Building Real-Time Applications with Aws Websocket and Api Gateway

Author

Reads 1.3K

A laptop displaying an analytics dashboard with real-time data tracking and analysis tools.
Credit: pexels.com, A laptop displaying an analytics dashboard with real-time data tracking and analysis tools.

Building real-time applications with AWS Websocket and API Gateway is a game-changer for developers.

API Gateway can handle WebSocket connections, allowing us to build scalable and secure real-time applications.

With AWS Websocket, we can establish bidirectional communication between clients and servers, making it perfect for applications that require real-time updates, such as live updates or live chat.

API Gateway can also handle WebSocket connections through its WebSocket API, which provides a simple and secure way to connect to our WebSocket endpoint.

Setting Up

To set up API Gateway for WebSocket support, you first need to create a WebSocket API. This will allow you to define routing selections based on the content of the messages sent over the WebSocket connection.

AWS API Gateway supports defining multiple routes for a WebSocket API. For example, you can define a $default route, a disconnect route, and a message route, each associated with a different Lambda function that will handle incoming WebSocket messages.

Credit: youtube.com, AWS API Gateway Websocket Tutorial With Lambda | COMPLETELY SERVERLESS!

A JSON configuration snippet can be used to define these routes. Each route will have a corresponding Lambda function that will be triggered when a message is received over the WebSocket connection.

By defining these routes, you can control how your WebSocket API responds to different types of messages and events. This will help you build a robust and scalable WebSocket-enabled application with AWS Lambda and API Gateway.

Curious to learn more? Check out: Python Websocket Aws Lambda

Creating and Managing

Creating and Managing your AWS WebSocket API is a crucial part of building a real-time chat app. You need to manage connected users and client apps, which can be done using the $connect and $disconnect routes.

To use these routes, you'll need to define them in your API Gateway, and each route will require an associated Lambda function. These functions will handle the WebSocket connection and message processing.

You can create and configure Lambda functions to handle messages, which is essential for processing the data sent through the WebSocket connection. Here's an example of how to set up a Lambda function for handling messages:

Remember to extract the connection ID from the event object to process the message accordingly. This is a critical step in managing your WebSocket API.

Security and Access Control

Credit: youtube.com, AWS API Gateway - WebSocket API + EC2 (HTTP & VPC Link & Auth & API Keys & Lambda Authorizer)

API Gateway supports multiple mechanisms for controlling and managing access to your WebSocket API, including Standard AWS IAM roles and policies, IAM tags, and Lambda authorizers.

You can use IAM roles and policies to control who can create and manage your APIs, as well as who can invoke them. IAM tags can be used together with IAM policies to control access.

To improve your security posture, it's recommended to configure an authorizer for the $connect route on all your WebSocket APIs. This can be done using Lambda authorizers, which are similar to those for REST APIs but with some exceptions.

Here are the different mechanisms for controlling access to your WebSocket API:

  • Standard AWS IAM roles and policies
  • IAM tags
  • Lambda authorizers

Control Access with Request Authorizers

You can use Lambda authorizers to control access to your WebSocket APIs. IAM roles and policies offer flexible and robust access controls, but Lambda authorizers provide an additional layer of security.

To set up a Lambda authorizer, you can only use it for the $connect route. This is a key difference between WebSocket and REST APIs.

A fresh viewpoint: Aws Lambda S3

Credit: youtube.com, Secure AWS Gateway with Custom Authorizers: Step-by-Step Guide

A Lambda authorizer function in WebSocket APIs is similar to that for REST APIs, but with some exceptions. You can't use path variables (event.pathParameters) because the path is fixed.

The context variables in event.requestContext are different from those for REST APIs. For example, in the case of $connect, methodArn ends with "$connect".

Here are some key differences to keep in mind when setting up a Lambda authorizer for your WebSocket API:

By using a Lambda authorizer, you can control access to your WebSocket API and ensure that only authorized users can connect.

Throttle for Higher Throughput

API Gateway throttles requests to your API using the "token bucket algorithm", where a token counts for a request.

This algorithm examines the rate and a burst of request submissions against all APIs in your account, per Region. A burst can allow pre-defined overrun of those limits, but other factors can also cause limits to be overrun in some cases.

Check this out: Aws S3 Limits

Professional stock market analyst monitoring data on multiple screens at a workstation.
Credit: pexels.com, Professional stock market analyst monitoring data on multiple screens at a workstation.

You can set the target limits for individual API stages or routes to improve overall performance across all APIs in your account. This is done to help protect your APIs from being overwhelmed by too many requests.

API Gateway throttles requests when they exceed the steady-state request rate and burst limits, causing clients to receive 429 Too Many Requests error responses. Clients can resubmit the failed requests in a way that is rate limiting.

Throttles are applied on a best-effort basis and should be thought of as targets rather than guaranteed request ceilings. This means you can't rely solely on throttling to prevent overload, but it can help mitigate the issue.

Request Validation

Request validation is a crucial aspect of security and access control in API Gateway. It ensures that incoming messages are properly validated against defined models.

To implement request validation, you need to define validation models and map them to specific keys. For instance, you might create a model called connectModel and map it to a key called action.

HTML and CSS code on a computer monitor, highlighting web development and programming.
Credit: pexels.com, HTML and CSS code on a computer monitor, highlighting web development and programming.

The API Gateway uses a selection expression to determine which model to use for validation. This expression is typically specified in the API Gateway configuration.

At runtime, the API Gateway evaluates the expression and selects the matching model. If no match is found, it falls back to a default model if one is defined.

Here's a breakdown of how different messages will work together in the API Gateway:

This validation process helps prevent unauthorized access and ensures that only valid messages are processed by the API Gateway.

Routing and Responses

API Gateway calls the $connect route when a persistent connection between the client and a WebSocket API is being initiated. This allows you to manage connected users and client apps.

You can create custom routes for your WebSocket API, directing incoming JSON messages to backend integrations based on route selection expressions. For example, if your JSON messages contain an action property, your route selection expression might be ${request.body.action}.

You might enjoy: Websocket Client in Java

Credit: youtube.com, Back to Basics: Building Serverless Async Webapps Using API Gateway and Websockets

API Gateway will not pass the backend response through to the route response unless you set up a route response. You can define the $default route response for WebSocket APIs using an integration response to manipulate the response from a backend service.

Here are the predefined routes that can be used:

  • $connect: called when a persistent connection between the client and a WebSocket API is being initiated
  • $disconnect: called when the client or the server disconnects from the API
  • $default: called if the route selection expression cannot be evaluated against the message or if no matching route is found

Set Up Route Responses

Setting up route responses for WebSocket APIs in API Gateway is a crucial step to enable two-way or one-way communication. You can only define the $default route response for WebSocket APIs.

API Gateway will not pass the backend response through to the route response unless you set up a route response. This means you need to configure a route response to manipulate the response from a backend service.

You can use an integration response to manipulate the response from a backend service, similar to integration responses for REST APIs. This allows you to configure transformations on the returned message payload.

Check this out: Websocket Service

Computer server in data center room
Credit: pexels.com, Computer server in data center room

Here are the key differences between route responses for WebSocket APIs and REST APIs:

If a route is configured for one-way communication, no response will be returned over the WebSocket channel after the message is processed, regardless of any integration response configuration. This is because API Gateway will not pass the backend response through to the route response.

Use Routes

Routing is a crucial aspect of building a WebSocket API, and it's essential to understand how to use routes effectively. API Gateway calls the $connect route when a persistent connection between the client and a WebSocket API is being initiated.

To create routes for your WebSocket API, you can use a route selection expression that directs incoming JSON messages to backend integrations. Non-JSON messages are directed to a $default route that you configure.

You can define custom routes based on the content of the messages sent over the WebSocket connection. For example, if your JSON messages contain an action property, your route selection expression might be ${request.body.action}.

A fresh viewpoint: Websocket Use Cases

Computer server in data center room
Credit: pexels.com, Computer server in data center room

API Gateway calls a custom route after the route selection expression is evaluated against the message if a matching route is found; the match determines which integration is invoked. API Gateway calls the $default route if the route selection expression cannot be evaluated against the message or if no matching route is found.

Here are the predefined routes that can be used:

  • $connect: called when a persistent connection between the client and a WebSocket API is being initiated
  • $disconnect: called when the client or the server disconnects from the API
  • $default: called if the route selection expression cannot be evaluated against the message or if no matching route is found

Integrations and Lambda

API Gateway WebSocket APIs can be connected to Lambda functions, allowing you to process and respond to messages in real-time.

To connect Lambda functions to your WebSocket API, you must grant permissions for API Gateway to invoke your Lambda functions using the AWS CLI command, such as the one shown in Example 2.

This connection enables you to write business logic in Lambda functions that can be invoked by API Gateway, making it easy to integrate your WebSocket API with your existing backend services.

Here are the three predefined routes that can be used when integrating with Lambda functions:

  • $connect: called when a persistent connection between the client and a WebSocket API is being initiated.
  • $disconnect: called when the client or the server disconnects from the API.
  • $default: called if the route selection expression cannot be evaluated against the message or if no matching route is found.

Set Up Integration Response

Engineer fixing core swith in data center room
Credit: pexels.com, Engineer fixing core swith in data center room

API Gateway's integration response is a way of modeling and manipulating the response from a backend service. It's similar to integration responses for REST APIs, but with some differences in setup for WebSocket APIs.

For two-way communication routes, an integration response allows you to configure transformations on the returned message payload. This is useful for customizing the response data before sending it back to the client.

API Gateway won't pass the backend response through to the route response unless you set up a route response. This is a key difference between two-way and one-way communication routes.

Here's a summary of the types of communication routes:

  • Two-way communication: Backend response is passed through to the route response with integration response transformations.
  • One-way communication: No response is returned over the WebSocket channel after the message is processed.

Remember, you can only define the $default route response for WebSocket APIs. If you need to manipulate the response from a backend service, use an integration response.

Integrations

Integrations are a crucial part of connecting your Lambda functions to your WebSocket API in API Gateway. To start, you must grant permissions for API Gateway to invoke your Lambda functions, which can be done using the AWS CLI command.

Credit: youtube.com, Lambda Custom Integration | Api gateway lambda integration | Lambda non proxy integration

API Gateway calls predefined routes when a client connects or disconnects from the API. These routes include $connect, $disconnect, and $default. The $connect route is called when a persistent connection is being initiated, while the $disconnect route is called when the client or server disconnects.

You can use both proxy and non-proxy integrations to pass information from the $connect route to a database or other AWS service. This is especially useful when you need to handle connection information in your backend service.

To create a Lambda function for handling messages, you need to define a route in your API Gateway. This route will determine which integration is invoked based on the route selection expression. You can use a custom route key value to match the value of a property in the message against the route key values in the routing table.

Here's a summary of the different types of routes in API Gateway:

Each route in your API Gateway needs an associated Lambda function to process the message. The Lambda function can use the connection ID and message data to perform the necessary actions.

Rest vs Truth

Detailed view of stock market charts and data on a monitor, showcasing market trends.
Credit: pexels.com, Detailed view of stock market charts and data on a monitor, showcasing market trends.

REST APIs are one-way, meaning they only allow communication from the client to the server.

This can lead to higher latency, as the client has to constantly poll the server for updates.

REST APIs are not designed for real-time communication, indicated by the ✅ in the "Real-time" row of the Table of Truth.

In contrast, WebSocket APIs offer a two-way communication channel, allowing both the client and server to send data to each other.

This persistent connection enables lower latency and real-time communication, making it ideal for applications that require immediate updates.

Here's a summary of the key differences between REST and WebSocket APIs in a table:

Architecture and Design

Amazon API Gateway WebSockets is an excellent alternative to pooling, potentially cheaper for high-traffic services.

