AWS SAM Now Supports Amazon API Gateway Custom Domain Names for Private REST APIs

By /

Listen to this Post

AWS has announced a significant update for Infrastructure as Code (IaC) enthusiasts: AWS Serverless Application Model (SAM) now supports custom domain names for private REST APIs in Amazon API Gateway. This enhancement simplifies the process of deploying private APIs with user-friendly domain names, improving accessibility and security.

Read the official AWS announcement here.

You Should Know:

1. Setting Up Custom Domains in AWS SAM

To configure a custom domain for a private API Gateway using AWS SAM, include the following in your template.yaml:

Resources:
MyApi:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
Domain:
DomainName: api.example.com
CertificateArn: arn:aws:acm:us-east-1:123456789012:certificate/xxxx-xxxx-xxxx
EndpointConfiguration: PRIVATE
Route53:
HostedZoneId: Z1234567890

2. Deploying with AWS SAM CLI

Run the following commands to deploy your SAM template:

 Build and package your SAM application 
sam build

Deploy using AWS CloudFormation 
sam deploy --guided

3. Verifying the Custom Domain

After deployment, verify the domain setup using the AWS CLI:

aws apigateway get-domain-names --query "items[?domainName=='api.example.com']"

4. Updating DNS Records

If using Route 53, ensure the alias record points to your API Gateway:

aws route53 change-resource-record-sets --hosted-zone-id Z1234567890 --change-batch file://dns-update.json

Example `dns-update.json`:

{
"Changes": [{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "api.example.com",
"Type": "A",
"AliasTarget": {
"HostedZoneId": "ZLY8HYME6SFAD",
"DNSName": "d-xxxxxx.execute-api.us-east-1.amazonaws.com",
"EvaluateTargetHealth": false
}
}
}]
}

5. Testing the Private API

Use `curl` or Postman to test the custom domain:

curl https://api.example.com

What Undercode Say

AWS SAM’s new feature streamlines private API deployments with custom domains, reducing manual steps in DNS and certificate management. This is a game-changer for DevOps and cloud architects leveraging IaC.

Additional Useful Commands:

  • Check API Gateway Custom Domains: 
    aws apigateway get-domain-names
  • List CloudFormation Stacks: 
    aws cloudformation list-stacks
  • Delete a SAM Stack: 
    sam delete --stack-name my-stack
  • Update SSL Certificate: 
    aws acm request-certificate --domain-name api.example.com

Expected Output:

A fully configured private REST API with a custom domain (api.example.com) accessible securely within your VPC.

This enhancement reinforces AWS SAM as a powerful IaC tool for serverless architectures. 🚀

References:

Reported By: Darryl Ruggles – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: