Forum Discussion

sandesh007's avatar
sandesh007
Occasional Contributor
9 years ago

How to integrate with Amazon API gateway?

I have swagger api and i want to use amazon api gateway to secure it? Where do I start?

fehguy

  • fehguy's avatar
    fehguy
    9 years ago

    Then I suggest using the proxy to secure it.  Please see my previous note about how to see the API in the Gateway UI, once you have the push successful, it is easy to add tokens, etc. to secure it.

  • sandesh007's avatar
    sandesh007
    9 years ago

    So I will need to publish after all that we have done to push, am I right? Coz I still don't see it in aws console?

    How do I make sure it is pushed to aws?

  • sandesh007's avatar
    sandesh007
    9 years ago

    The email id associated with my swaggerhub account is not on github? Coz I followed the steps and I cant see api in aws console? I am using credential of user ( swaggerhub user which was created ) so can that swagger hub user can see that api? I have followed the procedure for more than 20 times but I can't see anything in aws api gateway under apis?

     

    I must be doing something silly but really not sure what?

  • sandesh007's avatar
    sandesh007
    Occasional Contributor
    9 years ago

    This is what I have done so far.

     

    I could import my api definition which is at https://swaggerhub.com/api/sandy007/ffnodeapi/1.0.0

     

    And then I went to Manage Integrations => selected Amazon API Gateway

    But I am not sure which all details should I be entering 

    I have entered my AWS Access Key and AWS Secret Key but still cant see this api in my AWS console.

     

    I am very helpless at the moment as this needs to be met on immediate basis.

     

    • fehguy's avatar
      fehguy
      Staff
      9 years ago

      Hi, you'll need to add all the values in the form, they are really specific to AWS.  Specifically:

       

      * AWS Region.  Note you need to choose a region which supports AWS Gateway, such as US-WEST-2 or US-EAST-1.

      * API ID can be left blank

      * Publish mode.  This means, if your API already exists, you can "merge" changes or overwrite.  We suggest always using "overwrite".

      * Deployment mode.  This lets you "push on save" or disable the integration altogether.  Sometimes you don't want to push every single time, so choosing "never" will prepare your definition to be saved, but not actually save it on AWS

      * Execution role.  This tells SwaggerHub how to create lambda functions.  Please read the permissions model for Lambda in the Amazon docs.  It is suggested that you create a role in the EC2 console first by choosing "Account / Security Credentials", then "Roles".  Create a new role with a trust policy like this:

       

      {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "lambda.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

      After creating the role, you'll see something called a "Role ARN" which is in the format of 

      arn:aws:iam::XXXXXXXXXXX:role/YYYYYYYY
       
      where XXXXXXXXXXX is your account number, and YYYYYYYY is your role name.  Enter that in the SwaggerHub "Execution role"
       
      Then save.  If there's an issue pushing to AWS, you'll see an error email (make sure your email address in SwaggerHub is valid!).
       
      When verifying your connection, please make sure you're in the correct region in the AWS EC2 console.
       
      • sandesh007's avatar
        sandesh007
        Occasional Contributor
        9 years ago

        Hey fehguy ,

         

        I created role on EC2 but I can't see  SwaggerHub "Execution role" to enter. Other than that I have followed everything.

         I have kept Base path Mode as blank and Address of the server to Proxy to should be the IP or the whole url where the api is hosted ( with public IP).

         

         

         

        Please suggest.

    • ponelat's avatar
      ponelat
      Staff
      9 years ago

      Still waiting for the Backend guys to come online... they're in Pacific Time, so it'll still be a little bit longer.

       

      I recall the need to set the basePath, have you tried that?

      basePath = prepend ( inside the Integration modal for Amazon Gateway )

       

       

      If you're still stuck, you can always import the API from within Gateway... https://www.youtube.com/watch?v=2LT5mHqKL7g

      Your spec's path would be.. https://api.swaggerhub.com/apis/sandy007/ffnodeapi/1.0.0

       

      Hopefully the cavalry will be here soon ;)