SAP-C02 Amazon AWS Certified Solutions Architect Professional – New Domain 5 – Continuous Improvement for Existing Solutions Part 18

  • By
  • September 3, 2023
0 Comment

69. Building the function for our API

Hey everyone and welcome back. Now in the earlier lecture we discussed that there are two important components that we need. The first is the function and second is the API. So what we’ll be doing today is we will be creating a function after function is created. Then we’ll build an API and then we’ll do a curl request on the API to see if the function is really working. Perfect. So in order to create a function, what we’ll be doing is we’ll create a very simple hello world based function so that it is quite easy and everyone can follow up perfect. So in order to create a function, we’ll use an AWS lambda. So I hope you know, AWS lambda is basically used for serverless and it allows us to create a function. Now this function can be of any type.

So you can write a function which would scan the files for some kind of a malware or various different types according to the use cases. So let’s go ahead and create a function. So there are already blueprints which are available. I’ll do an author from scratch. So now I’ll just select next and I’ll say the function is hello world and by default you’ll see the function code already contains the hello from lambda. So I’ll just modify it hello from API function. Okay, so once this is created, you can assign a memory or according to that, because let’s assume you are creating a function which would scan the file for malware or a function which would resize the images that user uploads.

Then the amount of memory that will be needed will be more and the amount of timeout that will be needed is also more. So since we are just having a hello world, this default settings is quite good enough for us.

So let’s go ahead and click Next. Okay, we just forgot existing role. I’ll just select an existing role, I click next and I’ll click on create function. Perfect. So the function is created. So we have completed the function part. So what this function will do is whenever someone will call this function it will display hello from API function. So this is the text that it will be displaying. So let’s go ahead and call the function. I’ll do a test and I’ll click on save and test.

So in the execution result you should find hello from API function as an output. See, this is the output that you are getting. Perfect. So this function is now created. Now the challenge here is that since this function is created in lambda, now if I want this to be accessible to the users over the internet, how can I do that? So this function is created inside my lambda in my AWS account. Now I want users across the internet to be able to run this specific function. So what I’ll be doing is I’ll be creating an API and then I’ll be linking this API to call this specific function.

So in today’s lecture, and with this and in the next lecture, we will create an API, and we will link it with a specific function. So I hope this has been useful for you. A very short lecture. The reason is because I wanted to dedicate an entire lecture on how to create an API to avoid confusions. So this is it, about this lecture. I hope this has been informative for you, and I look forward to seeing you in the next lecture.

70. Building our API with API Gateway

Hey everyone and welcome back. Now, in the previous lecture, we had created a simple hello, world function. Now, what we will do in today’s lecture is we’ll create an API. So we have a function which is created, which when executed will display hello from API function. So that is a string that gets displayed whenever this function is executed. Now, since the user is outside of Amazon AWS, it might mean that the user wants to execute this specific function which is internal. So, what I’ll do will create an API which a user can use as a proxy to execute this specific hello, world function. So the question is how to create an API? And the answer is quite simple. Actually, I would say quite simple now is because there is a great service which AWS offers called Amazon API gateway.

So this service basically allows us to create an API in a nice UI manner. So let’s go ahead and click on Get started. So by default, it will show you a sample API. What we’ll do is we’ll create our own API. I’ll click on new API and you have to give an API name. So I’ll say KPL apps. Hello. This scription would be this API would return. Hello, world. Okay, I’ll go ahead and click on Create API. Perfect. So this is our screen where we can define the API related configurations.

Now, if you go back to the slide, we have discussed that there are certain methods that API would support depending upon the functionality. So, if you see over here in the action, the first thing that we need to do is we need to create the method. So I click on create method and in the method there are various methods which are available. So, since this is a simple hello world, the only method that we need is Get. So this is quite important. Do not select any. So if delete is not needed, don’t select any. So just follow the principle of least privilege. So, this is something that we had already discussed. So if only one method is needed, just select that one method only. So many organizations, they do this mistake where their API support n number of methods.

