Skip to content

How To

Jump to bottom
Surya Jakhotia edited this page Dec 7, 2018 · 11 revisions

How do I authenticate API Gateway requests?

  • You can leverage AWS API Gateway's custom authorizer feature to enable Authentication and Authorization for your API resource. This can easily be done for APIs created using Jazz by updating your API's swagger.
  • Lets see this through an example:
    • Using Jazz, create a Lambda function that will handle authentication. In this example, let's say we gave namespace as myNamespace and service name as myAuthorizer while choosing service type of function.
    • Now lets start updating the swagger (swagger/swagger.json) of your service (API).
    • Add a security definition node at the root (similar to here) 
      "securityDefinitions": {
    "{envPrefix}-myNamespace-myAuthorizer": {
    "type": "apiKey",
    "name": "Authorization",
    "in": "header",
    "x-amazon-apigateway-authtype": "custom",
    "x-amazon-apigateway-authorizer": {
        "authorizerCredentials": "{conf-role}",
        "authorizerResultTtlInSeconds": 300,
        "authorizerUri": "arn:aws:apigateway:{conf-region}:lambda:path/2015-03-31/functions/arn:aws:lambda:{conf-region}:{conf-accId}:function:{envPrefix}-myNamespace-myAuthorizer-{envmnt}/invocations",
        "type": "token"
    }
    }
}
    • For each API resource, that you want to protect, you will add a security section (similar to here). If you are enabling CORS, you don't want to add protection to your OPTIONS request. 
      "security": [
    {
        "{envPrefix}-myNamespace-myAuthorizer": []
    }
]

How do I stream my logs to Splunk?

Streaming your service logs to Splunk is a simple two step process. Before we begin, we will need the following info from your Splunk account:

For Splunk Cloud customers, the standard HEC URI is:
https://http-inputs-customer_stack.splunkcloud.com/services/collector

If you are using AWS Firehose, then you will have a second HEC URL:
https://http-inputs-firehose-customer_stack.splunkcloud.com/services/collector

For customers running HEC on their own deployments or using the Splunk test drive instance, specify port 8088:
https://input-prd-uniqueid.cloud.splunk.com:8088/services/collector
  1. Using Jazz admin credentials, clone jazz-build-module repo in your Jazz Instance. Open jazz-installer-vars.json file and update the "SPLUNK" node with appropriate values and push your changes to master branch:
"SPLUNK": {
        "IS_ENABLED": "true",
        "ENDPOINT": "{HTTP Event Collector Endpoint}",
        "HEC_TOKEN": "{HTTP Event Collector (HEC) Token}",
        "INDEX": "{Index}"
 }
  1. Using Jazz admin credentials, clone jazz_splunk-kinesis-log-streamer repo in your Jazz Instance. Update README.md (or any other file) with some trivial changes and push your changes to master branch. This will trigger a new deployment and update the log streamer to pick up the new changes.

Once the changes are deployed, you would see that the logs are now streaming to your Splunk Index.

Create! Manage! Self-service!

Clone this wiki locally