Stacktape
Stacktape


HTTP API Gateways



An HTTP API Gateway serves as an entry point for your application, routing HTTP traffic to your compute resources. It can be integrated with functions, batch jobs, and multi-container workloads.

Each API gateway is secured with TLS by default. You can also configure a custom domain name, enable CORS, or place a CDN in front of your gateway.

When to use them

HTTP API Gateways are a good fit for any modern web application, from a simple "front door" for a lightweight service to a powerful backend API with authorization and monitoring.

Advantages

  • Pay-per-use: You are only charged for the number of requests your gateway processes (from $0.90 to $1.00 per million requests).
  • Scalability: The gateway scales automatically to handle thousands of requests per second.
  • Security: Each gateway is secured with TLS by default.
  • High availability: API Gateway has a 99.95% monthly uptime SLA.
  • Ease of use: You can integrate a gateway with your compute resources with just a few lines of configuration.

Disadvantages

  • Limited routing: HTTP API Gateways only support path-based routing. If you need to route requests based on query parameters, IP addresses, or HTTP headers, consider using an Application Load Balancer instead.

Basic usage

HttpApiGateway  API reference
type
Required
properties.payloadFormat
properties.cors
properties.logging
properties.customDomains
properties.cdn
properties.alarms
properties.disabledGlobalAlarms
overrides

You don't need to specify any properties to create a basic HTTP API Gateway.

resources:
myHttpApi:
type: 'http-api-gateway'

Integrating with compute resources

You can forward requests from an API gateway to your compute resources by creating an event integration on a multi-container workload, function, or batch job.

Each integration must specify:

  • httpApiGatewayName: The name of the API gateway.
  • path: A path pattern that the request must match.
  • method: The HTTP method that the request must match.

If multiple integrations match a request, the most specific one is chosen.

This example shows two integrations:

  • The first forwards all requests (/{proxy+}) to a multi-container workload.
  • The second, which is more specific, forwards GET requests for /invoke-my-function to a Lambda function.
resources:
myHttpApi:
type: http-api-gateway
myFunction:
type: function
properties:
packaging:
type: stacktape-lambda-buildpack
properties:
entryfilePath: 'path/to/my-lambda.ts'
events:
- type: http-api-gateway
properties:
httpApiGatewayName: 'myHttpApi'
path: '/invoke-my-function'
method: 'GET'
mySingleContainer:
type: 'multi-container-workload'
properties:
containers:
- name: 'myAppContainer'
packaging:
type: stacktape-image-buildpack
properties:
entryfilePath: '_example-configs/containers/ts-container.ts'
environment:
- name: port
value: 80
events:
- type: 'http-api-gateway'
properties:
httpApiGatewayName: 'myHttpApi'
containerPort: 80
path: /{proxy+} # greedy path
method: '*'
resources:
cpu: 0.25
memory: 512

An HTTP API Gateway with integrations for both a function and a multi-container workload.

For more information, see the documentation on integrating API gateways with functions and multi-container workloads.

CORS

Cross-Origin Resource Sharing (CORS) is a security feature that controls how web browsers handle requests to a different domain than the one the user is currently on. If your frontend and backend are on different domains (e.g., mydomain.com and api.mydomain.com), you'll need to configure CORS.

If you are already handling CORS in your application code, you don't need to enable it in your Stacktape configuration.

You can enable CORS with a single line:

resources:
myHttpApi:
type: 'http-api-gateway'
properties:
cors:
enabled: true

You can also customize the CORS headers:

If you do not specify any additional properties, default CORS configuration is used:

  • AllowedMethods: Inferred from methods used by integrations associated with the api gateway
  • AllowedOrigins: *
  • AllowedHeaders: Content-Type, X-Amz-Date, Authorization, X-Api-Key, X-Amz-Security-Token, X-Amz-User-Agent
enabled
Required
allowedOrigins
Default: *
allowedHeaders
allowedMethods
allowCredentials
exposedResponseHeaders
maxAge

Custom domain names

You can use a custom domain for your API gateway. If you don't have one, you can register one through Stacktape.

If you already have a domain, you can either let Stacktape manage it (if you use AWS Route 53 for DNS) or use a third-party DNS provider.

For more details, see the Domains and Certificates page.

Using Stacktape to manage domains and certs

Stacktape allows you to connect your custom domain names to some of your resources (Web Service, HTTP API Gateways, Application Load Balancers and Buckets with CDNs).

Connecting a custom domain to the resource does 2 things:

  • Creates DNS records:
    • If you use your custom domain with a resource, Stacktape automatically creates a DNS record (during deploy) pointing the specified domain name to the resource.
  • Adds TLS certificates
    • If the origin resource (HTTP API Gateway, Application Load Balancer or CDN) uses HTTPS protocol, Stacktape takes care of issuing and attaching correct (free, AWS-managed) certificate to the resource. This means, you do not have to deal with TLS termination as it is handled by the connected resource.
    • If you want to use your own certificates, you can configure customCertificateArns.

