TYK API Gateway to AWS API Execute Gateway + Lambda

TYK API Gateway does not provide a simple integration for invoking Lambda and I remember reading Kong does.  In any case, this is about how to securely integrate TYK with Lambda - Or in general, consuming internal/private AWS Api gateway in your application.

 Here are the high-level steps 

 1) Create a VPC Endpoint for API Gateway - with a security group that allows 443 from the TYK Node/application nodes ( Security-group in the source is the best choice). Note the Endpoint ID (used  for API Gateway Resource Policy) and DNS Name (not the individual AZ but the generic one - to be used for API definition on TYK API Gateway )

 2) Create a Private AWS API gateway - with a nicely tied security group and the resource policy would look something like this ( replace highlighted place holders with your configurations) 

 {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "execute-api:Invoke",
            "Resource": "arn:aws:execute-api:us-west-2:012345678910:yourapiid/*",
            "Condition": {
                "StringEquals": {
                    "aws:sourceVpce": "vpce-yourapiendpointid"
                }
            }
        }
    ]

}

 3) Create the TYK API with Target URL as https://VPCE-DNS noted from step 1 and edit the global settings from endpoint designer to inject an upstream header x-apigw-api-id with value of the yourapiid
4) That's all :). Test your API. Apply appropriate auth mechanism to the TYK API. Have fun 

Comments

Post a Comment

Popular posts from this blog

Open source grid computing software

Few open source grid computing softwares --- quite interesting Gridgain - Completely built on Java with the below key features Advanced Affinity Map/Reduce Annotation-based grid-enabling with AOP SPI-based integration and customization Advanced load balancing and scheduling Pluggable Fault-Tolerance One compute grid - many data grids Zero deployment model JMX-based Management & Monitoring   BOINC A software platform for volunteer computing and desktop grid computing. BOINC is designed to support applications that have large computation requirements, storage requirements, or both. The main requirement of the application is that it be divisible into a large number (thousands or millions) of jobs that can be done independently. BOINC is used by SETI@home   NGrid is an open source (LGPL) grid computing framework written in C#. NGrid aims to be platform independent via the Mono project.
Read more

Effective CPU Utilizing with Parallel Extensions for .NET 3.5

Second CTP (Community Technology Preview) of Parallel Extension for .NET Framework 3.5 was released on June ( 2 nd ) . This enables utilizing of Parallel Hardware for application developed by .NET developers & improves performance as the numbers of cores and processors increases. With just a little bit of learning programmers can easily exploit the benefits of concurrent programming. Normally application would need parallelism for 2 things. a) Data Parallelism: Enables you to break problems into individual parallel units of work by partitioning data, like arrays, lists, loop iterations, or XML files. b) Task Parallelism: Provides more control over the expression of parallelism, enabling you to divide work based on the way your program's logic is grouped into functions and statements. Parallel Extensions for .NET 3.5 gives 2 flavors for Parallelism. Imperative parallelism : requires explicit calls to be made to begin and wait for work to finish. Declarative Parallelism: Hides ...
Read more