Open in app

Sign in

Write

Sign in

Make REST APIs Using AWS Lambda and API Gateway

Shubham Arora
The Startup
Published in
5 min readJun 21, 2020

Get your REST APIs or Web-Sockets up and running within 5 minutes in 4 Steps using AWS Lambda and API Gateway:

Quick def, the noob’s way:

AWS Lambda

You can think of AWS Lambda as a service, which will execute your code for you. And you don’t have to worry about server configuration, doing a setup of required runtime to execute it and all that jazz. It support multiple languages.

Amazon API Gateway

In simple term, you can configure your REST API endpoint and it’s HTTP verbose here. There are more things which can be done here, like — setting authorisation mechanism for your APIs, rate limiting, etc. In short you are defining (to be precise configuring) your routes here.

Note: Your lambda function cannot be invoked directly, we will expose a REST API resource using API Gateway and set the lambda function as a downstream system for your API.

Step 1: Create your Lambda function

We are authoring from scratch here
  • For Function name, enter <FUNCTION_NAME>.
  • Choose a runtime — Depends on language.
  • Click Create function.
  • Write your code (which can do many things like, processing the request data, make call to 3P API or some storage service, and more) in the code editor on the next screen and save.

Step 2: Create Amazon API Gateway

  • Open Amazon API Gateway
  • Click on “Create API” → Choose API type as “REST API” → Enter the required information and click “Create API”.
Enter the required information
  • From the Actions dropdown, you can Create Method (Endpoint) and Create Resource (HTTP Verbose)
  • When you create a method, you will be asked to choose an integration point from where you can select your lambda function created in step 1
Search and select your Lambda Function
  • Now this lambda function is a downstream system of your API. All the request landing on this endpoint will be fulfilled by your lambda function.
  • Time to deploy your API.
  • From the same Actions dropdown, from where you have created resources / methods. Click on “Deploy API” option there.
This modal will open up to capture deployment detail.
  • Enter the stage name for your deployment, like — PreProd, Test, Prod, etc. Click “Deploy”.
  • Note: You have to deploy again to appropriate stage if you make any changes (Like adding or removing resource / method, policy of any method) to the API.
  • After this you will see base link to your API. Append your endpoint after this base url and hit it, lambda function will execute and respond you back as programmed. The URL will look like:
    https://<AWS_URL>/<STAGE_NAME>/<RESOURCE_NAME>

Hurray! Your API is ready till here. Now let’s work on making it little secure.

Step 3: Setup API keys for accessing API Gateway

Let’s ensure your client (browser, mobile, etc) can only access your APIs with authentication key. We will create such key in this step.

  • Go to Amazon API Gateway page, select your API.
  • On the left hand side menu, click on the option called “API Keys”. Use it to create an API Key to provide it to the API Client for Authorization purpose.
Click on Actions → Create API Key

Step 4: Create usage plan for stage and specify allowed API keys.

  • On left hand side menu, Click on “Usage Plan” to create a plan.
  • Enter plan name, Throttling criteria, etc and click next.
  • Select the API and Stage (on which we have deployed our APIs in Step 2), click next.
  • Now it will ask you to add API Key (which we created in Step 3). Request with on these API keys will be allowed to the API and the stage combination you have select with the usage policies (throttling, request per month, etc) we have defined so far.
  • Now, We will go back and modify our resource created in Step 2 to enforce and restrict access with the valid API Keys only.
Click on “Method Request”
  • Set “API Key Required” value to “true”.
Set it to true and click on a small tick icon next to the dropdown to save it.

And we are done! 🎉

Some additional info:

  • Logging: The most important part.
    There is an option to configure and capture logs at both the levels— API Gateway and Lambda function. You can make a group in Amazon CloudWatch and capture them there.
  • You must have seen these option in between while configure this setup with me so far. I trust you! :)

Conclusion:

  • We have successfully created (1) Lambda function, (2) Defined our REST API endpoint in API Gateway, (3) Set the Lambda function as downstream system for your APIs (4) Set stages for deployment and deployed our APIs there (5) Set the Usage Plan (criteria) and Authentication of our APIs.
  • In order to access the APIs, a client can only request using the allowed API keys which we have generated and provided to them, and similarly we can revoke its access anytime.
  • We have ensured that we are not loading our system (and maybe on, 3P app or some storage system your lambda function is talking to) and have defined throttling as per the same, guarding us from DDoS attack as well.

Thank you! :)

AWS
AWS Lambda
DevOps
Rest Api
Nodejs

--

--

Shubham Arora
The Startup

Written by Shubham Arora

51 Followers
Writer for

Programmer | Web Explorer | Dabbler | JavaScript & Python Guy | Currently @Intuit, Ex-@MakeMyTrip Ex-@OYORooms

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams