Creating a Serverless API Using API Gateway and Lambda

Creating a Serverless API Using API Gateway and Lambda

Serverless computing is a cloud computing model in which the main characteristic is that the user does not have to rent any virtual machines at all???the entire process of starting a virtual machine, executing the code, returning the result and stopping the virtual machines is handled by the cloud provider. This is more cost-effective than other cloud computing implementations. It also enables the developers to have more focus on developing the business logic, as some parts of the application are handled by the cloud provider.

To start the entire process of executing the code, it must be triggered. A trigger can be either a specific event or a request to an API management system, which then exposed the code as an API endpoint.

One of the most popular serverless services is AWS Lambda, which can be integrated with AWS API gateway to create a serverless REST API. This is a very powerful feature, which we will discuss in this article.

REST API Configuration

Configuration of the API will be handled by Amazon API Gateway. This includes creating the routes, handling input and output formats, authentication and more, while the actual code will be managed by Lambda.

When API Gateway dashboard is opened, create a new API for your Web site. Then, click Actions > Create Resource?to create a new URL path in the API. Each resource can support one or more methods (GET, POST, PUT/PATCH, DELETE), which are added by going to Actions > Create Method.

For example, we can create a resource called “post”, whose path is “/posts” and which has two methods:

  • GET??? fetch all posts
  • POST??? create a new post

At this point, the screen should look something like this:

We also need to handle showing a single post, updating a post and deleting a post. These operations would have a different path in a REST API, which means that a new resource needs to be created. Since the path of this resource would be “/posts/{post_id}”, it would be created as a sub-resource. To do that, first click on “posts” resource, then go to Actions > Create Resource. This resource will have a parameter in the path (ID of the post), which can be achieved by wrapping the parameter name into curly brackets i.e. “/posts/{post_id}”. After creating a resource, add GET, PUT and DELETE methods to it.

Our API now looks like this:

Each method will execute a corresponding AWS Lambda function. Let’s create these functions first, and map them to the appropriate API methods after that.

Create Lambda Functions

Go to AWS Lambda and click “Create a Lambda function”. Next screen allows us to choose the programming language (Node.js or Python) and one of the predefined templates. Choose microservice-http-endpoint and then select you API name on the following page. It is also possible to select blank functionand write it without any premade code.

Finally, we are at the page where the code can be inserted. It is possible to write the function directly on the page or upload it as a zip archive (required if it contains custom libraries). As we have used a predefined template, the function is auto-generated and looks like this:

from __future__ import print_functionimport boto3import jsonprint('Loading function')def respond(err, res=None):    return {        'statusCode': '400' if err else '200',        'body': err.message if err else json.dumps(res),        'headers': {            'Content-Type': 'application/json',        },    }def lambda_handler(event, context):    '''Demonstrates a simple HTTP endpoint using API Gateway. You have full    access to the request and response payload, including headers and    status code.    To scan a DynamoDB table, make a GET request with the TableName as a    query string parameter. To put, update, or delete an item, make a POST,    PUT, or DELETE request respectively, passing in the payload to the    DynamoDB API as a JSON body.    '''    #print("Received event: " + json.dumps(event, indent=2))    operations = {        'DELETE': lambda dynamo, x: dynamo.delete_item(**x),        'GET': lambda dynamo, x: dynamo.scan(**x),        'POST': lambda dynamo, x: dynamo.put_item(**x),        'PUT': lambda dynamo, x: dynamo.update_item(**x),    }    operation = event['httpMethod']    if operation in operations:        payload = event['queryStringParameters'] if operation == 'GET' else json.loads(event['body'])        dynamo = boto3.resource('dynamodb').Table(payload['TableName'])        return respond(None, operations[operation](dynamo, payload))    else:        return respond(ValueError('Unsupported method "{}"'.format(operation))) 

Although a lot of the code is not needed in most cases (many people would use a relational database instead of a NoSQL DynamoDB database), it sets a good example on how to access the HTTP request parameters and how to output a response.

Another thing to pay attention to while creating a Lambda function is the handler field. It tells Lambda which function to execute and in which file that function is located. For example, if you have a function called “myfunction” in file, the handler value would be “main.myfunction”.

After the functions have been created, they can be mapped to the corresponding API endpoints.

Integrate Lambda Functions with API Gateway

To make the API call a Lambda function, click on an API method and then go to integration request. On that page, set the integration type to Lambda function and enter you Amazon region and the name of the desired function. Do this for all API methods.

Deploy and Test the API

It is possible to test the API before deploying it. Each API method has a test button next to it, which will execute it and show the output.

Once everything is ready, go to Actions > Deploy API?to deploy your REST API. The first time, a new stage needs to be created (for example, it can be called prod or production). A stage is like a deployment environment. It is possible to have multiple stages in which different stages have different base URLs and configurations. Stages can be found under Mywebsite API > Stages?on the left side of the screen. Click on the name of the stage to get the public URL of your API, as well as other configuration options, such as caching and throttling.


This article has shown a basic example of a serverless REST API, built using Amazon API gateway and Lambda. It shows how it is possible to easily create a REST API without having to develop common API management features, such as authentication, routing, caching and rate limiting.

Share the Post:
XDR solutions

The Benefits of Using XDR Solutions

Cybercriminals constantly adapt their strategies, developing newer, more powerful, and intelligent ways to attack your network. Since security professionals must innovate as well, more conventional endpoint detection solutions have evolved

AI is revolutionizing fraud detection

How AI is Revolutionizing Fraud Detection

Artificial intelligence – commonly known as AI – means a form of technology with multiple uses. As a result, it has become extremely valuable to a number of businesses across

AI innovation

Companies Leading AI Innovation in 2023

Artificial intelligence (AI) has been transforming industries and revolutionizing business operations. AI’s potential to enhance efficiency and productivity has become crucial to many businesses. As we move into 2023, several

data fivetran pricing

Fivetran Pricing Explained

One of the biggest trends of the 21st century is the massive surge in analytics. Analytics is the process of utilizing data to drive future decision-making. With so much of

kubernetes logging

Kubernetes Logging: What You Need to Know

Kubernetes from Google is one of the most popular open-source and free container management solutions made to make managing and deploying applications easier. It has a solid architecture that makes

ransomware cyber attack

Why Is Ransomware Such a Major Threat?

One of the most significant cyber threats faced by modern organizations is a ransomware attack. Ransomware attacks have grown in both sophistication and frequency over the past few years, forcing

data dictionary

Tools You Need to Make a Data Dictionary

Data dictionaries are crucial for organizations of all sizes that deal with large amounts of data. they are centralized repositories of all the data in organizations, including metadata such as