API Gateway Flashcards
API Gateway
a serverless offering from AWS, which allows us to create REST APIs that are going to be public and accessible for clients.
the clients will talk to the API Gateway, and the beautiful thing is that the API Gateway will then proxy the request to our lambda functions.
API Gateway + Lambda
we can integrate the API Gateway with the lambda, and that gives us a full serverless application, so no infrastructure to manage.
API Gateway + WebSocket Protocol
We have support for the WebSocket Protocol, so we can do real-time streaming through the API Gateway
API versioning
The API Gateway handle API versioning, so we can go from version one to version two, and version three, and not break our clients,
environments
we can handle multiple environments, that includes a dev, a test, and a prod environment,
API keys
We have the ability to create API keys, do request throttling, in case some clients are doing too many requests on their API Gateway,
common standards
we can also use some common standards, such as swagger, or Open API 3.0, to import quickly defined APIs, and also we can export them as swagger and Open API.
validating requests and response
We can transform and validate requests and response
in the API Gateway level, to ensure that the invocations are correct,
HTTP endpoint
we can expose any HTTP endpoints in the backend,
so it could be, for example, an HTTP API you have on premises, or it could be an Application Load Balancer you have on your cloud environment
in order to add rate limiting, user authentications, API keys
AWS Service
So we can expose any AWS API through the API Gateway, for example, we can start a Step Function workflow, we can post a message to SQS directly
from an API Gateway API.
to add authentication, deploy publicly, rate control on some AWS services.
three ways to deploy your API Gateway
endpoint types
- edge-optimized
- regional deployment
- private API Gateway
edge-optimized endpoint
This is for your global clients, your API Gateway is going to be accessible from anywhere in the world,
and to be efficient, the requests are going to be routed through all the CloudFront Edge locations,
which will improve the latency.
Your API Gateway is still only in one region, where you created it, but it’s accessible, efficiently, from every Cloud formation Edge location.
regional deployment
when we don’t want to use CloudFront Edge locations,
so it’s when we expect all of our users to be
within the same region where we created our API Gateway, and if you wanted to, you could create your own platform distribution,
and this will give you the same result as an edge-optimized distribution, but this time, you have more control over the caching strategies, and the CloudFront settings themselves.
private API Gateway
can only be accessed from within your VPC,
and it will use interface VPC endpoints for your ENIs.
to define access for an API Gateway,
you can use a resource policy.