AWS API Gateway

1. Introduction

AWS API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. 

2. Reference

Creating an oauth2 custom lamda authorizer for use with Amazons (AWS) API Gateway using Hydra

Using javascript (Node.js)

https://blogs.edwardwilde.com/2017/01/12/creating-an-oauth2-custom-lamda-authorizer-for-use-with-amazons-aws-api-gateway-using-hydra/

2. Setting up custom domain name for REST API

Reference > https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html


After deploying the API Gateway,eg applying terraform , the API can be invoked using the default base URL of the following format:

https://<api-id>.execute-api.<region>.amazonaws.com/<stage>


The API Gateway ID can be found in AWS "API Gateway" (eg: a1jeu0zg27) or, if so configured, int he output of terraform:

api-gw-deployment_invoke_url = "https://a1jeu0zg27.execute-api.eu-west-1.amazonaws.com/pre"


For adding a custom domain, go to AWS Route 53 and create a new entry of type CNAME with the value of the API Gateway hostname:

a1jeu0zg27.execute-api.eu-west-1.amazonaws.com

3. Lambda authorizer

Eg: fpdefense (Python), sixqueue (Python)

A Lambda authorizer (formerly known as a custom authorizer) is an API Gateway feature that uses a Lambda function to control access to your API.


Reference:

(Use API Gateway Lambda authorizers) > https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html

(Creating an oauth2 custom lamda authorizer for use with Amazons (AWS) API Gateway using Hydra) [Node.js, JavaScript] > https://blogs.edwardwilde.com/2017/01/12/creating-an-oauth2-custom-lamda-authorizer-for-use-with-amazons-aws-api-gateway-using-hydra/


Implementation idea: