Securing API Endpoints in GCP - dennisholee/notes GitHub Wiki

Configuration is based on NodeJS application.

  1. Configure 'app.yaml' similar to below:
runtime: nodejs
env: flex

manual_scaling:
  instances: 1
resources:
  cpu: 1
  memory_gb: 0.5
  disk_size_gb: 10

endpoints_api_service:
  name: bookself-project-211503.appspot.com
  rollout_strategy: managed
  1. Define API definition (based on OpenAPI standards)
swagger: "2.0"
info:
  description: "A simple Google Cloud Endpoints API example."
  title: "Mobile App PoC"
  version: "1.0.0"
paths: 
  /api:
    get:
      summary: Hello world message 
      responses:
        "200":
          description: OK
      operationId: get_api
      security:
        - api_key: []
#        - firebase: []

host: "bookself-project-211503.appspot.com"

securityDefinitions:
  api_key:
    type: "apiKey"
    name: "key"
    in: "query"

  1. Register API endpoint gcloud endpoints services deploy openapi-appengine.yaml

  2. Generate API key Set API restrictions by selecting project name

  3. Query API with API key