WARNING: you are on the master branch, please refer to the docs on the branch that matches your cortex version
When api_gateway: public is set in your API's networking configuration (which is the default setting), Cortex will create an "HTTP" API Gateway in AWS for your API (see the networking docs for more information).
However, there may be situations where you need to use AWS's "REST" API Gateway, e.g. to enforce IAM-based auth. Until #1197 is resolved, a REST API Gateway can be used by following these steps.
If your API load balancer is internet-facing (which is the default, or you explicitly set api_load_balancer_scheme: internet-facing in your cluster configuration file before creating your cluster), use the first section of this guide.
If your API load balancer is internal (i.e. you set api_load_balancer_scheme: internal in your cluster configuration file before creating your cluster), use the second section of this guide.
Disable the default API Gateway:
- If you haven't created your cluster yet, you can set
api_gateway: nonein your cluster configuration file before creating your cluster. - If you have already created your cluster, you can set
api_gateway: nonein thenetworkingfield of your Realtime API configuration and/or Batch API configuration, and then re-deploy your API.
Go to the API Gateway console, select "REST API" under "Choose an API type", and click "Build"
Select "REST" and "New API", name your API (e.g. "cortex"), select either "Regional" or "Edge optimized" (depending on your preference), and click "Create API"
Select "Actions" > "Create Resource"
Select "Configure as proxy resource" and "Enable API Gateway CORS", and click "Create Resource"
Select "HTTP Proxy" and set "Endpoint URL" to "http://<BASE_API_ENDPOINT>/{proxy}". You can get your base API endpoint via cortex cluster info; make sure to prepend http:// and append /{proxy}. For example, mine is: http://a9eaf69fd125947abb1065f62de59047-81cdebc0275f7d96.elb.us-west-2.amazonaws.com/{proxy}.
Leave "Content Handling" set to "Passthrough" and Click "Save".
Select "Actions" > "Deploy API"
Create a new stage (e.g. "dev") and click "Deploy"
Copy your "Invoke URL"
You may now use the "Invoke URL" in place of your APIs endpoint in your client. For example, this curl request:
curl http://a9eaf69fd125947abb1065f62de59047-81cdebc0275f7d96.elb.us-west-2.amazonaws.com/iris-classifier -X POST -H "Content-Type: application/json" -d @sample.jsonWould become:
curl https://31qjv48rs6.execute-api.us-west-2.amazonaws.com/dev/iris-classifier -X POST -H "Content-Type: application/json" -d @sample.jsonDelete the API Gateway before spinning down your Cortex cluster:
Disable the default API Gateway:
- If you haven't created your cluster yet, you can set
api_gateway: nonein your cluster configuration file before creating your cluster. - If you have already created your cluster, you can set
api_gateway: nonein thenetworkingfield of your Realtime API configuration and/or Batch API configuration, and then re-deploy your API.
Navigate to AWS's EC2 Load Balancer dashboard and locate the Cortex API load balancer. You can determine which is the API load balancer by inspecting the kubernetes.io/service-name tag:
Take note of the load balancer's name.
Go to the API Gateway console, click "VPC Links" on the left sidebar, and click "Create"
Select "VPC link for REST APIs", name your VPC link (e.g. "cortex"), select the API load balancer (identified in Step 1), and click "Create"
Wait for the VPC link to be created (it will take a few minutes)
Go to the API Gateway console, select "REST API" under "Choose an API type", and click "Build"
Select "REST" and "New API", name your API (e.g. "cortex"), select either "Regional" or "Edge optimized" (depending on your preference), and click "Create API"
Select "Actions" > "Create Resource"
Select "Configure as proxy resource" and "Enable API Gateway CORS", and click "Create Resource"
Select "VPC Link", select "Use Proxy Integration", choose your newly-created VPC Link, and set "Endpoint URL" to "http://<BASE_API_ENDPOINT>/{proxy}". You can get your base API endpoint via cortex cluster info; make sure to prepend http:// and append /{proxy}. For example, mine is: http://a5044e34a352d44b0945adcd455c7fa3-32fa161d3e5bcbf9.elb.us-west-2.amazonaws.com/{proxy}. Click "Save"
Select "Actions" > "Deploy API"
Create a new stage (e.g. "dev") and click "Deploy"
Copy your "Invoke URL"
You may now use the "Invoke URL" in place of your APIs endpoint in your client. For example, this curl request:
curl http://a5044e34a352d44b0945adcd455c7fa3-32fa161d3e5bcbf9.elb.us-west-2.amazonaws.com/iris-classifier -X POST -H "Content-Type: application/json" -d @sample.jsonWould become:
curl https://lrivodooqh.execute-api.us-west-2.amazonaws.com/dev/iris-classifier -X POST -H "Content-Type: application/json" -d @sample.jsonDelete the API Gateway and VPC Link before spinning down your Cortex cluster:
