Dynamic Deployments with API Gateway Stage Variables and Lambda Aliases
Use existing runtime configurations to create dynamic deployments (for example, using staging variables from API Gateway in Lambda functions)
Dynamic Deployments with API Gateway Stage Variables and Lambda Aliases
This study guide focuses on the DVA-C02 requirement of using runtime configurations to create dynamic deployments. By leveraging API Gateway stage variables and Lambda aliases, developers can manage multiple application environments (Development, Staging, Production) without modifying code or hardcoding resource ARNs.
Learning Objectives
By the end of this guide, you should be able to:
- Define API Gateway stage variables and their use cases.
- Implement dynamic Lambda integrations using the
${stageVariables.variableName}syntax. - Distinguish between Lambda versions and aliases for release management.
- Configure multiple stages in API Gateway to point to different backend resources.
- Describe how to secure and invalidate API Gateway caches per stage.
Key Terms & Glossary
- Stage Variable: A key-value pair defined at the API Gateway Stage level that acts as an environment variable for the API.
- Lambda Alias: A pointer to a specific Lambda function version (e.g.,
PRODpointing to version 5). Aliases are mutable, whereas versions are immutable. - Deployment Stage: A logical reference to a lifecycle state of your API (e.g.,
dev,beta,prod). Each stage has its own deployment and configuration. - Execution Role: An IAM role that allows API Gateway to call backend resources like Lambda functions on your behalf.
- ARN (Amazon Resource Name): The unique identifier for AWS resources, which can be dynamically constructed using variables.
The "Big Idea"
The core challenge in modern CI/CD is moving code across environments without manual intervention or configuration errors. The "Big Idea" here is Externalized Configuration. Instead of the API Gateway being hard-coded to a single Lambda function, it is configured to call a "variable." By changing the value of that variable at the stage level, the entire API can point to a new version of the backend instantly. This enables seamless promotion of code from development to production.
Formula / Concept Box
The Variable Syntax
To access a stage variable within API Gateway (in Lambda ARNs, HTTP endpoints, or Mapping Templates), use the following syntax:
${stageVariables.variableName}
Lambda Integration Mapping Table
| Integration Type | Target String Example |
|---|---|
| Lambda Function | arn:aws:lambda:us-east-1:12345:function:MyFunc:${stageVariables.lambdaAlias} |
| HTTP Proxy | http://${stageVariables.endpointUrl}/v1/resource |
| Parameter Mapping | Value = stageVariables.myHeaderName |
Hierarchical Outline
- API Gateway Stages
- Definition: Snapshots of the API available for use.
- Stage Variables: Key-value pairs (e.g.,
env=prod).
- AWS Lambda Versioning
- $LATEST: The mutable, working version of code.
- Published Versions: Immutable snapshots (v1, v2, v3).
- Aliases: Human-readable pointers (e.g.,
BLUE,GREEN,STAGING).
- Dynamic Integration Flow
- Step 1: Define a variable name in the API Gateway stage.
- Step 2: Use that variable in the Lambda ARN definition.
- Step 3: Grant Lambda execution permissions for the variable-based ARN.
Visual Anchors
Request Routing Logic
Environment Mapping Diagram
\begin{tikzpicture}[node distance=2cm, every node/.style={rectangle, draw, minimum width=3cm, minimum height=1cm, align=center}]
\node (api) [fill=orange!20] {API Gateway\Method Integration}; \node (var) [below of=api, fill=blue!10] {${stageVariables.target}}; \node (alias1) [below left of=var, xshift=-1cm, fill=green!10] {Lambda Alias: \textbf{BETA}}; \node (alias2) [below right of=var, xshift=1cm, fill=red!10] {Lambda Alias: \textbf{PROD}};
\draw[->, thick] (api) -- (var); \draw[->, dashed] (var) -- node[left, xshift=-0.5cm] {If "BETA"} (alias1); \draw[->, dashed] (var) -- node[right, xshift=0.5cm] {If "PROD"} (alias2);
\end{tikzpicture}
Definition-Example Pairs
- Definition: Immutable Versioning — Once a Lambda version is published, the code and configuration cannot be changed.
- Example: Publishing version
10of a payment processor ensures that even if you break the code in$LATEST, version10remains stable for production.
- Example: Publishing version
- Definition: Parameter Mapping — Using stage variables to inject headers or query strings into requests sent to a backend.
- Example: A stage variable
version=v1.2can be mapped to anX-App-Versionheader so the backend knows which API version is calling it.
- Example: A stage variable
Worked Examples
Configuring a Dynamic Lambda Integration
Scenario: You want your prod stage to hit the LIVE Lambda alias and your dev stage to hit the TEST alias.
- Lambda Setup:
- Publish your Lambda function.
- Create two aliases:
LIVE(pointing to version 1) andTEST(pointing to$LATEST).
- API Gateway Stage Variables:
- In the
prodstage settings, add a variable:lambdaAlias=LIVE. - In the
devstage settings, add a variable:lambdaAlias=TEST.
- In the
- Method Integration:
- Go to your API Resource > Method > Integration Request.
- Set Lambda Function to:
MyFunctionName:${stageVariables.lambdaAlias}.
- Permissions (The Gotcha!):
- When using variables, the AWS Console cannot automatically add permissions.
- You must manually run the
aws lambda add-permissioncommand to allow API Gateway to invoke specific aliases.
[!IMPORTANT] If you use a variable in the Lambda ARN, you must grant permission for API Gateway to invoke the resolved ARN of every alias you intend to use.
Checkpoint Questions
- What is the correct syntax to reference a stage variable named
dbEndpointin an API Gateway mapping template? - Can stage variables be used to change the AWS Region of a Lambda integration dynamically? (e.g.,
arn:aws:lambda:${stageVariables.region}:...) - Which Lambda version is used if an alias is not specified in the ARN?
- Why should you enable caching for production stages but not development stages?
- How can a client force an immediate refresh of an API Gateway cache if they have the proper IAM permissions?
▶Click to see answers
${stageVariables.dbEndpoint}- Yes, stage variables can be used in the region and account-id portions of the ARN.
- If no alias or version is specified, it defaults to the latest version of the function (though in API Gateway, you usually specify the full ARN).
- Caching improves performance and reduces costs for high-traffic production loads; in development, you want to see code changes immediately without waiting for a TTL to expire.
- By passing the
Cache-Control: max-age=0header in the request.