Git Product home page Git Product logo

cognito-api-gateway-cfn's Introduction

This repository contains the collection of CloudFormation templates and codes to deploy

  • cognito
  • services
  • api-gateway

The samples included is not full proof solution but just meant to show the proof of concept for creating cognito based authorization for microservices based on lambdas. Following is the architecture diagram of the components being created by this sample. apigateway

Below is the directory structure of the CloudFormation tempaltes. The integers in the directory names signify the sequence of the stack creation for the sake of ease.

  • Readme.md is for the documentation
  • 01-cognito folder contains necessary files to create cognito userpool
  • 01-services folder contains two lambda services(happy-world/hello-world) that when plugged behind api-gateway gives a basic response. 01 integer number means both cognito/services can be deployed in first step independent of each other.
  • 02-api-gateway creates api gateway with congito authorizes which requires us to Authorization: header to pass in the requests. It also creates two GET methods /v1/happy and /v1/hello and integrates two lambdas created by 01-services stacks.

NOTE: The 02-api-gateway makes uses of the nested stack to create decoupled cloudformation templating. - parent stack creates api gateway, authorizer, stage and other stacks that are common to api-gateway - child stack 1 where resources specifics to happy-world API resources - child stack 2 where resources specifics to hello-world API resources

├── Readme.md
└── components
    ├── 01-cognito
    ├── 01-services
    │   └── happy-world
    │   └── hello-world
    └── 02-api-gateway
        └── apis
            └── happy-world-v1.yaml
            └── world-world-v1.yaml

Creating Stack

Export necessary environment variables

  • Export environment variables
export CFN_BUCKET=sam-bucket #bucket name to host the sam and nested templates
export AWS_PROFILE=sandbox #name of the aws profile to used while launching stacks
export AWS_REGION=us-east-1 # AWS Region
export NAMESPACE=balman #valid string to provide simple naming of the stacks

01. Cognito

  • Create the stack
make -C components/01-cognito create-stack

OR

cd components/01-cognito
aws cloudformation create-stack --stack-name ${NAMESPACE}-cognito-userpool --template-body file://stack.yaml --parameters ParameterKey=Namespace,ParameterValue=${NAMESPACE} --profile ${AWS_PROFILE} --region ${AWS_REGION}

01. Services

Create all the backend services here. Right now in this scope I have created two basic lambda services called happy-world and hello-world that returns "Happy World!!" and "Hello World!!" when plugged behind APIGateway.

Deploy happy-world lambda
make -C components/01-services/happy-world deploy

OR

cd components/01-services/happy-world
sam package --template-file stack.yaml --output-template-file packaged.yaml --s3-bucket ${CFN_BUCKET}--profile ${AWS_PROFILE} --region ${AWS_REGION}
sam deploy --template-file packaged.yaml --stack-name ${NAMESPACE}-happy-world-lambda --capabilities CAPABILITY_IAM --parameter-overrides EnvironmentType=production Namespace=${NAMESPACE} --profile ${AWS_PROFILE} --region ${AWS_REGION}
Deploy hello-world lambda
make -C components/01-services/hello-world deploy

OR

cd components/01-services/hello-world
sam package --template-file stack.yaml --output-template-file packaged.yaml --s3-bucket ${CFN_BUCKET}--profile ${AWS_PROFILE} --region ${AWS_REGION}
sam deploy --template-file packaged.yaml --stack-name ${NAMESPACE}-hello-world-lambda --capabilities CAPABILITY_IAM --parameter-overrides EnvironmentType=production Namespace=${NAMESPACE} --profile ${AWS_PROFILE} --region ${AWS_REGION}

02. APIGateway

make -C components/02-api-gateway  deploy

OR

aws cloudformation package --template-file stack.yaml --s3-bucket ${CFN_BUCKET} --output-template-file packaged.yaml --profile ${AWS_PROFILE} --region ${AWS_REGION}
aws cloudformation deploy --stack-name ${NAMESPACE}-api-gateway-ecr --template-file packaged.yaml --parameter-overrides Namespace=${NAMESPACE} --capabilities CAPABILITY_IAM --profile ${AWS_PROFILE} --region ${AWS_REGION}

02. Verify

  • Generate the AcessToken by using the Cognito URLs
  • curl -H "Authorization: Bearer " OR POSTMAN

Full Demo Gif

apigateway

cognito-api-gateway-cfn's People

Contributors

rbalman avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.