Api gateway for Microservices with Google Cloud Functions

Question

Inputs

For example, we have a few services.

1. Account service
2. Product service
3. Payment service

Each service is a separate Google Cloud Function. Each service has its own HTTP API. For example, the account service has:

1. https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/account/sign-up
2. https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/account/sign-in
3. https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/account/reset-password
4. etc

Each service has its own swagger documentation endpoint /docs.

Question

How can I make my Cloud Functions private (without public access) and place them behind some API Gateway?

Notes

Google offers Endpoints for Cloud Functions (see https://cloud.google.com/endpoints/docs/openapi/get-started-cloud-functions ). But, as I understand it, Endpoints allow you to define only the yaml OpenAPI file.

In this yaml file, I can define something like this:

swagger: '2.0'
info:
  title: Cloud Endpoints + GCF
  description: Sample API on Cloud Endpoints with a Google Cloud Functions backend
  version: 1.0.0
host: HOST
schemes:
  - https
produces:
  - application/json
paths:
  /hello:
    get:
      summary: Greet a user
      operationId: hello
      x-google-backend:
        address: https://REGION-FUNCTIONS_PROJECT_ID.cloudfunctions.net/helloGET
      responses:
        '200':
          description: A successful response
          schema:
            type: string

But in my case, I need to have ability to proxy my cloud functions (like reverse proxy).

Answer 1

You should use Google Cloud Endpoints.

Extensible Service Proxy is one of Endpoints components and is exactly what is needed in your case.

The Extensible Service Proxy (ESP) is a high-performance, scalable proxy that runs in front of an OpenAPI or gRPC API backend and provides API management features such as authentication, monitoring, and logging.

You might also find this link useful: Configuring and Deploying an API