AWS API Gateway
Overview
One of the possible implementation methods for gating access to features in backend applications can be achieved by deploying an Amazon API Gateway that controls all the incoming traffic to your application. In this tutorial, we’ll implement a slim authorizer lambda that leverages Stigg’s SDK for feature gating.
Example
Lets take the Example project and consider that its backend servers are behind HTTP API. As part of this example we will implement a Lambda authorizer for HTTP APIs for feature gating.
Mapping REST endpoints to Stigg features
The first step is to define which Stigg feature protects the REST endpoints. In our example, there are 3 features that protects the following REST endpoints:
Stigg feature | Stigg feature type | Protected REST endpoints |
---|---|---|
feature-collaborators | Fluctuating | POST /api/collaborators/``DELETE /api/collaborators/:email``POST /api/collaborators/add-seats |
feature-todos | Fluctuating | GET /api/todos/``POST /api/todos/``PUT /api/todos/:id``DELETE /api/todos/:id |
feature-update-todo | Boolean | PUT /api/todos/:id |
Note that PUT /api/todos/:id
is protected by 2 different features.
Let’s translate this table into code, for simplicity we will focus on PUT /api/todos/:id
route only, since it’s protected by 2 entitlements.
The rest of the routes will be included in the full source code attached at the end of the article
We will add the features definitions along with their fallback:
Then add the route definition:
Implementing the authorizer lambda
Next, lets compose a simple lambda handler:
Next, lets implement the checkRouteEntitlements
function:
The implementation of the inner functions was omitted for simplicity, and will be included in the full source code attached at the end of the article
The high-level steps of the authorizer logic:
- Validate input arguments.
- Find stigg customer ID (extract it from the authorization header / DB).
- Find the route definition of the requested route.
- Iterate over all requested route entitlements and check them agains Stigg.
Source code
For your convenience, we prepared a sample project demonstrate Stigg integration with API Gateway. It’s provisioned by Terraform, so it can be easily spin up to check it out.
You can find the source code of an example for API gateway integration in GitHub👇
AWS API Gateway Example
Example integration of Stigg with AWS API Gateway using a Lambda authorizer.