Sometimes you need simple authentication in front of a REST endpoint that doesn't provide authentication. In this gist I outline how to do this with API Gateway and Lambda.
The original goal with this work was to secure a deployment of Prometheus node_exporter. I have since found the configuration for the prometheus-operator does not support setting custom headers, only Authorization. See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#%3Cscrape_config%3E
What was done:
. Create EC2 instance (sg allows 9100) . Install node_exporter on :9100 . Create Lambda function . Create API Gateway
import json
import urllib
def node_exporter(event, context):
local_filename, headers = urllib.urlretrieve('http://<IP ADDRESS>:9100/metrics')
f = open(local_filename)
data = f.read()
return {
"statusCode": 200,
"body": data
}