DEV Community: Sachin Lubana The latest articles on DEV Community by Sachin Lubana (@lubanasachin). https://dev.to/lubanasachin https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F700876%2F7ecd94c5-c788-45e7-a86e-2222dcd90b8c.jpg DEV Community: Sachin Lubana https://dev.to/lubanasachin en Cloudformation: Lambda with HTTP API Gateway Sachin Lubana Tue, 14 Sep 2021 21:15:43 +0000 https://dev.to/lubanasachin/cloudformation-lambda-with-http-api-gateway-3a66 https://dev.to/lubanasachin/cloudformation-lambda-with-http-api-gateway-3a66 <h2> Hey, Welcome! </h2> <p>In this post I am going to share how you can quickly setup a cloudformation stack with HTTP API Gateway proxying requests to serverless lambda function.</p> <p>You can read in my <a href="https://dev.to/lubanasachin/cloudformation-http-api-gateway-with-dns-4kg5">previous post</a> on setting up an HTTP API gateway with custom domain.</p> <p>To make it simpler, I will break it down into multiple steps.</p> <p>If you are just interested in the <code>yaml</code> template simply scroll down to the end.</p> <p><strong>Step 1: Create serverless lambda function</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoFunction</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Serverless::Function</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Handler</span><span class="pi">:</span> <span class="s">index.handler</span> <span class="na">Runtime</span><span class="pi">:</span> <span class="s2">"</span><span class="s">nodejs12.x"</span> <span class="na">InlineCode</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">exports.handler = function(event, context, callback) {</span> <span class="s">console.log(event);</span> <span class="s">const response = {</span> <span class="s">statusCode: 200,</span> <span class="s">body: JSON.stringify('Hello Node rule 1')</span> <span class="s">};</span> <span class="s">callback(null, response);</span> <span class="s">};</span> </code></pre> </div> <p>The above code creates <a href="https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html">serverless lambda</a> function.</p> <p>This lambda function basically uses </p> <ul> <li> <code>nodejs12.x</code> as <a href="https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html">runtime</a> </li> <li>inline source code which can be <code>CodeUri</code> property that reference the source code from file</li> </ul> <p><strong>Step 2: Enable lambda invoke permission</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoLambdaInvokePermission</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Lambda::Permission</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">FunctionName</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoFunction</span> <span class="na">Action</span><span class="pi">:</span> <span class="s2">"</span><span class="s">lambda:InvokeFunction"</span> <span class="na">Principal</span><span class="pi">:</span> <span class="s">apigateway.amazonaws.com</span> </code></pre> </div> <p>The above code enables the lambda invoke from an api gateway You can read more about the <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html">lambda invoke</a> permission.</p> <p><strong>Step 3: Create lambda proxy integration</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoIntegration</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::Integration</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">ApiId</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoHttpApi</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">Lambda proxy integration</span> <span class="na">IntegrationType</span><span class="pi">:</span> <span class="s">AWS_PROXY</span> <span class="na">IntegrationMethod</span><span class="pi">:</span> <span class="s">GET</span> <span class="na">PayloadFormatVersion</span><span class="pi">:</span> <span class="s2">"</span><span class="s">2.0"</span> <span class="na">IntegrationUri</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s1">'</span><span class="s">arn:${AWS::Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DemoFunction.Arn}/invocations'</span> </code></pre> </div> <p>The above code integrates the lambda function with an HTTP api gateway.<br> You can read more about the lambda proxy integration <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-integration.html">here</a></p> <p><strong>Step 4: Create api route</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoApiRoute</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::Route</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">ApiId</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoHttpApi</span> <span class="na">RouteKey</span><span class="pi">:</span> <span class="s2">"</span><span class="s">GET</span><span class="nv"> </span><span class="s">/demo"</span> <span class="na">AuthorizationType</span><span class="pi">:</span> <span class="s">AWS_IAM</span> <span class="na">Target</span><span class="pi">:</span> <span class="kt">!Join</span> <span class="pi">-</span> <span class="s">/</span> <span class="pi">-</span> <span class="pi">-</span> <span class="s">integrations</span> <span class="pi">-</span> <span class="kt">!Ref</span> <span class="s">DemoIntegration</span> </code></pre> </div> <p>The above code creates an <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-route.html">api route</a> with requests targeted to the lambda proxy integration.</p> <p>I have configured authorization type as <code>AWS_IAM</code> which means the calling client (IAM role) must have permission to execute API gateway.</p> <p>I use this API gateway for internal service communication where the calling site is another lambda function.</p> <p>It implies that my lambda function <code>X</code> requests data from api gateway which proxies the requests to lambda function <code>Y</code> and this request is authenticated using <code>AWS_IAM</code> mechanism.</p> <p><strong>Step 5: Call site lambda function</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoCallFunction</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Serverless::Function</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Handler</span><span class="pi">:</span> <span class="s">index.handler</span> <span class="na">Runtime</span><span class="pi">:</span> <span class="s">nodejs12.x</span> <span class="na">CodeUri</span><span class="pi">:</span> <span class="s">dist/lambda/demoCall/</span> <span class="na">Policies</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">AmazonAPIGatewayInvokeFullAccess</span> </code></pre> </div> <p>That is all you need to integrate lambda function with an HTTP api gateway.