8

According to Amazon's documentation, step function can be invoked using HTTP API.

Step Functions can be accessed and used with the Step Functions console, the AWS SDKs, or an HTTP API.

I tried to search the detailed information, but can't seem to find any good ones. Does anyone know how to invoke AWS step function using API gateway, similar to the way it invokes Lambda functions?

matsev
  • 32,104
  • 16
  • 121
  • 156
C.Lee
  • 10,451
  • 9
  • 31
  • 46
  • 1
    I was trying to figure this out today. It turns out there's a key difference b/t Lambda and Step Function--when you put an AWS API Gateway API in front of a Lambda, it can be used safely from a client side w/ API keys, auth, etc., and it can return the results to the caller. The Step Function, however, can only be invoked with your AWS credentials. The HTTP API for Step Functions, then, is a substitute for the SDK, not a complementary feature. AFAIK there is no way to call a step function from a client, and get results, as there is with Lambda (which is a bummer). – Brandon Dec 26 '16 at 19:09
  • 1
    Luckily now you can choose Step Functions as AWS Service when you're creating your integration with Integration Type: AWS Service. – David Salamon Jan 23 '17 at 08:18

4 Answers4

4

This is not the "official" AWS way -- see Erndob's answer for that.

The problem with the AWS way (sign each request with AWS credentials) is that most enterprises already have mature methods in place to manage authentication and authorization via their API gateways and (speaking as an enterpise architect) do not want to deal with the headache of duplicating this at the AWS-credential-level.

I'm sure that AWS will eventually integrate Step Functions with API Gateway but as of this writing (1/17) this is probably the simplest way to get the job done. Below is a trivial Lambda proxy function I wrote to leverage the SDK's ability to sign the requests:

'use strict';

const AWS = require('aws-sdk');
const stepfunctions = new AWS.StepFunctions();

exports.handler = (event, context, callback) => {
    if(!event && event.action)
        callback("Error: 'action' is required.");
    if(!event && event.params)
        callback("Error: 'params' is required.");
    
    stepfunctions[event.action](event.params, function (err, data) {
        if (err) 
            console.log(err, err.stack);
        callback(err, data);
    });
};

You will need to grant your Lambda privs to interact with your Step Functions. To give it full access to all operations create a new role and attach the following policies:

  • AWSLambdaBasicExecutionRole
  • AWSStepFunctionsFullAccess

Now configure the Lambda to be invoked via API gateway as normal, passing in an event with two properties:

And be sure to lock your API down! :-)

apb
  • 413
  • 4
  • 8
  • do you have any idea about how to send a sendTaskSuccess and sendTaskFailure? I am not a expert in node.js but I want to test something. – omalave Feb 17 '17 at 14:42
  • When using action=startExecution, the data returned just has the executionArn and startDate. Is there a way to wait for and get the actual step result? – Glenn Aug 04 '17 at 19:04
4

If you need to call StepFunction from API Gateway, it's now possible and described well in docs: https://docs.aws.amazon.com/step-functions/latest/dg/tutorial-api-gateway.html

  • For Integration Type, choose AWS Service
  • For AWS Service, choose Step Functions from the list
  • For HTTP Method, choose POST from the list
  • For Action Type, choose Use action name
  • For Action, type StartExecution
  • For Execution Role, type ARN of role with API Gateway trusted identity provider and attached policy AWSStepFunctionsFullAccess
temoto
  • 5,394
  • 3
  • 34
  • 50
3

It's using HTTP API, not API Gateway.

Step function endpoints follow this format:

https://states.${region}.amazonaws.com

for example:

https://states.us-east-1.amazonaws.com

And you use HTTP API (again, not API gateway) to make actions on your states.

More about HTTP API here:

http://docs.aws.amazon.com/step-functions/latest/apireference/Welcome.html

Technically you could use API gateway, to redirect to step functions API but there's not much point in that.

temoto
  • 5,394
  • 3
  • 34
  • 50
Erndob
  • 2,512
  • 20
  • 32
  • Hi @Emdob, Thank you for the clarification! – C.Lee Dec 14 '16 at 22:43
  • I just took a look at the HTTP API and it needs authentication params in every request. Do you think it would make more sense to use AWS-SDK in a production environment? – C.Lee Dec 14 '16 at 22:57
  • AWS SDK is made to work with HTTP API easier, so yeah, of course. – Erndob Dec 18 '16 at 14:28
1

I recently posted an example code that make it work using CloudFormation and OpenApi on https://stackoverflow.com/a/59326771/6697093.

Julio Villane
  • 994
  • 16
  • 28