And a hacker runs a delete and it actually deletes the resources of a specific back end system. Anyways, so we’ll select Get and we’ll complete this. So, once the method is selected, the next thing is the function. So, since we had created a hello world function in lambda, the integration type will be lambda. And then it is asking me the lambda region. The lambda region would be AP southeast one, which is Singapore. And then our function name is hello walls. Perfect. I’ll click on Save and I’ll click on okay. So what this is showing is that it is allowing API gateway to invoke this specific function. So whenever someone makes a Get request to my API, then the API in the back end would invoke an execution of this specific function. So I’ll click on okay, perfect.

So now you are having a nice little diagram, something similar to what we had discussed. Because API is in the middle, which calls the function. So we’ll be discussing about this in the relevant section. But just to remember that this is the client. So on the left hand side you have a client and on the right hand side you have a function. Similar in here. On the left hand side you have a client, on the right hand side you have a lambda function. Call as hello world.

Perfect. So now that we have created our own method and our own function, what we’ll do is we’ll go ahead and deploy the API. So I’ll click on deploy API. So you have to give the name. I’ll say def. So this is our first API and I click on deploy. So as soon as you click on deploy, you’ll see you get the API URL. So whenever someone hits this specific URL for the API, the lambda function will be executed behind the scenes. So I’ll just copy and I’ll paste it in the browser. And now you will see hello from API function. So this is how how you can design your own API. So this is it about the API creation lecture. Again, whenever needed, we will take more use cases and we will be deploying new APIs and new functions whenever it is needed. So this is it about this lecture.

71. API Gateway – 3 Important Pointers

Hey everyone, and welcome back. In today’s video, we will discuss about the important pointers associated with the API Gateway topic. Now, as far as the exams are concerned, there are three important pointers that you need to remember about API Gateway. First is the API gateway. Throttling. Second is the API gateway caching. And third is the API Gateway validation functionality. Now discussing about the first aspect spec, which is API Gateway Throttling. So basically, to prevent your API from getting overhead with a huge amount of requests, what Amazon does is that it basically threatens that request which have been made to the API. So by default, API Gateway has a limit of 10,000 requests per second. And there is also a burst limit of 5000 requests per second across all the APIs within the AWS account. So these are the limits which are being set by default, which you can increase.

Now, what would happen if you receive more than 10,000 requests per second? If you happen to do so, AWS will return the Http 429 message back to the client, since it cannot handle more than 10,000 requests per second as part of the default scenario. Now, there are two scenarios that we’ll be discussing. The first is if a caller submits 10,000 requests in 1 second period evenly, so for example, ten requests every millisecond. Thus, API Gateway will process all the requests without dropping any. Now remember, 10,000 requests per second does not mean that at the first millisecond itself, if your API is receiving 10,000 requests, it will process all of them. It will not do so. There is that even consistency which needs to be maintained. Now, if the caller, or I would say if a client sends 10,000 requests in the first millisecond itself, the API Gateway will not handle all the 10,000 requests. API Gateway will serve the 5000 of those requests, and then it will begin to throttle various requests in a 1 second period.

One important part to remember. Now, the second thing that you should be remembering is the API Gateway Caching. Now, this is very similar. Like if the same type of request is being made, you can basically go ahead and cache the response. And API Gateway allows us to cache the response if the same type of request is being made by the client. And the third part is the API Gateway validation, where we can have a certain validation on the API Gateway and the request which matches those validation will be allowed. And if the request does not match, it will be sent a 400 error message.

So if you see over here, within this API Gateway, there is a validation method saying that the query string must be present. Now, within this, there is a query string as URL is equal to malicious. com. And since the query string is present, API Gateway will consider this to be valid. However, in the second scenario, if you’ll see there is no query string which is specified within the request which has been sent to the API gateway. And API gateway in turn will directly send the http 400 message back to the client. So this is the validation functionality.

Now, I just wanted to quickly show you those things. So currently I’m in my API gateway, and within this, if you go into the authorizers, I’ll create a new authorizer. So within this I can have a lambda function behind the scene. Now, if you go a bit down, there is the authorization caching. So this is something that we can do. So the default TTL period is 300 seconds, which we can again, there is also a token validation where basically we can validate the token with the help of certain regular expressions, and API gateway will verify that token for validation. So this is the high level overview about the API gateway and the important pointer.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img