</p> <p>You can use the below template to create cloudformation stack with all the above resources we talked about.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">AWSTemplateFormatVersion</span><span class="pi">:</span> <span class="s2">"</span><span class="s">2010-09-09"</span> <span class="na">Transform</span><span class="pi">:</span> <span class="s">AWS::Serverless-2016-10-31</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">Lambda with HTTP API gateway demo stack</span> <span class="na">Resources</span><span class="pi">:</span> <span class="c1">##########################################</span> <span class="c1">## create your API gateway resources ##</span> <span class="c1">## as described in my previous post ##</span> <span class="c1">##########################################</span> <span class="na">DemoFunction</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Serverless::Function</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Handler</span><span class="pi">:</span> <span class="s">index.handler</span> <span class="na">Runtime</span><span class="pi">:</span> <span class="s2">"</span><span class="s">nodejs12.x"</span> <span class="na">InlineCode</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">exports.handler = function(event, context, callback) {</span> <span class="s">console.log(event);</span> <span class="s">const response = {</span> <span class="s">statusCode: 200,</span> <span class="s">body: JSON.stringify('Hello Node rule 1')</span> <span class="s">};</span> <span class="s">callback(null, response);</span> <span class="s">};</span> <span class="na">DemoLambdaInvokePermission</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Lambda::Permission</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">FunctionName</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoFunction</span> <span class="na">Action</span><span class="pi">:</span> <span class="s2">"</span><span class="s">lambda:InvokeFunction"</span> <span class="na">Principal</span><span class="pi">:</span> <span class="s">apigateway.amazonaws.com</span> <span class="na">DemoIntegration</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::Integration</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">ApiId</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoHttpApi</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">Lambda proxy integration</span> <span class="na">IntegrationType</span><span class="pi">:</span> <span class="s">AWS_PROXY</span> <span class="na">IntegrationMethod</span><span class="pi">:</span> <span class="s">POST</span> <span class="na">PayloadFormatVersion</span><span class="pi">:</span> <span class="s2">"</span><span class="s">2.0"</span> <span class="na">IntegrationUri</span><span class="pi">:</span> <span class="kt">!Sub</span> <span class="s1">'</span><span class="s">arn:${AWS::Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DemoFunction.Arn}/invocations'</span> <span class="na">DemoApiRoute</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::Route</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">ApiId</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoHttpApi</span> <span class="na">RouteKey</span><span class="pi">:</span> <span class="s2">"</span><span class="s">GET</span><span class="nv"> </span><span class="s">/demo"</span> <span class="na">AuthorizationType</span><span class="pi">:</span> <span class="s">AWS_IAM</span> <span class="na">Target</span><span class="pi">:</span> <span class="kt">!Join</span> <span class="pi">-</span> <span class="s">/</span> <span class="pi">-</span> <span class="pi">-</span> <span class="s">integrations</span> <span class="pi">-</span> <span class="kt">!Ref</span> <span class="s">DemoIntegration</span> </code></pre> </div> <p>In my next post, I will be sharing how we can connect a lambda function to an application load balancer.</p> aws lambda Cloudformation: HTTP API Gateway with DNS Sachin Lubana Wed, 08 Sep 2021 16:23:05 +0000 https://dev.to/lubanasachin/cloudformation-http-api-gateway-with-dns-4kg5 https://dev.to/lubanasachin/cloudformation-http-api-gateway-with-dns-4kg5 <h2> Hey, Welcome! </h2> <p>In this post I am going to share how you can quickly setup a cloudformation stack with an HTTP API Gateway listening behind a custom domain.</p> <p>To make it simpler, I will break it down into multiple steps.</p> <p>If you are just interested in the <code>yaml</code> template simply scroll down to the end.</p> <p><strong>Step 1: Create an HTTP api gateway resource</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoApiGateway</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::Api</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Name</span><span class="pi">:</span> <span class="s">Get started HTTP API</span> <span class="na">ProtocolType</span><span class="pi">:</span> <span class="s">HTTP</span> </code></pre> </div> <p>The above code creates an <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html">api gateway</a> resource.<br> I chose HTTP API over REST because of the following reasons:</p> <ul> <li>low latency</li> <li>cost effective</li> </ul> <p>You can read more about the <a href="https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-vs-rest.html">comparison here</a></p> <p><strong>Step 2: Create an api gateway stage</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoApiStage</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::Stage</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">ApiId</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoApiGateway</span> <span class="na">StageName</span><span class="pi">:</span> <span class="s">Live</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">Live Stage</span> <span class="na">AutoDeploy</span><span class="pi">:</span> <span class="no">true</span> </code></pre> </div> <p>The above code creates an <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html">api stage</a> called <code>Live</code> and it is set to auto deploy.