Configuring Endpoint Call Processing
Sidecar Preprocess POST Request Call To Lambda Function with Client Request (Specifications)
Field | Mandatory Field
Yes/No |
Type | Description/Value | Example | Notes |
---|---|---|---|---|---|
region | Yes | String | AWS region where Lambda function is hosted | region: eu-west-1 | |
functionARN | Yes | String | AWS ARN to make Lambda function invocation | functionARN: arn:aws:lambda:eu-west-1:190954361614:function:LambdaBasicAsync | |
roleARN | Yes | String | Role ARN which needs to be used for generating assume role credentials | roleARN:arn:aws:sts::680833432085:role/ tibco_sidecar_connector_fn1 | Role Name must begin with "tibco_sidecar_connector" |
externalIdKey | Yes | String | ExternalID specified in trust policy of role in IAM will be stored in AWS Parameter Store using Key and Value pair. Key for External ID needs to be specified in this parameter. Using this key, value for External ID will be retrieved from AWS Parameter Store. | externalIdKey :tibco/prod/trustKey |
Inclusion of external ID strengthen security of AWS Lambda invocation. As external ID is secure parameter, it is stored in the AWS Parameter Store using secure string. This external ID specified in the trust policy of role which we want to assume in IAM. For successful generation of assume role credentials, this external ID must be sent to AWS Lambda. |
sessionName | No | String | AWS Lambda session through assume role is created with this name | sessionName:assume-role-lambda-access-poc | If not specified session name will be specified in the AWS Lambda Request as "TIBCO_Mashery_SideCar_Connector" |
expirationDuration | No | integer | Assume Role credentials expiration duration in minutes | expirationDuration:15 | Default value is 60 minutes. |
Field | Mandatory Field
Yes/No |
Type | Description/Value | Example | Notes |
---|---|---|---|---|---|
synchronicity | No | string |
This parameter specifies whether request sent to AWS Lambda should be synchronously or asynchronously. If AWS Lambda function needs to be invoked synchronously, then its value should be request-response. If AWS Lambda function needs to be invokedasynchronously, then its value should be Event |
synchronicity: request-response |
Possible values for synchronicity - request-response , event. Default Value - request-response |
include-response-headers | No | string | Specifies API client response headers to be included in the lambda sidecar input. | ||
skip-response-headers | No | string | Specifies API client response headers to be skipped in the lambda sidecar input. This option is mutually exclusive with include-response-headers | ||
require-eavs | No | string | Specifies the mandatory application EAVs that must be set to a non-empty value before the request can be handled. These values are also included in the lambda sidecar input. | require-eavs: eav_1,eav_2,eav_3 | The EAVs ARE case-sensitive, and must be included exactly as they are known in Mashery.
All Application level EAVs configured must be present and set in Mashery otherwise block the call. |
include-eavs | No | string | Specifies the application EAVs to be included in the Lambda function input, if they are present. | ||
require-packageKey-eavs | No | string | Specifies the mandatory package key EAVs that must be set to a non-empty value before the request can be handled. These values are also included in the lambda sidecar input. | All Package Key EAVs configured must be present and set in Mashery, otherwise block the call. | |
include-packageKey-eavs | No | string | Specifies the package key EAVs to be included in the Labmda function input, if they are present. | ||
max-payload-size | No | string | Max payload size that can be sent to Lambda function in KB | max-payload-size: 50 |
default is 10 max is 1024 KB i.e. 1 MB |
max-payload-condition | No | integer | Action to take on max_payload_size condition. Parameter can be set either 'filtering', 'blocking' | max-payload-condition: filtering | default is "blocking" |
expand-input | No | string | Specified what other values needs to be included while sending request to Lambda function like requestPayload, remoteAddress, token, operation, routing | expand-input: requestPayload, operation | |
sidecar-param-<parameter name> | No | string | In case parameter map needs to sent to AWS Lambda request, then you can define multiple parameters in the format sidecar-param-<parameter_name>:<parameter_value> | sidecar-param-parameter_x:This is string
sidecar-param-parameter_y:true sidecar-param-parameter_z:1234 |
Sidecar connector validates whether parameter value is String, Boolean, Integer or Float, accordingly that parameter is added to the request payload which is sent to AWS Lambda function. Suppose in pre-input configuration, below sidecar params are defined: sidecar-param-parameter_x:This is string sidecar-param-parameter_y:true sidecar-param-parameter_z:1234 Then below parameter map will be added in the request json which is sent to AWS Lambda function : {"params":{"parameter_x":"This is string", "parameter_y":true, "parameter_z":1234}} |
failSafe | No | boolean | Specifies whether failure of Lambda function should result in error or not. Its default value is false. It means that if failSafe is not specified, in that case if lambda function throws an error, then error will be sent to client. | failSafe: true | default is "false" |
enable_error_set | No | boolean | Specified whether error code and error message sent by connector should be overridden by defined error sets | enable_error_set: true | default is "false" |
timeout | No | integer | Specifies timeout for Lambda function in milliseconds. | timeout : 500 |
If timeout parameter is not specified, timeout will occur according to endpoint timeout. Sum of timeout specified in pre and post input configuration should be less then endpoint timeout. In case of timeout occurs, 504_Gateway_Timeout error will occur. |
Mashery Gateway Sidecar Call Configuration to Lambda Function
Field | Mandatory Field
Yes/No |
Type | Description/Value | Example | Notes |
---|---|---|---|---|---|
point | Yes | string | Describes if it is Sidecar preprocessor or postprocessor. | point: PreProcessor
point: PostProcessor |
|
synchronicity | Yes | string | parameter which can be set to either 'request-response','event' | synchronicity:request-response | synchronicity 'request-response' and 'event' is supported |
masheryMessageId | Yes | string | Mashery Gateway unique identifier which links the inbound client request to the Lambda function | ||
packageKey | Yes | string | Package key that was used by user client to make call to Mashery Gateway | ||
serviceId | Yes | string | Unique Id of the API service | ||
endpointId | Yes | string | Unique Id of the service endpoint |
Sidecar Postprocess POST Call To Lambda Function with Backend Response (Specifications)
Field | Mandatory Field
Yes/No |
Type | Description/Value | Example | Notes |
---|---|---|---|---|---|
region | Yes | string | AWS region where Lambda function is hosted | region: eu-west-1 | |
functionARN | Yes | string | AWS ARN to make Lambda function invocation | functionARN: arn:aws:lambda:eu-west-1:190954361614:function:LambdaBasicAsync | |
roleARN | Yes | string | Role ARN which needs to be used for generating assume role credentials | roleARN:arn:aws:sts::680833432085:role/tibco_sidecar_connector_fn2 | Role Name should be start with "tibco_sidecar_connector" |
externalIDKey | Yes | string | ExternalID specified in trust policy of role in IAM will be stored in AWS Parameter Store using Key and Value pair. Key for External ID needs to be specified in this parameter. Using this key, value for External ID will be retrieved from AWS Parameter Store. |
externalIdKey:tibco/prod/trustKey |
Inclusion of external ID strengthen security of AWS Lambda invocation.
