Home / Konnect Service Catalog / Service Catalog integrations
Edit
Report

AWS API Gateway

Uses: Service Catalog Kong Gateway
Related Documentation
All Service Catalog Documentation
Incompatible with
on-prem
Tags
#integrations #aws
Related Resources
Service Catalog
Discover AWS Gateway APIs in Service Catalog with the Konnect API
Discover AWS Gateway APIs in Service Catalog with the Konnect UI
Discover and govern APIs with Service Catalog

The AWS API Gateway integration allows you to associate your Service Catalog service with one or more AWS API Gateway APIs.

You can configure multiple instances of this integration, including multiple connections to the same third-party provider.

For complete tutorials, see the following:

Configure an IAM role in AWS for Service Catalog

You need a REST API in AWS API Gateway to ingest and a correctly configured IAM role for this integration. You can name your AWS API Gateway API whatever you’d like. In this tutorial, we’ll refer to your AWS API Gateway API as aws-api.

You can follow the setup instructions in the UI wizard when you add the AWS API Gateway instance or do the following:

If you want to use the AWS console UI, follow the steps in Amazon’s Creating an IAM role (console) documentation. Make sure to select Another AWS account and enter the Account ID (auto gen id here) and select Require external ID and enter the External ID (external id here). Navigate to the role in the console UI and copy the ARN to use in Konnect.

  1. In the AWS console, navigate to the IAM settings.
  2. In the IAM sidebar, click Policies.
  3. Click Create policy.
  4. For the Policy editor settings, click JSON.

  5. In the Policy editor field, enter the following:

    {
    "Version": "2012-10-17",
    "Statement": [
      { "Sid": "ApiGwRead",
        "Effect": "Allow",
        "Action": ["apigateway:GET"],
        "Resource": "*"
      }
    ]
  }
  6. Click Next.
  7. In the Policy name field, enter konnect-service-catalog-permissions.
  8. Click Create policy.
  9. In the IAM sidebar, click Roles.
  10. Click Create role.
  11. For the Trusted entity type, select AWS account.
  12. For the AWS account settings, select Another AWS account.

  13. In the Account ID field, enter 333402130851.

    This is Konnect’s account ID that is used for the IAM role principal.

  14. Select the Require external ID checkbox.
  15. In the External ID field, enter your Konnect organization ID. You can find this by sending a GET request to /organizations/me or in the Konnect UI by navigating to your account in the top right and clicking the copy icon next to your organization name.
  16. Click Next.
  17. From the Permissions policies list, select konnect-service-catalog-permissions.
  18. Click Next.
  19. In the Role name field, enter konnect-service-catalog-integration.
  20. Click Create role.

View the konnect-service-catalog-integration you just created and copy the ARN.

Authorize the AWS API Gateway integration

  1. In the Konnect sidebar, click Service Catalog.
  2. In the Service Catalog sidebar, click Integrations.
  3. Click AWS API Gateway.
  4. Click Add AWS API Gateway instance.
  5. From the AWS region dropdown, select your AWS region.
  6. In the IAM role ARN field, enter the IAM role you configured for Service Catalog.
  7. In the Display name field, enter a name for your AWS API Gateway instance.
  8. In the Instance name field, enter a unique identifier for your AWS API Gateway instance.
  9. Click Save.

Resources

Available AWS API Gateway entities:

Entity

Description
API An AWS API Gateway API that relates to the Service Catalog service.

Discovery information

  • Automatic resource discovery is supported by this integration
  • Resource types: APIs
Something wrong?
Report an Issue | Edit this Page

Help us make these docs great!

Kong Developer docs are open source. If you find these useful and want to make them better, contribute today!
Contribute

Still need help

Ask in our Forum
Contact Support