Building a serverless airline booking API
Kumologica is a free low-code development tool to build serverless integrations. You can learn more in this medium article or on our website.
In the previous article of this series, we discussed the use case of “Building a serverless KYC flow”. In this next article of this series, we will build a serverless flow for accepting and saving airline booking information.
Use Case
Accepting specific information and storing it in the database is a common use case. Lets consider the scenario of accepting information that represents airline booking details and saving it to DynamoDB. In addition to this, the API entry and exit logs will be captured in Splunk. And for retrieving secrets (DynamoDB end-point details and Splunk tokens) we will access the secure vault service provided by Hashicorp Vault.
Logs play a very important role in software, and if designed and implemented properly, acts as the reference to the events that has transpired in the application at a point cut reference in time. Enterprises are increasingly turning towards using Splunk to power their enterprise logging infrastructure.
Managing application secrets and sensitive information in a secured manner is one of the main tenets of security and Hashicorp Vault provides a simple infrastructure for managing an enterprise security assets.
Solution
We will develop a single flow that will be deployed as an AWS lambda function.
Outline of the use case implementation is as below:
- The flow will receive the airline booking information in JSON format as part of the request.
- The flow will use HashiCorp Vault node to retrieve:
- DynamoDB end-point and login credentials.
- the Splunk HTTP Event Collector (HEC) token. This token will be used to securely log into Splunk and write the entry and exit logs.
3. The flow will use Kumologica Splunk node to login (using the secret obtained from HashiCorp Vault) and write the event.
Implementation
Follow the development process on the video tutorial below:
- Open Kumologica designer.
- On the popup Click Create New Project.
- Provide the Project Name and Location to save your project and click Save.
- Drop from the palette an EventListener node onto the canvas with the EventSource as Amazon API gateway , verb as POST and resource end-point as /tickets.
- HashiCorp Vault node is part of contrib nodes. Click on the button “Add more nodes” to add the HashiCorp Vault node to the main palette. The newly added node will be available under the category “SECURITY”.
- Drop from the palette HashiCorp Vault node onto the canvas. Configure it as outlined below for reading the Splunk security token.
NOTE: HashiCorp Vault node supports other authentication mechanisms like “AppRole” and “UserName and Password”. Detailed notes are available in the node documentation.
7. Splunk node is part of contrib nodes. Click on the button “Add more nodes” to add the Splunk node to the main palette. The newly added node will be available under the category “SECURITY”.
8. Drop from the palette Splunk node onto the canvas. Configure it as outlined below to write the entry log.
9. Similarly use HashiCorp Vault node to read DynamoDB end-point.
10. Drop from the palette DynamoDB node onto the canvas. Configure it to write the JSON data representing the airline booking details.
11. Drop from the palette Splunk node onto the canvas. Configure it as outlined below to write the exit log.
12. Drop from the palette a EventListener End node to close the flow and respond. In this node set the status code as 200 and payload as:
payload: `Airline booking details successfully saved to DynamoDB.`The resulting flow must be looking like this:
Conclusion
Thanks for reading (or watching the video tutorial). We hope you enjoyed this use case and appreciate how simple is to implement these type of serverless integrations with Kumologica. We would love to hear your feedback, and don’t hesitate to contact us if you have any questions.
To learn more about Kumologica checkout our official documentation at kumologica.com.
