1

On EC2 server we have different instances of the same API hosted on different port. Like

http://localhost:9000/api/v1/customer
http://localhost:9001/api/v1/customer
http://localhost:9002/api/v1/customer

These endpoints are not exposed publicly. But each endpoint is unique to our client.

Now our clients wants to access customer information using REST API. So i am trying to use AWS API Gateway to create publicly exposed REST API. Idea is to once the authenticated request is received from the client then just passthrough the request to proper endpoint.

I have created IAM user for each client so each client has its own access key and secret key. Then in AWS API Gateway console i have created a new REST API, Configure Method Request to use AWS_IAM authorization. Now i have to configure Integration Request.

How do i choose proper endpoint based on IAM user in Integration Request?

LP13
  • 30,567
  • 53
  • 217
  • 400

1 Answers1

3

API Gateway does not support conditional routing based on input parameters at this time. This is something we may support in the future, but I have no time table for when it would be available.

How many clients do you need to support? If you don't have too many you can probably handle this with an individual stage per client and use stage variables. The variable in this case would be the server port.

You would then grant each IAM user permissions to only the stage you have configured for that client.

Note, there is a limit on the number of stages per rest api, and while it can be increased, it cannot increased indefinitely. If you expect to need to use this method for more than ~50 clients you will want to consider using individual resources or rest apis per client instead.

Bob Kinney
  • 8,870
  • 1
  • 27
  • 35
  • i will probably then use lambda function to route the call based on incoming API Key from client. However i am having mapping issue as mentioned here https://stackoverflow.com/questions/53964951/how-to-map-querystring-and-header-to-aws-c-sharp-lambda-function-parameter – LP13 Dec 28 '18 at 22:31
  • is there any way to configure Tag for `IAM` user and then use that Tag value in the endpoint URl. – LP13 Jan 02 '19 at 21:57
  • As already stated, the only way to achieve this is with stage variables. There is no mechanism to construct a variable integration URL. What is driving the need to run the clients on different ports? – Bob Kinney Jan 03 '19 at 04:56
  • it allows only 10 statges per REST api. So it will not work. Looks like I have to create Lambda function that will route request – LP13 Jan 08 '19 at 17:47
  • So lambda will actually return full url. Can we map response from lambda to endpoint or otherwise lambda has to invoke endpoint inside – LP13 Jan 08 '19 at 17:59