As external ID is secure parameter, it is stored in the AWS Parameter Store using secure string. This external ID specified in the trust policy of role which we want to assume in IAM policy. For successful generation of assume role credentials, this external ID must be sent to AWS Lambda. |
sessionName | No | string | AWS Lambda session through assume role will be created with this name | sessionName:assume-role-lambda-access-poc | If not specified session name will be specified in the AWS Lambda Request as "TIBCO_Mashery_SideCar_Connector" |
expirationDuration | No | integer | Assume Role Credentials expiration duration in minutes | expirationDuration:15 | Default value - 60 |
Field | Mandatory Field
Yes/No |
Type | Description/Value | Example | Notes |
---|---|---|---|---|---|
synchronicity | No | string |
This parameter specifies whether request sent to AWS Lambda should be synchronously or asynchronously. If AWS Lambda function needs to be invoked synchronously, then its value should be request-response. If AWS Lambda function needs to be invokedasynchronously, then its value should be Event |
synchronicity: request-response |
Possible values for synchronicity - request-response , event. Default Value - request-response |
include-response-headers | No | string | specifies the API client response headers to be included in the lambda sidecar input. | ||
skip-response-headers | No | string |
specifies the API client response headers to be skipped in the lambda sidecar input. It is mutually exclusive with include-response-headers |
||
require-eavs | No | string | specifies the mandatory application EAVs that must be set to a non-empty value before the request can be handled. These values are also included in the lambda sidecar input; | require-eavs: eav_1,eav_2,eav_3 | The EAVs ARE case-sensitive, and must be included exactly as they are known in Mashery.
All Application level EAVs configured must be present and set in Mashery otherwise block the call. |
include-eavs | No | string | specifies the application EAVs to be included in the labmda function input, if they are present; | ||
require-packageKey-eavs | No | string | specifies the mandatory package key EAVs that must be set to a non-empty value before the request can be handled. These values are also included in the lambda sidecar input; | All Package Key EAVs configured must be present and set in Mashery otherwise block the call. | |
include-packageKey-eavs | No | string | specifies the package key EAVs to be included in the Labmda function input, if they are present; | ||
max-payload-size | No | string | Max payload size that can be sent to Lambda function in KB | max-payload-size: 50 |
default is 10 max is 1024 KB i.e. 1 MB |
max-payload-condition | No | integer | Action to take on max_payload_size condition. Parameter can be set either 'filtering', 'blocking' | max-payload-condition: filtering | default is "blocking" |
expand-input | No | string | specified what other values needs to be included while sending request to lambda function like requestPayload, remoteAddress, token, operation, routing | expand-input: requestPayload, operation | |
sidecar-param-<parameter name> | No | string | In case parameter map needs to sent to AWS Lambda request, then you can define multiple parameters in the format sidecar-param-<parameter_name>:<parameter_value> | sidecar-param-parameter_x:This is string
sidecar-param-parameter_y:true sidecar-param-parameter_z:1234 |
Sidecar connector validates whether parameter value is String, Boolean, Integer or Float, accordingly that parameter is added to the request payload which is sent to AWS Lambda function. Suppose in pre-input configuration, below sidecar params are defined: sidecar-param-parameter_x:This is string sidecar-param-parameter_y:true sidecar-param-parameter_z:1234 Then below parameter map will be added in the request JSON which is sent to AWS Lambda function : {"params":{"parameter_x":"This is string", "parameter_y":true, "parameter_z":1234}} |
failSafe | No | boolean | Specifies whether failure of Lambda function should result in error or not. Its default value is false. It means that if failSafe is not specified, in that case if Lambda function throws an error, then error will be sent to client. | failSafe: true | default is "false" |
enable_error_set | No | boolean | Specified whether error code and error message sent by connector should be overridden by defined error sets. | enable_error_set: true | default is "false" |
timeout | No | integer | Specifies timeout for Lambda function in milliseconds. | timeout : 500 |
If timeout parameter is not specified, timeout will occur according to endpoint timeout. Sum of timeout specified in pre and post input configuration should be less then endpoint timeout. In case of timeout occurs, 504_Gateway_Timeout error will occur. |