If this is your first API operation, choose Create new API. If this is a subsequent API operation, choose Create API.
Under Choose the protocol, keep REST selected.
Under Create new API, keep New API selected.
Under Settings, do the following: • For API name, type examplecorp_saas. • For Description, you can optionally type a description. • For Endpoint Type, choose Edge optimized.
Choose Create API.
Step 2. Configure API Gateway for Lambda integration
To configure API Gateway for Lambda integration, complete the following steps. The Lambda function that you create generates a streaming URL when requested.
1. Open the Amazon API Gateway console at https://console.aws.amazon.com/apigateway. 2. In the navigation pane, under the examplecorp_saas API, choose Authorizers. 3. Choose Create New Authorizer, and then do the following:
• For Name, type examplecorp_auth. • For Type, choose Cognito. • For Cognito User Pool, select the Amazon Cognito user pool that you created from the list (examplecorp_saas). Then, verify that the Region where you created your user pool is selected. • For Token Source, type Authorization. • Leave Token Validation empty.
4. Choose Create. 5. In the navigation pane, choose Resources. 6. Choose Actions, Create Resource. 7. Do the following:
• For ResourceName, type auth. • For ResourcePath, verify that the value is /auth. • Select the Enable API Gateway CORS check box.
8. Choose CreateResource. 9. With your newly created resource (/auth) selected in the Resources pane, choose Actions, Create Method. 10. Under OPTIONS, choose POST, and select the check mark to the right of the list to save your changes. 11. In the POSTSetup pane, do the following:
• For Integration type, keep LambdaFunction selected. • Select the Use Lambda Proxyintegration check box. • ForLambda Region, verify that the Region where you created your Lambda function is selected. • For Lambda Function, type the name of the function that you created earlier in this project: examplecorp_lambda_saas_function.
12. Choose Save. 13. In the Add Permission to Lambda Function dialog box, choose OK to confirm your changes. 14. With your new method selected, in the Method Execution details pane, choose the Method Request card. 15. In the Post Method Request pane, under Settings, do the following:
• Choose the pencil icon to the right of the Authorization list. • Choose the Amazon Cognito authorizer that you created from the list (examplecorp_auth). • Select the check mark to the right of the list to save your changes.
16. In the Resources pane, choose your resource, /auth. 17. Choose Actions, Deploy API. 18. In the Deploy API dialog box, do the following:
• For Deployment stage, choose [New Stage]. • For Stage name, type auth • For Stage description and Deployment description, you can optionally type a description. • Choose Deploy.
19. At the top of the auth Stage Editor pane, the Invoke URL displays. Make a note of this URL.
Step 3. Update the web configuration files in your Amazon S3 bucket
Update the config.js file in your website deployment to include the invoke URL of the stage that you created, and the user pool identifier (ID) and app client ID for your Amazon Cognito user pool. Complete the following steps to copy the values for these variables and paste them into the required locations in the config.js file.
1. Open the Amazon S3 console at https://console.aws.amazon.com/s3/. 2. In the S3 buckets pane, in the search box, type the name of the Amazon S3 bucket that you created and where you copied the Example Corp. website files. 3. When the bucket appears in the list, select the bucket name. 4. On the Overview tab, in the file list, navigate to assets/js/config.js. 5. Select the check box next to the config.js file, and choose Download. 6. Navigate to the location where you downloaded this file on your local computer, and open the file. 7. In the file, verify that the value for the region variable is set to the Region where you created your user pool. Then, search for and replace the default values for the following variables:
invokeurl userPoolId userPoolClientId
invokeurl is the value of the invoke URL that was generated when you completed the steps in the previous procedure, “Configure API Gateway for Lambda integration.” userPoolId is the value of the user pool ID that was generated when you completed the steps in “Create an Amazon Cognito user pool.” userPoolClientId is the value of the app client ID that was generated when you completed the steps in “Add an app to your user pool.”
8. Save your changes and close the file. 9. On the Amazon S3 console Overview tab, choose Upload. 10. Drag your edited config.js file into the Upload window, and choose Upload. 11. Wait for the upload to complete, and verify that the updated file appears in the list on the Overview tab.