To manage a custom domain, it first needs to be added to your AWS account. This means that a hosted zone (collection of records managed together for a given domain) for your domain exists in your AWS account and your domain registrar's name servers are pointing to it. To learn more, refer to Adding a domain guide.

DomainConfiguration  API reference
Parent:HttpApiGatewayorCdnConfiguration
domainName
Required
customCertificateArn
disableDnsRecordCreation
resources:
myHttpApi:
type: 'http-api-gateway'
properties:
customDomains:
- domainName: whatever.mydomain.com

Using a 3rd-party DNS

To use a domain from a provider like GoDaddy or Cloudflare:

  1. Create or import a TLS certificate for your domain in the AWS Certificate Manager console and copy its ARN.
  2. Add the customDomains configuration to your API gateway, using the certificate ARN and disabling DNS record creation.
resources:
myWebsite:
type: http-api-gateway
properties:
customDomains:
- domainName: mydomain.com
disableDnsRecordCreation: true
customCertificateArn: <<ARN_OF_YOUR_CERTIFICATE>>
  1. After deploying, find the API gateway's domain name in the Stacktape Console.
  2. In your DNS provider's dashboard, create a CNAME or ALIAS record pointing to the API gateway's domain name.

Access logs

Access logs contain basic information about requests to your API gateway, which can be useful for auditing and compliance. Stacktape enables access logging by default, with a retention period of 30 days.

  • Stored properties are: requestId, ip, requestTime, httpMethod, routeKey, status, protocol and responseLength.
  • You can configure log format. Supported values are CLF, JSON, XML and CSV.
  • You can browse your logs in 2 ways:
    • go to the log group page in the AWS CloudWatch console. You can use stacktape stack-info command to get a direct link.
    • use stacktape logs command to print logs to the console
HttpApiAccessLogsConfig  API reference
disabled
format
Default: JSON
retentionDays
Default: 30
logForwarding
resources:
myHttpApi:
type: 'http-api-gateway'
properties:
logging:
format: CSV

CDN

You can place an AWS CloudFront CDN in front of your API gateway to cache responses and reduce latency.

  • CDN is a globally distributed network that can cache responses from your HTTP API Gateway at the edge - close to your users.
  • AWS Cloudfront has 205 edge locations on 6 continents.
  • The CDN is used to:
    • reduce latency & improve load times
    • reduce bandwidth costs
    • reduce the amount of traffic coming to the origin
    • improve security
  • The "origin" is the resource (HTTP API Gateway) to which CDN is attached. CDN caches responses from the origin at the edge for specified amount of time.
  • If the content requested by the client is in the CDN cache, the CDN immediately returns it to the client without making a request to the origin.
  • If the content is NOT in the cache, the CDN makes a request to the Origin. The response from the origin is then forwarded to the client, and cached at the edge.

For more information, see the CDN documentation.

Referenceable parameters

The following parameters can be easily referenced using $ResourceParam directive directive.

To learn more about referencing parameters, refer to referencing parameters.

domain
  • Default domain name

  • Usage: $ResourceParam('<<resource-name>>', 'domain')
url
  • Default URL

  • Usage: $ResourceParam('<<resource-name>>', 'url')
customDomains
  • Comma-separated list of custom domain names assigned to the HTTP Api Gateway (only available if you use custom domain names)

  • Usage: $ResourceParam('<<resource-name>>', 'customDomains')
customDomainUrls
  • Comma-separated list of custom domain name URLs (only available if you use custom domain names)

  • Usage: $ResourceParam('<<resource-name>>', 'customDomainUrls')
customDomainUrl
  • URL of the first custom domain name connected to this resource (only available if you use custom domain names)

  • Usage: $ResourceParam('<<resource-name>>', 'customDomainUrl')
cdnDomain
  • Default domain of the CDN distribution (only available if you DO NOT configure custom domain names for the CDN).

  • Usage: $ResourceParam('<<resource-name>>', 'cdnDomain')
cdnUrl
  • Default url of the CDN distribution (only available if you DO NOT configure custom domain names for the CDN).

  • Usage: $ResourceParam('<<resource-name>>', 'cdnUrl')
cdnCustomDomains
  • Comma-separated list of custom domain names assigned to the CDN (only available if you configure custom domain names for the CDN).

  • Usage: $ResourceParam('<<resource-name>>', 'cdnCustomDomains')
cdnCustomDomainUrls
  • Comma-separated list of custom domain name URLs of the CDN (only available if you configure custom domain names for the CDN).

  • Usage: $ResourceParam('<<resource-name>>', 'cdnCustomDomainUrls')

Contents