</p> <p><strong>Step 3: Create custom domain</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoDomainName</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::DomainName</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">DomainName</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-DOMAIN-NAME</span><span class="pi">]</span> <span class="na">DomainNameConfigurations</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">EndpointType</span><span class="pi">:</span> <span class="s">REGIONAL</span> <span class="na">CertificateArn</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-ACM-CERT-ARN</span><span class="pi">]</span> </code></pre> </div> <p>The above code creates a <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-domainname.html">custom domain</a> resource that will be attached to the API Gateway.</p> <p>Please note, you need to create an ACM certificate which is available in the same region since the endpoint type is <code>REGIONAL</code></p> <p><strong>Step 4: Create domain mapping</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoApiMapping</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::ApiMapping</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">DomainName</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-DOMAIN-NAME</span><span class="pi">]</span> <span class="na">ApiId</span><span class="pi">:</span> <span class="s">DemoApiGateway</span> <span class="na">Stage</span><span class="pi">:</span> <span class="s">DemoApiStage</span> </code></pre> </div> <p>The above code creates <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-apimapping.html">domain mapping</a> resource that connects the domain to the api gateway on a given stage name.</p> <p><strong>Step 5: Create DNS alias record</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code> <span class="na">DemoRecordSetGroup</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Route53::RecordSetGroup</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">HostedZoneId</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-HOSTED-ZONE-ID</span><span class="pi">]</span> <span class="na">RecordSets</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Name</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-DOMAIN-NAME</span><span class="pi">]</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">A</span> <span class="na">AliasTarget</span><span class="pi">:</span> <span class="na">DNSName</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">DemoDomainName.RegionalDomainName</span> <span class="na">HostedZoneId</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">DemoDomainName.RegionalHostedZoneId</span> </code></pre> </div> <p>The above code creates an <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html">alias target</a> of type <code>A</code> in route53 for the given hosted zone ID and given domain name.</p> <p>That is all you need to create an HTTP api gateway with custom domain.</p> <p>You can use the below template to create cloudformation stack with all the above resources we talked about.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">AWSTemplateFormatVersion</span><span class="pi">:</span> <span class="s2">"</span><span class="s">2010-09-09"</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">HTTP API Gateway stack</span> <span class="na">Resources</span><span class="pi">:</span> <span class="na">DemoApiGateway</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::Api</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">Name</span><span class="pi">:</span> <span class="s">Demo API Gateway</span> <span class="na">ProtocolType</span><span class="pi">:</span> <span class="s">HTTP</span> <span class="na">DemoApiStage</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::Stage</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">ApiId</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoApiGateway</span> <span class="na">StageName</span><span class="pi">:</span> <span class="s">live</span> <span class="na">Description</span><span class="pi">:</span> <span class="s">Live Stage</span> <span class="na">AutoDeploy</span><span class="pi">:</span> <span class="no">true</span> <span class="na">DemoApiDomainName</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::DomainName</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">DomainName</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-DOMAIN-NAME</span><span class="pi">]</span> <span class="na">DomainNameConfigurations</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">EndpointType</span><span class="pi">:</span> <span class="s">REGIONAL</span> <span class="na">CertificateArn</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-ACM-CERTIFICATE-ARN</span><span class="pi">]</span> <span class="na">DemoApiBasePathMapping</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::ApiGatewayV2::ApiMapping</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">DomainName</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-DOMAIN-NAME</span><span class="pi">]</span> <span class="na">ApiId</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoApiGateway</span> <span class="na">Stage</span><span class="pi">:</span> <span class="kt">!Ref</span> <span class="s">DemoApiStage</span> <span class="na">DemoRecordSetGroup</span><span class="pi">:</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">AWS::Route53::RecordSetGroup</span> <span class="na">Properties</span><span class="pi">:</span> <span class="na">HostedZoneId</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-HOSTED-ZONE-ID</span><span class="pi">]</span> <span class="na">RecordSets</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">Name</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">YOUR-DOMAIN-NAME</span><span class="pi">]</span> <span class="na">Type</span><span class="pi">:</span> <span class="s">A</span> <span class="na">AliasTarget</span><span class="pi">:</span> <span class="na">DNSName</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">DemoApiDomainName.RegionalDomainName</span> <span class="na">HostedZoneId</span><span class="pi">:</span> <span class="kt">!GetAtt</span> <span class="s">DemoApiDomainName.RegionalHostedZoneId</span> </code></pre> </div> <p>In my next post, I will be sharing how we can connect a lambda function to our <code>DemoApiGateway</code></p> aws