Add a LambdaRestApi construct to your stack
Going back to lib/cdk-workshop-stack.ts, let’s define an API endpoint and associate it with our Lambda function:
import * as cdk from 'aws-cdk-lib';
import * as lambda from 'aws-cdk-lib/aws-lambda';
import * as apigw from 'aws-cdk-lib/aws-apigateway';
export class CdkWorkshopStack extends cdk.Stack {
constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// defines an AWS Lambda resource
const hello = new lambda.Function(this, 'HelloHandler', {
runtime: lambda.Runtime.NODEJS_14_X, // execution environment
code: lambda.Code.fromAsset('lambda'), // code loaded from "lambda" directory
handler: 'hello.handler' // file is "hello", function is "handler"
});
// defines an API Gateway REST API resource backed by our "hello" function.
new apigw.LambdaRestApi(this, 'Endpoint', {
handler: hello
});
}
}
That’s it. This is all you need to do in order to define an API Gateway which proxies all requests to an AWS Lambda function.
cdk diff
Let’s see what’s going to happen when we deploy this:
cdk diff
Output should look like this:
Stack CdkWorkshopStack
IAM Statement Changes
┌───┬───────────────────────────┬────────┬───────────────────────────┬───────────────────────────┬─────────────────────────────┐
│ │ Resource │ Effect │ Action │ Principal │ Condition │
├───┼───────────────────────────┼────────┼───────────────────────────┼───────────────────────────┼─────────────────────────────┤
│ + │ ${Endpoint/CloudWatchRole │ Allow │ sts:AssumeRole │ Service:apigateway.${AWS: │ │
│ │ .Arn} │ │ │ :URLSuffix} │ │
├───┼───────────────────────────┼────────┼───────────────────────────┼───────────────────────────┼─────────────────────────────┤
│ + │ ${HelloHandler.Arn} │ Allow │ lambda:InvokeFunction │ Service:apigateway.amazon │ "ArnLike": { │
│ │ │ │ │ aws.com │ "AWS:SourceArn": "arn:${A │
│ │ │ │ │ │ WS::Partition}:execute-api: │
│ │ │ │ │ │ ${AWS::Region}:${AWS::Accou │
│ │ │ │ │ │ ntId}:${EndpointEEF1FD8F}/$ │
│ │ │ │ │ │ {Endpoint/DeploymentStage.p │
│ │ │ │ │ │ rod}/*/" │
│ │ │ │ │ │ } │
│ + │ ${HelloHandler.Arn} │ Allow │ lambda:InvokeFunction │ Service:apigateway.amazon │ "ArnLike": { │
│ │ │ │ │ aws.com │ "AWS:SourceArn": "arn:${A │
│ │ │ │ │ │ WS::Partition}:execute-api: │
│ │ │ │ │ │ ${AWS::Region}:${AWS::Accou │
│ │ │ │ │ │ ntId}:${EndpointEEF1FD8F}/t │
│ │ │ │ │ │ est-invoke-stage/*/" │
│ │ │ │ │ │ } │
│ + │ ${HelloHandler.Arn} │ Allow │ lambda:InvokeFunction │ Service:apigateway.amazon │ "ArnLike": { │
│ │ │ │ │ aws.com │ "AWS:SourceArn": "arn:${A │
│ │ │ │ │ │ WS::Partition}:execute-api: │
│ │ │ │ │ │ ${AWS::Region}:${AWS::Accou │
│ │ │ │ │ │ ntId}:${EndpointEEF1FD8F}/$ │
│ │ │ │ │ │ {Endpoint/DeploymentStage.p │
│ │ │ │ │ │ rod}/*/{proxy+}" │
│ │ │ │ │ │ } │
│ + │ ${HelloHandler.Arn} │ Allow │ lambda:InvokeFunction │ Service:apigateway.amazon │ "ArnLike": { │
│ │ │ │ │ aws.com │ "AWS:SourceArn": "arn:${A │
│ │ │ │ │ │ WS::Partition}:execute-api: │
│ │ │ │ │ │ ${AWS::Region}:${AWS::Accou │
│ │ │ │ │ │ ntId}:${EndpointEEF1FD8F}/t │
│ │ │ │ │ │ est-invoke-stage/*/{proxy+} │
│ │ │ │ │ │ " │
│ │ │ │ │ │ } │
└───┴───────────────────────────┴────────┴───────────────────────────┴───────────────────────────┴─────────────────────────────┘
IAM Policy Changes
┌───┬────────────────────────────┬─────────────────────────────────────────────────────────────────────────────────────────┐
│ │ Resource │ Managed Policy ARN │
├───┼────────────────────────────┼─────────────────────────────────────────────────────────────────────────────────────────┤
