Create AWS API skeleton

Posted under » AWS on 27 April 2022

When you want to create an API you are given 4 options

HTTP API
Build low-latency and cost-effective REST APIs with built-in features such as OIDC and OAuth2, and native CORS support
WebSocket API
Build a WebSocket API using persistent connections for real-time use cases such as chat applications or dashboards
REST API
Develop a REST API where you gain complete control over the request and response along with API management capabilities
HTTP API (private)
Create a REST API that is only accessible from within a VPC

Basically, it is either WebSocket or Rest API. The last one is preferred.

To create a REST API we create the Lambda function first, not the other way round.

You will be asked a name and description.

Endpoint, I suggest that you use 'Private' and you can specify your 'VPC id'. This is more secure but more complicated to set up.

Now you have created a skeleton. Then you will need to specify several things.

1.Resources -> action

What API methods are the usual GET, POST, PUT and DELETE etc. Let us create a GET method which is the simplest of them all.

Here, you load your Lambda function.

You might want to deploy it but you may be required to 'set up resource policy first' error.

2.Resource Policy

We can allow access according to

I prefer the VPC Allowlist way. An API resource may look like below
arn:aws:execute-api:us-southeast-1:750123359361:h4d07dt546/stage1

You can harden your API this way and the Lambda permissions.

3. Stages and deploy API

To test GET API you can just use a web browser or Curl. You will not have an endpoint if you have not deployed your API.

$ curl -IX GET https://h4d07dt546.execute-api.ap-southeast-1.amazonaws.com/stage1

To deploy, you need to create a stage

Go to #1. Resources -> action -> deploy. You don't have to click the stage menu.

4. POST API

GET will just call the URL and the API will give out data. POST will allow you to put a payload and insert data at the same time.

A URL or API endpoint will be generated but it may take a few minutes / less than hour before it is propagated through the DNS. It may look like
https://h4d07dt546.execute-api.us-southeast-1.amazonaws.com/stage1 as mentioned earlier.

In Postman lingo, you can send params, headers or payload to get the API content that you want. Params is a appended to the URL like https://h4d07dt546.execute-api.ap-southeast-1.amazonaws.com/stage1?Token=9

Using CURL to deliver POST payload is more difficult so I prefer to use Postman. For JSON payload, you put on the RAW body like this, where Key = Token and value = 9.

{
  "Token": "9"
}

web security linux ubuntu python django git Raspberry apache mysql php drupal cake javascript css AWS