Search code examples
google-cloud-platformgoogle-cloud-api-gateway

Google cloud API Gateway with authentication yaml config file deployment error

I am new in API Gateway and trying to enable security on my API. I follow some instruction which I found on the internet like this: https://medium.com/swlh/manage-serverless-apis-with-api-gateway-in-gcp-b7f906efec1a

Here is my YAML file:

# openapi2-functions.yaml
swagger: '2.0'
info:
  title: simple-test
  description: Sample API on API Gateway with a Google Cloud Functions backend
  version: 1.0.0
schemes:
  - https
produces:
  - application/json
paths:
  /direcciones:
    get:
      summary: get direcciones
      operationId: direcciones
      x-google-backend:
        address: http://publicIP/api/v1/app/catalogos/direcciones
        security:
        - api_key: []
      responses:
        '200':
          description: A successful response
          schema:
            type: string
securityDefinitions:
 api_key:
    type: "apiKey"
    name: "key"
    in: "query"

While deploying this config file in API gateway config, I am getting the following error:

INVALID_ARGUMENT Cannot convert to service config. 'location: "evva.yaml: x-google-backend" kind: ERROR message: "Extension x-google-backend cannot be converted into proto type google.api.BackendRule. Details: Cannot find field: security in message google.api.BackendRule" location: "evva.yaml: x-google-backend" message: "Address field in extension x-google-backend is empty. In this case, the backend address must be provided to the proxy via a runtime flag." location: "evva.yaml: Operation \'get\' in path \'/direcciones\'" message: "Operation does not require an API key; callers may invoke the method without specifying an associated API-consuming project. To enable API key all the SecurityRequirement Objects (https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#security-requirement-object) inside security definition must reference at least one SecurityDefinition of type : \'apiKey\'." ' com.google.apps.framework.request.BadRequestException: Cannot convert to service config. 'location: "evva.yaml: x-google-backend" kind: ERROR message: "Extension x-google-backend cannot be converted into proto type google.api.BackendRule. Details: Cannot find field: security in message google.api.BackendRule" location: "evva.yaml: x-google-backend" message: "Address field in extension x-google-backend is empty. In this case, the backend address must be provided to the proxy via a runtime flag." location: "evva.yaml: Operation \'get\' in path \'/direcciones\'" message: "Operation does not require an API key; callers may invoke the method without specifying an associated API-consuming project. To enable API key all the SecurityRequirement Objects (https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#security-requirement-object) inside security definition must reference at least one SecurityDefinition of type : \'apiKey\'." '

I don't understand this error what change should i need to do in YAML file to make it acceptable while deploying.

Solution

  • The security entry mustn't be "in" the x-google-backend, but bellow the get:. Like this.

    paths:
  /direcciones:
    get:
      summary: get direcciones
      operationId: direcciones
      x-google-backend:
        address: http://publicIP/api/v1/app/catalogos/direcciones
      security:
        - api_key: []