Skip to content

nginx-serverless/nginx-lambda-gateway

BranchesTags

Repository files navigation

NGINX Lambda Gateway

Introduction

This project provides a working configuration of NGINX configured to act as an authenticating gateway for the AWS Lambda service. This allows you to proxy a private Lambda function without requiring users to authenticate to it via AWS signature.

Within the proxy layer of nginx-lambda-gateway, additional functionality can be configured such as:

  • Providing an AWS signature based authentication gateway using an alternative authentication system to AWS Lambda functions
  • For internal/micro services that can't authenticate against the AWS Lambda functions (e.g. don't have libraries available) the gateway can provide a means to accessing Lambda functions without authentication
  • Protecting Lambda functions from arbitrary public access
  • For internal/micro services that can't authenticate against the AWS Lambda functions
  • Rate limiting AWS Lambda functions
  • Authenticating users to authorize AWS Lambda functions with a OIDC
  • Protecting AWS Lambda functions with a WAF

Getting Started

Refer to the Getting Started Guide for how to build and run the gateway.

Directory Structure and File Descriptions

nginx-lambda-gateway
β”‚
β”œβ”€β”€ common
β”‚   β”œβ”€β”€ etc
β”‚   β”‚   β”œβ”€β”€ nginx                   default nginx-lambda-gateway configuration
β”‚   β”‚   └── ssl                     contains certificates and NGINX Plus license
β”‚   β”œβ”€β”€ lambda-core
β”‚   β”‚   β”œβ”€β”€ awscredentials.js       common lib to read and write AWS credentials
β”‚   β”‚   β”œβ”€β”€ awssig2.js              common lib to build AWS signature v2
β”‚   β”‚   β”œβ”€β”€ awssig4.js              common lib to build AWS signature v4
β”‚   β”‚   β”œβ”€β”€ lambdagateway.js        common lib to integrate the Lambda from NGINX
β”‚   β”‚   β”œβ”€β”€ lambda_ngx_apis.conf    API endpoints config for nginx-lambda-gateway
β”‚   β”‚   β”œβ”€β”€ lambda_ngx_http.conf    common config under NGINX http directive
β”‚   β”‚   β”œβ”€β”€ lambda_ngx_proxy.conf   common config to be set before proxy_pass
β”‚   β”‚   └── utils.js                common lib to be reused by all NJS codebase
β”‚   └── lambda-emulator             proxy for Lambda Runtime API to locally test
β”‚
β”œβ”€β”€ docker
β”‚   β”œβ”€β”€ Dockerfile.oss              for NGINX OSS  to act as a Lambda gateway
β”‚   └── Dockerfile.plus             for NGINX Plus to act as a Lambda gateway
β”‚
β”œβ”€β”€ docker-compose.yml              Docker config to build and run nginx-lambda-gateway
β”œβ”€β”€ settings.env                    Docker env file
β”‚
β”œβ”€β”€ docs                            contains documentation about the project
β”‚
β”œβ”€β”€ examples
β”‚   β”œβ”€β”€ 01-all-lambda-function-arns NGINX proxy to all Lambda function ARNs
β”‚   β”œβ”€β”€ 02-one-lambda-function-arn  NGINX proxy to one Lambda function ARN
β”‚   β”œβ”€β”€ 03-one-lambda-function-url  NGINX proxy to one Lambda function URL
β”‚   └── 04-lambda-function-arn-url  NGINX proxy to both of Lambda function ARN and URL
β”‚
β”œβ”€β”€ tests                           test launcher and unit/integration test codebase
β”‚
└── Makefile                        automate to build/start/stop nginx-lambda-gateway

Development

Refer to the Development Guide for more information about extending or testing the gateway.

License

All code include is licensed under the Apache 2.0 license.

Inspired Projects

About

NGINX Lambda Gateway

Topics

nginx lambda aws-lambda serverless nginx-plus serverless-computing

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

8 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages