堆栈内存溢出
  简体   繁体   English

使用 GCP API 网关的 Graphql 后端的 OpenAPI 配置?

[英]OpenAPI config for a Graphql backend using GCP API Gateway?

 原文  2021-03-30 20:23:51       api/ google-cloud-platform/ graphql/ openapi/ api-gateway

问题描述

I have an apollo/graphql server sitting behind a GCP API gateway.我有一个位于 GCP API 网关后面的 apollo/graphql 服务器。 Google says it requires an OpenAPI spec to secure endpoints: https://cloud.google.com/api-gateway/docs/get-started-cloud-run#creating_an_api_config谷歌表示它需要一个 OpenAPI 规范来保护端点: https://cloud.google.com/api-gateway/docs/get-started-cloud-run#creating_an_api_config

But how exactly would this look for securing a single graphql endpoint?但是,这将如何保护单个 graphql 端点? Also, as a side question, is a new API Gateway needed to be created for each Cloud Run/App Engine service?另外,作为一个附带问题,是否需要为每个 Cloud Run/App Engine 服务创建一个新的 API 网关?

Thanks in advance.提前致谢。

1 个解决方案

解决方案1
 1 已采纳  2021-03-31 06:19:56

Here's a repo that demonstrates what you want to achieve. 这是一个演示您想要实现的目标的存储库。 It's a GCP API Gateway fronting a GraphQL API on Cloud Run, secured with Identity-Aware Proxy.它是 Cloud Run 上面向 GraphQL API 的 GCP API 网关,由身份识别代理保护。 Here's the API config from the link:这是来自链接的 API 配置:

api-spec.yaml api-spec.yaml

swagger: '2.0'
info:
  title: gcp-demo-api
  description: Sample GraphQL API on API Gateway with a Cloud Run backend
  version: 1.0.0
schemes:
  - https
produces:
  - application/json
paths:
  /:
    post:
      summary: GraphQL endpoint
      operationId: gql
      x-google-backend:
        address: https://PROJECT_AND_RANDOM_STRING.a.run.app/graphql  # App URL/endpoint
        jwt_audience: LONG_RANDOM_STRING.apps.googleusercontent.com # IAP client ID
      responses:
        '200':
          description: A successful response
          schema:
            type: object

To answer your side question, it is important to understand what an API Gateway does.要回答您的附带问题,重要的是要了解 API 网关的作用。 An API Gateway is what stands between your user requests and your collection of backend services so all API requests goes through it. API 网关位于您的用户请求和后端服务集合之间,因此所有 API 请求都通过它。

Therefore, you don't need to create a new API gateway for each service.因此,您无需为每个服务创建新的 API 网关。 It is possible in API Gateway to serve multiple services such as Cloud Run, App Engine, Cloud Functions, etc. by specifying the backend address on each endpoint.在 API 网关中,通过在每个端点上指定后端地址,可以为 Cloud Run、App Engine、Cloud Functions 等多种服务提供服务。 Here's a link that further explains the concept.这是进一步解释该概念的链接

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用aws API网关lambda构建web后端apis - build web backend apis using aws API gateway lambda 不使用 API 网关代理集成无法调用后端服务 - unable to call backend service without using API Gateway Proxy Integration API 网关和应用后端认证 - API gateway and app backend authentication 网关vs拨号API后端API - Gateway vs Dialup API backend API's 使用 OpenAPI swagger 资源定义的 terraform 中的 AWS API 网关 - AWS API Gateway in terraform with OpenAPI swagger resource definition 使用 Amazon API Gateway 时,如何从 Django 后端获取请求中使用的 API 密钥? - When using Amazon API Gateway, how do I get the API key used in the request from a Django backend? 使用API​​作为后端池的Azure Application Gateway无法正常工作 - Azure Application Gateway with API as a backend pool is not working GCP API 网关 / yaml / 安全定义无法正常工作 - GCP API Gateway / yaml / security definition not working properly GCP 上的 API 网关错误:API 网关管理服务代理无权为服务创建服务配置 - API Gateway Error on GCP : API Gateway Management Service Agent does not have permission to create Service Configs for Service 用 GraphQL 包装 REST API / 仅使用 GraphQL - Wrapping REST API with GraphQL / just using GraphQL
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM