Routes in API Gateway

View Code

This example create an API Gateway which responds to requests using different sources:

1. Static files from a directory
2. Lambda Function
3. HTTP Proxy

When you’re finished, you’ll be familiar with how to configure routes in API Gateway using the RestAPI.

Prerequisites

1. Install Pulumi
2. Configure AWS Credentials
3. Install Go

Deploy the App

Step 1: Create a directory and cd into it

For Pulumi examples, we typically start by creating a directory and changing into it. Then, we create a new Pulumi project from a template. For example, azure-javascript.

1. Install prerequisites:

   go install
   

2. Make Lambda handlers:

   make
   

3. Create a new Pulumi stack:

   pulumi stack init
   

4. Configure the AWS region to deploy into:

   pulumi config set aws:region us-east-2
   

5. Deploy the Pulumi stack:

   pulumi up
   

Step 2: Test your API

Use the example CURL commands to test the API responses.

$ curl -w '\n' "$(pulumi stack output url)static"
<h1>Hello Pulumi!</h1>

$ curl -w '\n' "$(pulumi stack output url)lambda"
Hello, API Gateway!

$ python3 -m webbrowser "$(pulumi stack output url)proxy"
# Opens a page looking like Google in your browser

$ curl -w '\n' "$(pulumi stack output url)swagger"
{
  "uuid": ...
}

$ curl -w '\n' -H "Authorization: HEADER.PAYLOAD.SIGNATURE" "$(pulumi stack output url)cognito-authorized"
{"message":"Unauthorized"}

$ curl -w '\n' -H "Authorization: goodToken" "$(pulumi stack output url)lambda-authorized"
Hello, API Gateway!

$ curl -w '\n' -H "Authorization: badToken" "$(pulumi stack output url)lambda-authorized"
{"message": "404 Not found" }

$ curl -w '\n' "$(pulumi stack output url)lambda-authorized" # No token
{"message":"Unauthorized"}

$ curl -w '\n' "$(pulumi stack output swagger-url)"
{
  "uuid": ...
}

$ curl -w '\n' -H "x-api-key: $(pulumi stack output apiKeyValue --show-secrets)" "$(pulumi stack output url)key-authorized"
Hello, API Gateway!

Testing a valid Cognito token is a little more involved.

1. Create a random password

   PASSWORD=$(curl -s https://www.passwordrandom.com/query?command=password&scheme=Llnn%23rrrrrrrrrr)
   

2. Create a user

   aws cognito-idp sign-up --region $(pulumi config get aws:region) --client-id $(pulumi stack output user-pool-client-id) --username "test@domain.example" --password "$PASSWORD"
   

3. Confirm the user’s account

   aws cognito-idp admin-confirm-sign-up --region $(pulumi config get aws:region) --user-pool-id $(pulumi stack output user-pool-id) --username "test@domain.example"
   

4. Authenticate to create a new session:

   TOKEN=$(aws cognito-idp admin-initiate-auth --region $(pulumi config get aws:region) --user-pool-id $(pulumi stack output user-pool-id) --client-id $(pulumi stack output user-pool-client-id) --auth-flow ADMIN_NO_SRP_AUTH --auth-parameters "{\"USERNAME\":\"test@domain.example\",\"PASSWORD\":\"$PASSWORD\"}")
   

5. Perform authenticated request

   $ curl -w '\n' -H "Authorization: $(echo $TOKEN | jq '.AuthenticationResult.IdToken' -r)" "$(pulumi stack output url)cognito-authorized"
   Hello, API Gateway!
   

Fetch and review the logs from the Lambda executions:

pulumi logs

Set Up Custom DNS

Before you can set up a custom domain you must register a domain name with Route 53.

Configure the stack with your custom DNS information:

pulumi config set domain subdomain.acmecorp.example
pulumi config set dns-zone acmecorp.example

Deploy your stack:

$ pulumi up
...
     Type                               Name                            Plan       
     pulumi:pulumi:Stack                aws-apigateway-ts-routes-dev               
 +   ├─ pulumi:providers:aws            usEast1                         create     
 +   ├─ aws:acm:Certificate             ssl-cert                        create     
 +   ├─ aws:route53:Record              ssl-cert-validation-dns-record  create     
 +   ├─ aws:acm:CertificateValidation   ssl-cert-validation             create     
 +   ├─ aws:apigateway:DomainName       api-domain-name                 create     
 +   ├─ aws:route53:Record              api-dns                         create     
 +   └─ aws:apigateway:BasePathMapping  api-domain-mapping              create    

Test your API is now available on your custom domain:

curl -w '\n' "$(pulumi stack output customUrl)static"

Clean Up

Once you’re finished experimenting, you can destroy your stack and remove it to avoid incurring any additional cost:

pulumi destroy
pulumi stack rm

Summary

In this tutorial, you deployed an API with different route configurations. Now you can use these patterns to build real APIs which connect to other services.