You have to create a SSL certificate using the Certificate Manager. For an edge endpoint, create it in eu-east-1, for regional and private endpoints, create it in the region you are deploying the API gateway in (or the lambda). Read more here. I will refer to the ARN as CertificateArn
You have to configure a AWS::ApiGateway::DomainName
:
"MyDomainName": {
"Type": "AWS::ApiGateway::DomainName",
"Properties": {
"DomainName": {"Ref: "DomainName"},
"CertificateArn": "arn:aws:acm:us-east-1:111122223333:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3"
}
}
This enables the Domain for the API Gateway. Next, you need to expose the API (i.e. your RestAPI), in a specific deployment stage. In your template, your have no deployment stages. Take a look a AWS::ApiGateway::Stage
. A minimal example would look like this:
"Prod": {
"Type": "AWS::ApiGateway::Stage",
"Properties": {
"StageName": "Prod",
"Description": "Prod Stage",
"RestApiId": {
"Ref": "APIGateway"
},
"DeploymentId": {
"Ref": "APITDeploymentTest"
},
}
However, you most likely want some additional configuration in that. I suggest you take a look at the MethodSettings
property.
At last, deploy a basepath mapping resource: AWS::ApiGateway::BasePathMapping
. I suggest you map the basepath to the stage you created like this:
"ProdDomainBasePath": {
"Type" : "AWS::ApiGateway::BasePathMapping",
"Properties" : {
"DomainName" : {"Ref: "DomainName"},
"RestApiId" : {"Ref": "APIGateway"},
"Stage" : "Prod"
}
}
If you change an AWS::ApiGateway::Stage
resource, you have to force an update on the corresponding AWS::ApiGateway::Deployment
resource - this usually means renaming the AWS::ApiGateway::Deployment
resource, to keep that in mind. Otherwise, it wont be deployed.
That should do it.
I've been through this same exercise of trying to send binary data from APIG to Lambda. All of the APIG options that I tried get converted to Base64. I now believe that this is due to Lambda ingestion of JSON event data.
Working in python, I couldn't use @AtesGoral npmjs compression so ended up in with a solution of APIG to S3 (<10MB binary works) and triggering the Lambda function via S3 event trigger. FWIW: The Lambda 6MB limit and Base64 encoding (4.4MB max binary input) make it impossible to implement S3 multipart upload using APIG -> Lambda without writing to S3 first.
Best Answer
lambda receives events and is charged by time the code runs. Keep-Alive as described here https://aws.amazon.com/about-aws/whats-new/2017/11/customize-integration-timeouts-in-amazon-api-gateway/ just specifies how long the API Gateway waits for the lambda result. So if your lambda runs 300ms, this is what you will pay for. If it runs 50 seconds the API Gateway will always timeout.