│ + │ ${Endpoint/CloudWatchRole} │ arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs │
└───┴────────────────────────────┴─────────────────────────────────────────────────────────────────────────────────────────┘
(NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299)
Resources
[+] AWS::ApiGateway::RestApi Endpoint EndpointEEF1FD8F
[+] AWS::ApiGateway::Deployment Endpoint/Deployment EndpointDeployment318525DA37c0e38727e25b4317827bf43e918fbf
[+] AWS::ApiGateway::Stage Endpoint/DeploymentStage.prod EndpointDeploymentStageprodB78BEEA0
[+] AWS::IAM::Role Endpoint/CloudWatchRole EndpointCloudWatchRoleC3C64E0F
[+] AWS::ApiGateway::Account Endpoint/Account EndpointAccountB8304247
[+] AWS::ApiGateway::Resource Endpoint/Default/{proxy+} Endpointproxy39E2174E
[+] AWS::Lambda::Permission Endpoint/Default/{proxy+}/ANY/ApiPermission.CdkWorkshopStackEndpoint018E8349.ANY..{proxy+} EndpointproxyANYApiPermissionCdkWorkshopStackEndpoint018E8349ANYproxy747DCA52
[+] AWS::Lambda::Permission Endpoint/Default/{proxy+}/ANY/ApiPermission.Test.CdkWorkshopStackEndpoint018E8349.ANY..{proxy+} EndpointproxyANYApiPermissionTestCdkWorkshopStackEndpoint018E8349ANYproxy41939001
[+] AWS::ApiGateway::Method Endpoint/Default/{proxy+}/ANY EndpointproxyANYC09721C5
[+] AWS::Lambda::Permission Endpoint/Default/ANY/ApiPermission.CdkWorkshopStackEndpoint018E8349.ANY.. EndpointANYApiPermissionCdkWorkshopStackEndpoint018E8349ANYE84BEB04
[+] AWS::Lambda::Permission Endpoint/Default/ANY/ApiPermission.Test.CdkWorkshopStackEndpoint018E8349.ANY.. EndpointANYApiPermissionTestCdkWorkshopStackEndpoint018E8349ANYB6CC1B64
[+] AWS::ApiGateway::Method Endpoint/Default/ANY EndpointANY485C938B
Outputs
[+] Output Endpoint/Endpoint Endpoint8024A810: {"Value":{"Fn::Join":["",["https://",{"Ref":"EndpointEEF1FD8F"},".execute-api.",{"Ref":"AWS::Region"},".",{"Ref":"AWS::URLSuffix"},"/",{"Ref":"EndpointDeploymentStageprodB78BEEA0"},"/"]]}}
That’s nice. This one line of code added 12 new resources to our stack.
cdk deploy
Okay, ready to deploy?
cdk deploy
Stack outputs
When deployment is complete, you’ll notice this line:
CdkWorkshopStack.Endpoint8024A810 = https://xxxxxxxxxx.execute-api.us-east-1.amazonaws.com/prod/
This is a stack output that’s automatically added by the API Gateway construct and includes the URL of the API Gateway endpoint.
Testing your app
Let’s try to hit this endpoint with curl. Copy the URL and execute (your prefix and region will likely be different).
If you don’t have curl installed, you can always use your favorite web browser to hit this URL.
curl https://xxxxxxxxxx.execute-api.us-east-1.amazonaws.com/prod/
Output should look like this:
Hello, CDK! You've hit /
You can also use your web browser for this:
If this is the output you received, your app works!
What if it didn’t work?
If you received a 5xx error from API Gateway, it is likely one of two issues:
- The response your function returned is not what API Gateway expects. Go back and make sure your handler returns a response that includes a statusCode, body and header fields (see Write handler runtime code).
- Your function failed for some reason. To debug this, you can quickly jump to this section to learn how to view your Lambda logs.
'AWS > CDK' 카테고리의 다른 글
| [AWS CDK] DEFINE THE HITCOUNTER API (0) | 2022.03.29 |
|---|---|
| [AWS CDK] Writing Constructs (0) | 2022.03.29 |
| [AWS CDK] CDK WATCH (0) | 2022.03.29 |
| [AWS Lambda] Basic Lambda Installation and Use (0) | 2022.03.29 |
| [AWS CDK] CDK DEPLOY (0) | 2022.03.26 |