  1. cli aws
  2. sam cli
  3. Configure profiles inside 2 files ./aws/config and ./aws/credentials

Build and deploy (deploy)

Discuss the API definition in a template

There are two ways to define an api:

  • Independent definition (as above example)
  • Defining inside the events property of Function In this case, if you want to make the API private, you must define it in the Global Section (Because at this time, the EndpointConfiguration property is not supported) Refer to the example below

As you can see, instead of using property: RestApiId: to point to the predefined API, we describe this API right in Function. It was quite convenient ?

Last words

So you’ve completed the configuration and deployment of interlinked services on AWS. Now it’s time to verify that they are implemented correctly by going to the AWS Manage console, looking in CloudFormation, Lambda function, API Gateway.

In the following articles, I will guide how to call this API Gateway from the command line, from the program, as well as separate tests Lambda function, API Gateway on the AWS Manage Console itself.


Share the news now

Source : Viblo