API Gateway Flashcards
With what backends can API Gateway communicate?
"Lambda Functions HTTP Mock AWS Services VPC Link"
What is the Enable Throttling feature?
limits the requests sent to your API to a set level
Steady-state vs burst request
“Steady-state - requests per second
burst - requests per milisecond”
What is the API Caching feature?
Gateway caches your responses for a specified TTL period to reduce future latency to your API
What is a stage?
“A feature for grouping functions and providing general setting (like throttling) for those functions
individaul methods can override with their own settings”
What are the access control mechanisms?
“Resource polocies
IAM roles/polocies
CORS
Lambda authorizers(lambda functions for authorizing requests)
Cognito user pools
Client side SSL certificate(gateway to resource)
Usage plans”
What is a Usage plan?
“create custom plans for users and provide them API keys
the plan limits usage of API stages/methods and tracks usage”
What is the default security measure provided from API Gateway?
“Protection from DDoS attacks
But it is not configured for every use case”
What are the cache settings?
“Flush entire cache
cache capacity
Encrypt cache data
cashe Time-to-live(TTL)”
Access logging vs CloudTrail
“Access logging - info regarding API calls to the Gateway
CloudTrail - info regarding api calls within the Group”