AWS API Gateway
AWS API Gateway is a fully managed service that makes API publishing, maintenance, monitoring, and security easy at any scale.
API Gateway manages all aspects of accepting and processing hundreds of thousands of concurrent API calls. This includes traffic management, authorization, access control, monitoring, and API version and management.
API Gateway does not charge startup fees or minimum fees. Charges are only for API calls received and data transferred out.
API Gateway acts as a proxy for the backend operations.
API Gateway automatically scales to handle the API’s traffic.
API Gateway exposes HTTPS endpoints for all APIs created. It does not support HTTPTP (unencrypted) endpoints.
API Gateway APIs can accept payloads over HTTP in any format, including JSON, XML and query string parameters.
API Gateway can communicate with multiple backendsLambda functions
AWS Step functions state machines
HTTP endpoints that are exposed via Elastic Beanstalk, ELB, or EC2 servers
HTTP-based operations that are not hosted by AWS are accessible via the public Internet.
API Gateway endpoints can be accessed from anywhere on the Internet. They do not reside in a VPC. Proxy requests for backend operations must also be made publicly available on the Internet.
API Gateway assists with many aspects of creating and managing APIs
Meteringautomatically meters traffic to the APIs and lets you extract utilization data for each API key.
Plan that limits third-party developer access, configures throttling and quota limits based on an API key basis.
Securityhelps removes authorization concerns from the backend codes
Allows you to leverage AWS administration and security tools such as IAM or Cognito to authorize API access
You can use the same method AWS uses to verify API calls signed on your behalf.
Supports custom authorizers written in Lambda functions. Verifies incoming bearer tokens.
Protects backend systems automatically from distributed denial of service (DDoS), whether they are attacked with counterfeit requests (Layer 7), or SYN floods(Layer 3).
Resiliency helps manage traffic with throttle so that backend operations can withstand spikes in traffic.
Caching API calls’ output helps improve performance and reduce latency. This allows end users to avoid having to call the backend every time.
CloudWatch’s Operations Monitoring integrates with CloudWatch to provide a dashboard that tracks calls to API services.
CloudWatch Logs integration to receive errors, access, or debug logs
Provides backend performance metrics including API calls, latency data, and error rates.
Lifecycle Management allows multiple API versions and multiple stages (development stage, production, etc.). Each version can be called simultaneously by existing applications so that they can continue to use previous versions even after new API versions are released.
The history of deployments is saved, which allows rollback to previous deployments at any point using APIs or console.
This template is designed for developers and allows you to specify a mapping template to generate static data to be returned. This will help you mock APIs before your backend is ready.
Allows for cross-team development and a shorter time to market for applications. It also allows dependent teams the ability to start development while backend processes are still being built.
Support for stateful (WebSocket), and stateless (HTTP, and REST) APIs.
Flexible and powerful authentication mechanisms such as AWS IAM Policies, Lambda author functions, and Amazon Cognito user pool.
Developer portal to publish your APIs.
Canary release deployments are used to safely roll out changes.
CloudTrail logs and monitors API usage and changes.
CloudWatch access logging, execution logging, and the ability to set alarms are all available.
Ability to use AWS CloudFormation templates for API creation
Support for custo
AWS API Gateway