I would appreciate with help on this. I watch a hyperledger comoposer tutorial where Zach Gollwitzer said there are 2 options to secure the rest-server API of the business network, one was to put it behind an API Management gateway and the other with multi-user mode. I would like to know how I can export the Rest rever API To AWS API gateway. What file is used to do this. thanks in advance.
When your rest server is started you should be able to 'hit'
http://localhost:3000/explorer/swagger.json which describes the various API endpoints.
Hopefully this is enough for the AWS API gateway.
Related
Largely, what I am trying to accomplish is explained in this video by Azure, which is the unsecured version of adding API keys to a REST API (specifically http://conferenceapi.azurewebsites.net/?format=json).
If you watch through the video, it seems great until you realize that anyone can call the "conferenceapi" as long as they know the url, essentially bypassing the entire purpose of Azure API Management which is controlling/metering peoples' access to an API.
My question is, if I'm trying to create the backend (so Spring Boot controllers) of my API Management service, what am I supposed to do in order to make sure that my REST api is only responding to requests made by API Management?
There is surprisingly little documentation on this that I could find:
Securing Backend Services behind Azure API Management
X.509 Authentication
How to secure back-end services using client certificate authentication in Azure API Management (literally only talks about how to upload a certificate and nothing about backend)
Like, a certificate sounds like a great idea. Only, how do I create the certificate, and how do I verify the certificate from a Spring Boot Application? Azure documentation feels so sparse, unless I didn't find the documentation that would address those questions.
I am saving my backend services data in Firestore. here now I need to restrict access to Firestore within a VPC.
basically, when connecting to the database from frontend the firebase URL or the database URL shouldn't be public. it should go through a VPC.
Please guide and help me if anyone has an experienced or knowledge on this matter.
Thank You, Cheers.
I do not think Firestore can be used with VPC. As you can see it the list of what VPC supports neither Firestore or Datastore are supported.
What you can do instead is possibly have a Cloud Function or GAE service acting as an API and let the service account used by this API be the only one with permissions to access Firestore.
I am working in IVR team. I write SOAP web services, write java client to access those web services and set data in the session variables of the CISCO API and IVR can then able to access that data. I am very good at this.
Currently, my manager plans to move from CISCO IVR to Amazon Connect. Amazon Connect has all infrastructure and IVR can be set up in 45 minutes.
My task is to access existing legacy SOAP web services(which has access to our databases) in AWS Lambda and give that data to IVR.
I went through all the documentation, but not able to figure out where to start. Could some one give me guidance on where to start.
Here's an article about calling SOAP services from a Lambda function, with a walkthrough of the process: https://blog.codecentric.de/en/2016/12/serverless-soap-legacy-api-integration-java-aws-lambda-aws-api-gateway/
It goes further than what you may need, adding API gateway on top of the Lambda function. You may not need that if you're just planning to call those Lambda functions from Connect.
There's also an article in Connect documentation on integrating with Lambda: http://docs.aws.amazon.com/connect/latest/adminguide/connect-lambda-functions.html
I need help in integrate AWS API gateway with luman as end point. I have working project with one web part(Laravel) and three luman project for different micro services. We are using AWS API gateway to point out to luman services. Right now we don't have any authentication on web services on luman. Anyone can have access to these if he know URL. We are planing to use oAuth2 for authentication. but i am not able to understand how it work. As we have mobile app for this project too. So my question is.
Is oAuth need to be implemented on luman project or on AWS API gateway.
In both cases how it will work. Also we are planning to move luman project to private network(no internat) which will not have public access. in that case we need to use lambda function to communicate with the private network.
So how it will work in this case.
Please suggest.
If you want to know how AWS API Gateway works with oAuth I'd recommend checking AWS public documentation and AWS Compute Blog.
My mobile app needs to make secure API calls to on-premise backend services which is not exposed to internet but accessed only by mobile client. How can we secure the backend calls via AWS cloud?
Thanks in Advance
AWS does not have an out-of-the-box solution for what you are looking for. Amazon Cognito's Identity component was designed to secure access to AWS API's, not a developer's. You will have to build your authentication and authorization service for your mobile clients.
Another AWS technology that you may want to consider in your design is Amazon Virtual Private Cloud (VPC), which would allow you to bridge your on-premise network into the AWS cloud. From their you would have to properly secure systems and APIs.
Update 2015-07-09 AWS has announced Amazon API Gateway. Using API Gateway you can build a REST interface to your existing API (or to AWS Lamdba functions) secured with credentials retrieved via an Amazon Cognito authflow. See this blog post for additional announcement details.