Lambda Function


Course Introduction
Course Conclusion
Start course

Please note: this course has been replaced with a new course that you can find here: 

API Gateway is a fully managed service by Amazon that makes it easy for developers to create, publish, maintain and monitor their APIs at any scale without having to worry about versioning, authorizations, throttling and other administrative tasks. In this course, authored by Tehreem Siddiqui and narrated by Adam Hawkins, you will learn how to create and deploy REST API through API Gateway to expose HTTP endpoints, AWS Lambda functions and other AWS services.


Hello and welcome back to the API Gateway course. Our goal in this lesson is to expose the Lambda function with AWS API Gateway, add IAM Authorization and test it out with POSTMAN.

This usually is taught to demonstrate how the API Gateway and Lambda are used to build completely serverless applications. So let's get going. We'll start by creating a Lambda function called getRestaurantMenuthat returns JSON. It accepts a menuType parameter to differentiate between lunch or dinner. This gives you back your entrees, desserts and things like that. So head over to the AWS console and create a new function and choose the No JS run time. We will replace the code with a simple function. This code declares a hard coded lunch and dinner menu and a way to switch between them according to the menuType parameter. I'll fast forward while I type in the code. Next configure the AWS permissions for this Lambda function. You can reu

se an existing role or create a new one. Select Create a new role and then enter a name for the role. Next select Simple Microservice Application from the Policy template. This should give the Lambda enough permissions. That's enough this simple Lambda function. Now create the function.

Let's run through a test before connecting this to the API Gateway. We can do this directly in the AWS Console. Select Test and fill in the method Call Options We'll start with an empty object. This returns the default menu. Repeat the test by setting Menu Type to Lunch. Alright, things are working as expected. Now time to expose this function via the API Gateway. Open up the API Gateway console and create a new API Gateway. Name it Get Restaurant Menu API and provide a description. Now we can create the resources for this API. Create a new /RestaurantMenu resource followed by a new GET request for that resource.

This is where we select what happens with this API request. Select the Lambda integration and fill in the Lambda function details. Afterwards, change the Authenication type to IAM. We'll repeat this process with a POST request. The POST request allows us to send the menuType parameter in the request body. Now we can test both these requests. We'll start with the GET request. This should return the default menu because there's no menuType parameter. We'll also test the POST request, with and without the menuType parameter.

I'll speed this up a little bit so you can see what's happening. Great, everything is A-OK. Let's now deploy the API to a test stage so we can interact with it outside of AWS. Take the generated URL and hit it in your browser, and you'll get an unauthorized error. This is because the browser does not send the proper authentication header. Only the tool that allows us to set individual headers and request bodies.

Here I'm using POSTMAN. POSTMAN is a GOI version of Chrome with extra functionality. You can install it from the Chrome Store or as an extension for other browsers. Here, we repeat the same exercise as before. Paste in the URL and select the AWS Signature authentication. Paste in your AWS API keys. I've censored my secret key in as an example. Now it seems the GET requests are working as expected.

Let's try the POST request, with and without the menuType. Awesome, works as expected. Now this completes the lesson on the Lambda with API Gateway. It was a simple example but I hope you get the idea of how you can build serverless API's by combining these two technologies. Also note, we used the simplified permission model here.

You can use more complicated IEM roles, but I'll leave that investigation up to you. The next lesson covers using the API Gateway in combination with AWS S3. See you there.

About the Author

Tehreem is a Sr. Software Engineer with passion in Cloud Technologies, Big Data analytics, Software Testing and Automation. She has over 10 years of work experience comprising of her tenure at ServiceNow, Microsoft and Harmonic Inc. Most recently she has been developing learning content in-line with the emergence of Public Clouds and XaaS platforms with focus on AWS, Microsoft Azure and GCP. Tehreem resides in BayArea, CA with her family and when not working she enjoys nature/outdoors, movies and fine dining.