888-685-3101, ext. 2

Integrate AWS Service with API Gateway

by | Nov 29, 2023 | AWS, Blog | 0 comments

Integrate AWS Service with API Gateway

Overview

With AWS integration, you can create an API Gateway to expose other AWS services, such as Amazon SNS, Amazon S3, Amazon Kinesis, and AWS Lambda.

To integrate AWS Simple Notification Service (SNS) with Amazon API Gateway, you can set up a combination of AWS services that allow you to send notifications (e.g., SMS messages or emails) when specific API Gateway events occur.

In this blog, we will create an API to expose Amazon SNS. Amazon SNS is a managed messaging service that allows you to decouple publishers from subscribers. This is useful for application-to-application messaging, microservices, distributed systems, and serverless applications.

Step 1: Create an SNS Topic

  1. Log in to your AWS Management Console.
  2. Navigate to the AWS SNS service.
  3. Click on “Topics” in the left-hand navigation pane.
  4. Click the “Create topic” button.
  5. Give your topic a name and a display name, and optionally, add any other desired settings.
  6. Click “Create topic.”
Integrate AWS Service with API Gateway SNS Settings
AWS Service selected is SNS
Integrate AWS Service with API Gateway Create a Topic
Create a Topic
Integrate AWS Service with API Gateway Subscriptions
Integrate AWS Service with API Gateway Create a Subscription
Integrate AWS Service with API Gateway Customer Topic

Step 2: Create an API in the API Gateway

  1. Navigate to the AWS API Gateway service.
  2. Click “Create API.”
  3. Choose “HTTP API” or “REST API,” depending on your use case. HTTP APIs are typically more suitable for simple use cases.
  4. Configure your API settings, including the name and any other desired options.
  5. Click “Create.”
Integrate AWS Service with API Gateway Create a New API
Create a New API

Step 3: Create a Resource and Method in the API Gateway

  1. Click “Routes” or “Resources” in the left-hand navigation pane in your newly created API.
  2. Click “Create Resource” and give it a name.
  3. Under the resource, click “Create Method” and choose a method (e.g., POST) that you want to use to trigger the SNS topic.
  4. Configure the method settings as needed.
Integrate AWS Service with API Gateway Resource Method
Integrate AWS Service with API Gateway New Child Resource

Step 4: Create the AWS Service Proxy Execution Role

In this step, you create an IAM role that your AWS service proxy uses to interact with the AWS service. We call this IAM role an AWS service proxy execution role. Without this role, API Gateway cannot interact with the AWS service. In later steps, you specify this role in the settings for the GET method you just created.

To create the AWS service proxy execution role and its policy:

1.Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/

Choose Policies.

Integrate AWS Service with API Gateway Policies

Do one of the following:

  • If the Welcome to Managed Policies page appears, choose Get Started and Create Policy.
  • If a list of policies appears, choose Create policy.
  • Choose JSON and then enter the following text.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Resource": [
"*"
],
"Action": [
"sns:ListTopics"           
]       
}    
]
}
  • Choose Review policy.
  • For name, enter APIGatewayAWSProxyPolicy.
  • Choose Create policy.
  • Choose Roles.
  • Choose Create Role.
Integrate AWS Service with API GatewaySelect Trusted Entity
  • Select AWS Service under Select type of trusted entity, then choose API Gateway and Allows API Gateway to push logs to CloudWatch Logs.
  • Choose Next: Permissions.
  • Choose Next: Tags.
  • Choose Next: Review.
  • For Role Name, enter APIGatewayAWSProxyExecRole, and then choose Create role.
  • In the Roles list, choose the role you just created. You should scroll down the list.
  • For the selected role, select the Add Permissions tab.
  • Choose Attach policies from the dropdown list.
  • Select the APIGatewayAWSProxyPolicy policy you created earlier and choose Add permissions.
  • The role you just created has the following trust relationship that enables API Gateway to assume the role for any actions permitted by the attached policies:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": "apigateway.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

For Role ARN, note the Amazon Resource Name (ARN) for the execution role. You need it later. The ARN should look similar to arn:aws:iam::123456789012:role/APIGatewayAWSProxyExecRole, where 123456789012 is your AWS account ID.

Step 5: Create an Integration for the Method

  1. In the method settings, click on “Integration.”
  2. Choose “AWS Service” as the integration type.
  3. Choose “Simple Notification Service (SNS)” as the AWS service.
  4. Select the region where your SNS topic is located.
  5. In the “Action ” field, select “ListTopics.”
  6. In the “Execution role” field, enter the ARN of the Role created in Step 3
  7. Click “Save.”
Integrate AWS Service with API Gateway Choose Integration Point
Integrate AWS Service with API Gateway Method Execution
Integrate AWS Service with API Gateway Method Test

Step 6: Deploy Your API

  1. Click “Deployments” in the left-hand navigation pane in the API Gateway console.
  2. Click “Create” to create a new deployment stage.
  3. Choose a stage name (e.g., “prod”).
  4. Click “Deploy.”
Integrate AWS Service with API Gateway Deploy API

Step 7: Test Your Integration

  1. After deploying your API, you’ll receive an Invoke URL. This URL can be used to trigger the integration.
  2. Use a tool like curl, Postman, or any programming language to make a GET request to the Invoke URL with the desired payload.

For example, if your API Gateway URL is https://your-api-id.execute-api.your-region.amazonaws.com/prod/resource, you can send a GET request to this URL:

https://2b4en8dute.execute-api.us-east-1.amazonaws.com/prod/notification

Integrate AWS Service with API Gateway Test Integration

Step 8: Monitor Your SNS Topic

  1. Go back to the SNS service in the AWS Management Console.
  2. Click on your SNS topic.
  3. Under “Subscriptions,” you can see the subscriptions to your topic. Verify that your API Gateway integration is listed here.

You’ve successfully integrated AWS SNS with API Gateway. When you send a POST request to your API, it will trigger a message to be published to the SNS topic you created

Step 9: Clean up

You can delete the IAM resources the AWS service proxy needs to work.

To delete the associated IAM resources:

  1. Open the IAM console at https://console.aws.amazon.com/iam/
  2. In the Details area, choose Roles.
  3. Select APIGatewayAWSProxyExecRole, and then choose Role Actions, Delete Role. When prompted, choose Yes, Delete.
  4. In the Details area, choose Policies.
  5. Select APIGatewayAWSProxyExecPolicy, and then choose Policy Actions, Delete. When prompted, choose Delete.

Conclusion

In this blog, you learn how to integrate an API Gateway with the AWS service, which lets you focus on your applications instead of spending time provisioning and managing servers.

This exercise should take about 20 minutes, and we used the AWS Free Tier services. (http://aws.amazon.com/free)

Contact us today for questions or learn about our AWS Managed Services.

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share This