Amazon API Gateway

Amazon API Gateway

  • Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.
    • REST APIs
    • HTTP APIs
    • WebSocket APIs
  • It handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.
  • With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services

Features of API Gateway

  • Support for stateful (WebSocket) and stateless (HTTP and REST) APIs.
  • Powerful, flexible authentication mechanisms
  • Developer portal for publishing your APIs.
  • CloudTrail logging and monitoring of API usage and API changes.
  • CloudWatch access logging and execution logging, including the ability to set alarms.
  • Ability to use AWS CloudFormation templates to enable API creation.
  • Support for custom domain names.
  • Integration with AWS WAF for protecting your APIs against common web exploits.
  • Integration with AWS X-Ray for understanding and triaging performance latencies.

API Gateway use cases

  • Create HTTP APIs
    • HTTP APIs enable you to create RESTful APIs with lower latency and lower cost than REST APIs.
    • You can use HTTP APIs to send requests to AWS Lambda functions or to any publicly routable HTTP endpoint
  • Create REST APIs
    • An API Gateway REST API is made up of resources and methods.
  • Create WebSocket APIs
    • In a WebSocket API, the client and the server can both send messages to each other at any time.
    • Backend servers can easily push data to connected users and devices, avoiding the need to implement complex polling mechanisms.

API Gateway pricing

  • API caching in Amazon API Gateway is not eligible for the AWS Free Tier.
  • Requests are not charged for authorization and authentication failures.
  • Calls to methods that require API keys are not charged when API keys are missing or invalid.
  • API Gateway-throttled requests are not charged when the request rate or burst rate exceeds the preconfigured limits.
  • Usage plan-throttled requests are not charged when rate limits or quota exceed the preconfigured limits.
  • https://aws.amazon.com/api-gateway/pricing/

API Gateway – Deployment Stages

  • Making changes in the API Gateway will not effective
  • You need to make a “deployment” to make the API work
  • Changes are deployed to “Stages”
  • Use the naming you like for stages (dev, test, prod)
  • Each stage has its own configuration parameters

API Integration Type

  • API integration type selected according to the types of integration endpoint you want to work
  • Integration Type AWS
    • This type of integration lets an API expose AWS service actions
    • You must configure both the integration request and integration response
    • Setup data mapping using mapping templates for the request & response
  • Integration Type MOCK
    • API Gateway returns a response without sending the request to the backend
  • Integration Type AWS_PROXY
    • This integration relies on direct interactions between the client and the integrated Lambda function.
    • No mapping template
    • The HTTP response from the backend is forwarded by API Gateway
  • Integration Type HTTP_PROXY
    • You do not set the integration request or the integration response.
    • API Gateway passes the incoming request from the client to the HTTP endpoint and passes the outgoing response from the HTTP endpoint to the client
    • No mapping template
  • Integration Type HTTP
    • You must configure both the integration request and integration response

Mapping Templates

  • AWS & HTTP Integration
  • Mapping templates can be used to modify request / responses
  • Rename / Modify query string parameters
  • Modify body content
  • Add headers
  • Filter output results (remove unnecessary data)

AWS API Gateway Swagger / Open API spec

  • Swagger can be written in YAML or JSON
  • You can export current API as Swagger / OpenAPI spec
  • Import existing Swagger / OpenAPI 3.0 spec to API Gateway

Enabling API Caching

  • You can enable API caching in Amazon API Gateway to cache your endpoint’s responses.
  • Reduce the number of calls made to your endpoint and improve the latency of requests to your API.
  • Default TTL (time to live) is 300 seconds (min: 0s, max: 3600s)
  • Caches are defined per stage
  • Cache capacity between 0.5GB to 237GB

API Gateway API Keys

  • If you want to make an API available to your customers
  • Uses API keys to identify API clients and meter access
  • Alphanumeric string values to distribute to your customers
  • Ex: ABCS23GF45hjvdydeg565DHGF6576tb
  • Can use with usage plans to control access
  • Throttling limits are applied to the API keys
  • Quotas limits is the overall number of maximum requests

API Gateway – CORS

  • Cross-origin resource sharing (CORS) is a browser security feature that restricts cross-origin HTTP requests
  • CORS must be enabled when you receive API calls from another domain
  • It can be enabled through the console
  • The OPTIONS pre-flight request must contain the following headers:
    •  Access-Control-Allow-Methods
    •  Access-Control-Allow-Headers
    • Access-Control-Allow-Origin

API Gateway – Logging & Tracing

  • CloudWatch Logs:
    • Enable CloudWatch logging at the Stage level (dev, stg, prod)
    • Create an IAM role for logging to CloudWatch
    • https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-cloudwatch-logs/
    • Can override settings on a per API basis (ex: ERROR, DEBUG, INFO)
    • Log contains information about request / response body
  • X-Ray:
    • Enable tracing to get extra information about requests in API Gateway
    • X-Ray API Gateway + AWS Lambda gives you the full picture
Amazon API Gateway

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top