1. Home
  2. Documentation
  3. Connections
  4. Connection with AWS gateways

Connection with AWS gateways

Configure connections with AWS gateways and import APIs.

This page describes how to integrate your Sensedia solutions (Adaptive Governance and Developer Portal) with AWS gateways, allowing for the import and governance of APIs (native connections) published in Amazon API Gateway.

See in this page:

Supported API Versions and Types

The Amazon API Gateway is structured into two main infrastructures (v1 and v2). API import through native AWS connections supports both.

  • REST API (v1). The traditional version of API Gateway, providing the most comprehensive set of API management features. View official documentation

  • HTTP API (v2). The newer Amazon API Gateway infrastructure, optimized for lower latency and reduced cost, focused on high-performance HTTP APIs and simplified integrations with AWS services. View official documentation

For a detailed comparison between these two versions, see: Differences between REST APIs and HTTP APIs

The table below summarizes the main characteristics of the supported API types:

Feature
REST API (v1)
HTTP API (v2)
Primary focusAdvanced API management featuresHigh performance and lower cost
Portal Apps supportYesNo (limitation of the AWS HTTP API model)
Import via native connectionYesYes
NOTE
  • The creation of the native connection with AWS and the configuration of credentials is identical for both versions. The distinction occurs only at the time of API import.
  • Currently, our solutions only support APIs of types REST (v1) and HTTP (v2). APIs of type WebSocket are not supported in this integration flow.

Access credentials

To create a connection for AWS API Gateway, you must enter your AWS credentials on the Connections screen.

These credentials must be obtained from the AWS side.

Access the AWS Management Console and follow the steps below to:

Step 1

Create a user.

Step 2

Add an access policy.

Step 3

Create credentials.

TIP

Refer to the AWS documentation for more details.

NOTE

To list and import your APIs, ensure that your access policy in AWS grants permission to the correct apigateway service resources, depending on the gateway version:

  • For v1 gateways (REST): The policy must allow access to resources under the /restapis namespace.
  • For v2 gateways (HTTP): The policy must allow access to resources under the /apis namespace.

If your policy only allows one of these resource sets, you will only see the corresponding APIs. If there is no permission for either of them, an error will be displayed on the import screen.

Creating a User

There are several ways to create an IAM user in your AWS account.

Follow the steps below to create a user through the AWS Management Console:

Step 1

At the top of the AWS Management Console, in the search bar, search for and select IAM.

screenshot of the search screen in AWS Management Console showing the IAM result

Step 2

In the left menu, under Access management, select Users.

screenshot of the AWS management dashboard highlighting the Users option

Step 3

Click the Create user button in the top-right corner of the screen.

Step 4

In the User name field, enter the value: adaptive_governance_integration_aws and click Next.

screenshot of the AWS management panel with emphasis on the user name field

Step 5

Under Permissions options, select Attach policies directly and click Next.

screenshot of the AWS panel highlighting the option to add policies

NOTE

Under Permissions policies, DO NOT select Policy name.

Step 6

Under Review and Create, review the information and click Create user.

Adding an Access Policy

Step 1

In the user list, select adaptive_governance_integration_aws

screenshot showing the created user in the user list

Step 2

In the Permissions tab, under Permissions policies, click the Add Permissions button, and then click Create inline policy.

screenshot showing the Permissions tab and Add Permissions button

Step 3

In the Policy editor, select the JSON tab.

screenshot showing the JSON tab in the policy editor

Step 4

Copy and paste the code below into the editor.

IMPORTANT

Depending on your business needs, there are some policy templates that can be used.

Step 5

Click Next.

Step 6

In the Policy name field, enter the value adaptive_governance-aws and click Create policy.

screenshot showing the Create and Review screen

Creating the Credentials

Step 1

In the user list, select adaptive_governance_integration_aws and click the Security credentials tab.

AWS security credentials screen

Step 2

Scroll down to Access keys and click Create access key.

Create access key screen

Step 3

Select the option Application running on an AWS compute service.

screenshot showing the option for Application running

NOTE

Check the confirmation box at the bottom of the page.

confirmation box

Step 4

Click Next.

Step 5

You will see your access key and secret access key. Make a note of these credentials to use when registering the AWS connection in Adaptive Governance.

screenshot showing the Retrieve access keys screen

Step 6

Click Done.

Creating a New Connection

Follow the steps below to create a new connection.

Step 1

Access the Connections screen by clicking the left-side menu or the card on the home screen.

Step 2

Click the + CREATE CONNECTION button located at the top-right of the screen.

screenshot of the connections screen highlighting the create connection button

Step 3

Select the connection provider and click CREATE CONNECTION.

screenshot of the connection creation screen step 1

Step 4

Select the connection mode: whether it is native (data updated directly with the provider) or not (manual upload).

screen with connection options

Non-native connection:

  • Define a name for the connection and click NEXT. screen with field for connection name

  • Confirm the information and click SAVE.

Native connection:

  • Define a name for the connection and click NEXT. screen with field for connection name

  • Select a connection mode: Access Key or IAM (Role). screen with authentication options

    • For Access Key, provide:

      • AWS Access Key Id: the key for your AWS resource.

      • AWS Secret Access Key Id: the AWS key secret. detail of the configuration screen with fields for AWS Access Key Id and AWS Secret Access Key Id

      • Review the information and click SAVE.

    • For IAM:

      • Configure your role: copy the example code shown in this section and use it in your AWS provider to create a role:

        • Steps in the AWS Console:
          • Go to IAM > Roles and click the "Create role" button.
          • Select "Custom trust policy" and paste the copied code.
          • Add the policy generated in the Adding an access policy step.
          • Complete the role creation, adding the necessary information, such as tags.
          • After creating the role, copy the Role ARN generated by AWS.

      • Role ARN: paste the generated Role ARN here.

      • Review the information and click SAVE. detail of the configuration screen with fields for Configure your role and Role ARN

Importing APIs

Importing APIs through a native AWS connection supports multiple types of API Gateways.

The supported API types are:

  • REST β€” APIs originating from AWS REST API Gateway (v1).
  • HTTP β€” APIs originating from AWS HTTP API Gateway (v2).

See more details about each type.

These types are displayed in the Protocol Type column during the import process.

To import APIs, follow the steps below:

Step 1

Access the Connections screen by clicking on the left side menu or the card on the home screen.

Step 2

Find the connection you want to edit and click the eye icon icon. If necessary, use the search bar to locate the desired connection.

Step 3

In the API Imports screen, click the + IMPORT API button located just below General Info and above API Imports.

screenshot of the API import screen

Step 4

Select the region of the APIs you want to import.

screenshot of the API import screen for AWS gateways

Step 5

In the API list, use the Type column to identify the protocol (REST or HTTP). Select the desired APIs and click SAVE.

Import list showing the Type column with REST and HTTP

IMPORTANT

Credential generation (App creation) in the Developer Portal is currently not supported for HTTP (v2) type APIs, due to an inherent limitation of this version of the AWS Gateway.

In these cases, the Enable Apps registration option remains disabled in the API Docs settings of the Portal Manager.

NOTE

The Discovery feature also automatically identifies and unifies APIs from both versions (REST and HTTP), provided that the IAM user's access permissions cover the necessary resources. If you have permission for only one of the versions, only the corresponding APIs will be listed.

NOTE

Whenever an API is updated, click refresh icon.

detail with the refresh imported APIs button

How happy are you with this page?

Apigee
Connection with Microsoft Azure

We use cookies to enhance your experience on our site. By continuing to browse, you agree to our use of cookies.Learn more