AWS IoT Core MQTT can be used for real-time frontend feature toggles, thanks to the hassle-free integration made possible by the AWS Amplify plugin.

Maintaining a WebSocket connection might be more cost-effective than making periodic requests to the API, depending on the traffic your service receives.

AWS Amplify makes integrating your frontend with AWS IoT Core a seamless process.

Components and Lifecycle

Credit: youtube.com, NGINX+ and Highly Available WebSockets in an Auto-Scaling AWS Environment | SolvIT Inc.

A WebSocket API in AWS is made up of several key components, including routes, integrations, and connection IDs.

Routes are essentially message types, such as $connect, $disconnect, and custom ones like sendmessage. These routes trigger Lambdas, which handle the logic for each type of message.

Integrations are the backend services that handle the route logic, and can be a Lambda, an HTTP endpoint, or an AWS service.

Here's a breakdown of the WebSocket API lifecycle:

  1. Client connects → $connect route triggers a Lambda
  2. Client sends a message → Route like sendmessage triggers another Lambda
  3. Backend responds → Can use callback URL to push messages back to client
  4. Client disconnects → $disconnect route triggers clean-up Lambda

This lifecycle is crucial to understanding how a WebSocket API works, and how to build one using AWS services.

Lifecycle

The lifecycle of a WebSocket API is an essential aspect to understand. A client connects to the API, triggering a Lambda function via the $connect route.

The client can then send messages, which are handled by a route like sendmessage, triggering another Lambda function. This process is crucial for real-time communication.

The backend responds to the client's messages, and to push messages back to the client, you can use a callback URL. This is a key feature of WebSocket APIs.

As the client disconnects, a clean-up Lambda function is triggered via the $disconnect route. This ensures that any necessary clean-up tasks are performed.

For another approach, see: Client Websocket C#

Components

An artist's illustration of artificial intelligence (AI). This image visualises the streams of data that large language models produce. It was created by Tim West as part of the Visualisin...
Credit: pexels.com, An artist's illustration of artificial intelligence (AI). This image visualises the streams of data that large language models produce. It was created by Tim West as part of the Visualisin...

In a WebSocket API, routes are the foundation of how messages are handled. They're essentially message types, like $connect, $disconnect, or custom ones like sendmessage.

The integrations are the backend systems that handle the route logic. This can be a Lambda function, an HTTP endpoint, or even an AWS service.

A unique identifier is assigned to each client connection, known as the Connection ID. This is similar to how WhatsApp assigns a unique contact ID to each user.

Data Transformations

Data Transformations are crucial in API Gateway, especially when dealing with WebSocket APIs. In these cases, the method request payload can be in a different format from the integration request payload.

API Gateway allows you to use mapping templates to map payloads from method requests to integration requests and from integration responses to method responses.

You can specify a template selection expression to determine which template to use for data transformations. This is particularly useful when the backend requires a different payload format for the integration request.

By using mapping templates, you can ensure that the payload formats match the requirements of the backend and frontend. This helps prevent errors and ensures smooth communication between the different components of the API.

You might like: When to Use Websockets

Frequently Asked Questions

What is the difference between AWS API Gateway REST and WebSocket?

AWS API Gateway REST and WebSocket differ in their communication style: REST APIs receive and respond to requests, while WebSocket APIs enable two-way real-time communication between clients and backends. This allows for more interactive and dynamic applications with WebSocket.

Does AWS WAF support WebSocket?

AWS WAF does not support direct association with WebSocket APIs, but it can be used with REST APIs in API Gateway. Learn more about WAF's limitations and workarounds for WebSocket APIs.

Jeannie Larson

Senior Assigning Editor

Jeannie Larson is a seasoned Assigning Editor with a keen eye for compelling content. With a passion for storytelling, she has curated articles on a wide range of topics, from technology to lifestyle. Jeannie's expertise lies in assigning and editing articles that resonate with diverse audiences.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.