API Gateway Flashcards
What is API Gateway
Application Programming Interface Gateway. Fully managed service that. makes it easy for developers to publish, maintain, monitor or secure API. Easily create an API that acts as a “front door” for apps to access data, business logic or functionality from backend service.
- Apps running on EC2
- Code running on Lambda
- Or any webapp
What kind of API does API Gateway support?
RESTful API.
Uses JSON
How does API Gateway prevent attacks
Throttles requests
What services can API Gateway connect to serverlessly?
Lambda
DynamoDB
Monitoring Service for API Gateway
CloudWatch
CloudWatch Logs
What is API Caching
API Gateway allow to cache endpoint response. This reduces the number of calls made to an endpoint and can improve latency of API requests. These caches have TTLs.
Describe Same Origin Policy
Web browser permits scripting contained in 1st webpage to access data on 2nd webpage (but only if webpages have the same orgin)
This is done to prevent cross-site scripting (XSS) attacks
Enforced by web browsers
Must set up CORS for this
What is CORS
Cross Origin Resource Sharing
relax same-origin policy
Broswer makes HTTP OPTIONS Orgin Policy error means need to connect CORS
If using JS/Ajax and use multiple domains w? API gateway ensure you have enabled CORS
Who enforces CORS
the client
How to import API from an external definition file into API Gateway
Swagger v2.0 definition file
How to create a new API with external definition file
submit POST request include Swagger definition in payload and endpoint config
How to update an existing API with external definition file
PUT request. Contain Swagger definition in payload.
How to specify options in API call
Add query param in request URL
Default limit steady state rate request API Gateway
10000 requests per sec (rps)
Max concurrent requests API Gateway
5000 across all APIs w/in AWS account
What happens if you go over the max steady state rate or concurrent request rate in API Gateway
receive a 439 TooManyRequestError response
Can API Gateway support SOAP APIs
API Gateway can be configured as a SOAP web service passthrough
and
API Gateway can convert XML responses recieved from SOAP API to JSON
What does it mean if you receive an HTTP 504 error in API Gateway
Integration Timeout
Could be a Lambda function is timing out (running for more than 29 seconds)
How to make API available for certain environment (prod, test, dev)
API stage
What 2 types of proxy integration are there in API Gateway
HTTP proxy
Lambda proxy
What are common things that API Gateway can do
Execute Lambda code
Start Step Functions state machines
Call Elastic Beanstalk
Call EC2
Call web services outside AWS with HTTP endpoint
How to run multiple versions of API at same time in API Gateway
API Lifecycle
Does API Gateway support HTTP endpoints, HTTPS, or both?
Only HTTPS endpoints
What service should you use if you want to trace and analyze user requests through API Gateway
AWS X-Ray
