In this step, you configure Private REST API in API Gateway which calls Lambda function as the backend.
-
In the API Gateway Console, click on the Build button for the REST API Private.
-
On the next screen, select New API option. Type in dojoapi for the API Name. Select Private for the endpoint type. Type in VPC Endpoint id you made note of when you created endpoint in the default VPC. Finally, click on the Create API button.
-
The API is created in no time. On the next screen, click on the Create Method option under the Action menu.
-
On the next screen, select GET as the method and click on the confirmation icon.
-
The method is created in no time. On the next screen, select Lambda Function option for the integration type and select dojofunction for the Lambda Function. Keep rest of the configuration to the default and click on the Save button.
-
It will throw a popup asking API Gateway permission to call the Lambda function. Click on the OK button.
-
The method is updated. Under the API menu in the left, select Resource Policy option.
-
On the next screen, copy-paste the below policy and click on the Save button. You can make resource policy very restrictive but right now it is allowing API invoke operation by anyone.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": "execute-api:Invoke", "Resource": "*" } ] }`
-
The resource policy is updated. Go back to the API details and click on the Deploy API option under the Action menu.
-
It will throw popup to configure the deployment stage. Select [New Stage] as the deployment stage. Type in dev for the stage name and click on the Deploy button.
-
The API is deployed to the dev stage. Make note of the API ID and Invoke URL. You will need it later when calling the API.
-
The API is deployed and ready. In the next step, you configure AWS Cloud9 Environment which is used to call the API privately using the Python based code from within the default VPC.