Invoke Synchronous Express Workflows through API Gateway
This sample project demonstrates how to invoke Synchronous Express Workflows through Amazon API Gateway to manage an employee database.
In this project, Step Functions uses API Gateway endpoints to start Step Functions Synchronous Express Workflows. These then use DynamoDB to search for, add, and remove employees in an employee database.
For more information about Step Functions Synchronous Express Workflows, see Synchronous and Asynchronous Express Workflows in Step Functions.
Note
This sample project may incur charges.
For new AWS users, a free usage tier is available. On this tier, services are free below
a certain level of usage. For more information about AWS costs and the Free Tier, see Step Functions Pricing
Step 1: Create the state machine
-
Open the Step Functions console
and choose Create state machine. -
Type
Invoke Synchronous Express Workflows through API Gateway
in the search box, and then choose Invoke Synchronous Express Workflows through API Gateway from the search results that are returned. -
Choose Next to continue.
-
Choose Run a demo to create a read-only and ready-to-deploy workflow, or choose Build on it to create an editable state machine definition that you can build on and later deploy.
This sample project deploys the following resources:
-
An Amazon API Gateway HTTPS API that is called by a state machine.
-
An Amazon DynamoDB table.
-
Three AWS Step Functions state machines.
-
Related AWS Identity and Access Management (IAM) roles.
The following image shows the workflow graph for the Invoke Synchronous Express Workflows through API Gateway sample project:
-
-
Choose Use template to continue with your selection.
Next steps depend on your previous choice:
-
Run a demo – You can review the state machine before you create a read-only project with resources deployed by AWS CloudFormation to your AWS account.
You can view the state machine definition, and when you are ready, choose Deploy and run to deploy the project and create the resources.
Deploying can take up to 10 minutes to create resources and permissions. You can use the Stack ID link to monitor progress in AWS CloudFormation.
After deploy completes, you should see your new state machine in the console.
-
Build on it – You can review and edit the workflow definition. You might need to set values for placeholders in the sample project before attemping to run your custom workflow.
Note
Standard charges might apply for services deployed to your account.
Step 2: Run the state machine
-
On the State machines page, choose your sample project.
-
On the sample project page, choose Start execution.
-
In the Start execution dialog box, do the following:
-
(Optional) Enter a custom execution name to override the generated default.
Non-ASCII names and logging
Step Functions accepts names for state machines, executions, activities, and labels that contain non-ASCII characters. Because such characters will not work with Amazon CloudWatch, we recommend using only ASCII characters so you can track metrics in CloudWatch.
-
(Optional) In the Input box, enter input values as JSON. You can skip this step if you are running a demo.
-
Choose Start execution.
The Step Functions console will direct you to an Execution Details page where you can choose states in the Graph view to explore related information in the Step details pane.
-
Example State Machine Code
The state machine in this sample project integrates with API Gateway and DynamoDB by using API Gateway to invoke a Synchronous Express Workflow, which then updates or reads from the employee database using DynamoDB.
Browse through this example state machine to see how Step Functions reads from DynamoDB to retrieve employee information.
To understand more about how to invoke Step Functions using API Gateway, see the following.
How to invoke a private Gateway in the API Gateway Developer Guide.
For more information about how AWS Step Functions can control other AWS services, see Integrating services with Step Functions.
{
"Comment": "This state machine returns an employee entry from DynamoDB",
"StartAt": "Read From DynamoDB",
"States": {
"Read From DynamoDB": {
"Type": "Task",
"Resource": "arn:aws:states:::dynamodb:getItem",
"Parameters": {
"TableName": "StepFunctionsSample-SynchronousExpressWorkflowAKIAIOSFODNN7EXAMPLE-DynamoDBTable-ANPAJ2UCCR6DPCEXAMPLE",
"Key": {
"EmployeeId": {"S.$": "$.employee"}
}
},
"Retry": [
{
"ErrorEquals": [
"DynamoDB.AmazonDynamoDBException"
],
"IntervalSeconds": 3,
"MaxAttempts": 2,
"BackoffRate": 1.5
}
],
"Next": "Is Get Successful"
},
"Is Get Successful": {
"Type": "Choice",
"Choices": [
{
"Variable": "$.Item",
"IsPresent": true,
"Next": "Succeed Execution"
}
],
"Default": "Fail Execution"
},
"Succeed Execution": {
"Type": "Pass",
"Parameters" : {
"employee.$": "$.Item.EmployeeId.S",
"jobTitle.$": "$.Item.JobTitle.S"
},
"End": true
},
"Fail Execution": {
"Type": "Fail",
"Error": "EmployeeDoesNotExist"
}
}
}
For information about how to configure IAM when using Step Functions with other AWS services, see How Step Functions generates IAM policies for integrated services.
IAM Examples
These example AWS Identity and Access Management (IAM) policies generated by the sample project include the least privilege necessary to execute the state machine and related resources. We recommend that you include only those permissions that are necessary in your IAM policies.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogDelivery",
"logs:GetLogDelivery",
"logs:UpdateLogDelivery",
"logs:DeleteLogDelivery",
"logs:ListLogDeliveries",
"logs:PutResourcePolicy",
"logs:DescribeResourcePolicies",
"logs:DescribeLogGroups"
],
"Resource": "*"
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:UpdateItem",
"dynamodb:DeleteItem"
],
"Resource": [
"arn:aws:dynamodb:us-east-1:111122223333:table/Write"
]
}
]
}
For information about how to configure IAM when using Step Functions with other AWS services, see How Step Functions generates IAM policies for integrated services.