I have many (10K+) old unused AWS API Gateway API keys. I do not know their key-id. Is there any way i could delete those ? (obviously clicking via AWS console would work but does not make any sense).
AWS CLI like delete-api-key or get-api-key seems to require key-id....
Thanks,
John
OK, found the solution: aws apigateway get-api-keys
Related
I have several API's hosted on AWS that sit behind API Gateway. They are deployed with the serverless framework.
Is there away for me to programmatically query for and retrieve a list of all the API's that are deployed?
if your APIs are deployed as different stacks, you cannot use the serverless CLI command to list them.
but instead, You can use the AWS CLI command to list all the APIs powered by API gateway using the command below.
aws apigateway get-rest-apis
hope this helps
You may use AWS SDK getRestApis service (I linked Java SDK, but you may use any language of your choice)
Say you have a bunch of on premise applications (that are your potential publishers).. can we have them (sitting in some private network), publish message on to an AWS eventBus/eventBridge, so that the target subscribers can take it forward from there... Does hybrid AWS help here?
If so, can you share some links on achieving the same
That should be very straight forward - you can use the put events endpoint of any AWS SDK for EventBridge.
You'll need an IAM user with which to call the API via access key/secret key.
From a networking perspective, you'll need to be able to hit the AWS API endpoints.
Here's the method to use in Python.
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/events.html#EventBridge.Client.put_events
I need to get elements from AWS dynamoDB and thrid party https service and merge those results in AWS appSyn and send back the result as graphQL response
Third party service which I am using, expects client side certificate. I am not finding proper AWS documents on how to pass agent using AWS appSync resolver.
I am also not finding documents to store certificate as secret in AWS secret manager.
Is there anyone faced similar problem? Or do you guys have any solution to it?
It depends on the size of your certificate - Secrets for AWS Secrets Manager have various limits such as length in bytes (7168 bytes) or characters (4096) see more here:
https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html
But otherwise you should be able to store your certificate using AWS Secrets Manager.
See number item 3 in the following link: https://aws.amazon.com/blogs/compute/maintaining-transport-layer-security-all-the-way-to-your-container-part-2-using-aws-certificate-manager-private-certificate-authority/
Using HTTP Resolvers (or even Lambda Resolvers) you will be able to make http calls to AWS Secrets Manager to obtain the secret.
See links:
https://docs.aws.amazon.com/appsync/latest/devguide/tutorial-lambda-resolvers.html
https://docs.aws.amazon.com/appsync/latest/devguide/tutorial-http-resolvers.html
Adding to Ashwin's answer, According to documentation, HTTP resolver supports only public endpoint at this point and does not seem to have ability to pass a certificate for app to app call
I was exploring AWS API Gateway and created several APIs during learning session. Can I delete these API?
You can use the AWS CLI by passing the API ID delete-rest-api:
aws apigateway delete-rest-api --rest-api-id 1234123412
See https://docs.aws.amazon.com/cli/latest/reference/apigateway/delete-rest-api.html
You can use "Delete API" action on Resources tab, Actions menu.
I am fairly new to AWS Lambda but sure can see the benefits of it and stumbled upon the superb framework Serverless to help me built solutions on Lambda.
I started out building solutions using AWS API Gateway but really need "internal" VPC API's and not public Internet facing API's like API GW creates.
I found that Servless indeed can expose a HTTP endpoint but I can't figure out how this is done and how the URL is created.
When I deploy the Lambda from Serverless it gives me the URL, e.g.:
https://uxezd6ry8z.execute-api.eu-west-1.amazonaws.com/dev/ping
I would like to be able to find (or create) this same http listener for already existing Lambdas so my question is how is the URL created and where is teh actual HTTP listener deployed?
You might be looking for the invoke url,
1. go to https://console.aws.amazon.com/apigateway
2. select api link (which you have deployed on aws lambda).
3. select stages in left side panel and
see the invoke url.
Adding a http listener can be done by going to your lambda function, selecting the 'triggers' tab and 'add trigger', finally selecting API Gateway - but as others mentioned this does create a public facing url.
Duh, I was in the wrong AWS logon previously so the API GW was not showing any matching Serverless API and that was why I couldn't understand how they did it...
Once I logged into the AWS account that hosts the Serverless structure I can see the API GW GET API's for the Serverless HTTP listener.