Creating a Secure AWS Lambda Function with API Gateway

Serverless architecture is gaining immense popularity in the world of cloud computing. AWS Lambda functions offer a powerful way to execute code in response to various events. In this tutorial, we’ll walk through the steps to create a Lambda function, configure an API Gateway to connect to the function and secure the API call with an API key.

Prerequisites

Before we start, make sure you have an AWS account set up and configured.

Step 1: Creating a Lambda Function

1. Set Your Region: Ensure you’ve selected the appropriate AWS region for your Lambda function.
2. Create a Function: Start by creating a new Lambda function. Give it a name and choose the runtime (in this case, we’re using Python).
3. Code Configuration: After the function is created, you’ll see various tabs, including “Code.” Here, you can enter your custom code.
4. Testing: For a quick test, click on the “Test” tab. Add an event with a name, keep it private, and save it. Then, click the “Test” button. You should receive a status code of 200.

Step 2: Setting up API Gateway

1. Choose API Type: We’ll use the AWS API Gateway to create a REST API for full control over requests.
2. Build Your API: Click on “Build.”
3. Create a New API: Give your API a name, and select “Create API.” Make sure to keep the API endpoint type as “regional.”
4. Creating a Resource: After creating an API, you’ll need to create a resource. Click “Create Resource” and define it.
5. Creating a Method: To link this resource to your Lambda function, create a method. Choose the method type (GET or POST) and integration type as “Lambda Function.” Select your region and the Lambda function.
6. Deploy Your API: If you have an existing stage, you can select it. If not, create a new one.
7. Deployment: Click “Deploy API,” select or create a stage, and deploy the endpoint. You’ll find the invoke URL for this stage under the “Stage” option.

Step 3: Adding API Key for Security

Now, let’s add an API key for security:

1. API Gateway: Go back to your API Gateway configuration.
2. API Keys: Click on “API Keys.” You can create a new one or use an existing one.
3. Create API Key: To create a new API key, click on “Create API Key.” Give it a name, and you can choose to auto-generate the key.
4. Copy the Key: After creating the key, you can find it under “API Key Detail.” Copy this key; you’ll need it later.
5. Usage Plan: You should add this key to a usage plan first. If you don’t have one, create it.
6. Usage Plans: Click on “Usage Plans,” then “Create Usage Plan.” Add a name and specify the number of calls to the endpoint. Create the usage plan.
7. Attach Key to Plan: Go back to “API Keys” and attach the key to the usage plan.
8. Securing the Endpoint: Now, add this key to your API endpoint to ensure that it won’t work without it. Click on your endpoint (e.g., a GET request), enable the API key, save it, and deploy the API.
9. Testing with API Key: Add the key to your requests by including it in the header with the key x-api-key. Run the request again, and you should receive the response.

Congratulations! You’ve successfully created a secure AWS Lambda function with an API Gateway, ensuring that your function remains protected from unauthorized access.

Also if you want to deploy your serverless Python application using docker and elastic container registry, follow the below link for a reference.

Feel free to contact me here on Linkedin, Follow me on Instagram, and leave a message (Whatsapp +923225847078) in case of any queries.

Happy learning!