API GATEWAY
·
Enables developers to create,
publish, maintain, monitor and secure API`s at any scale.
·
This is a HIPAA eligible service.
·
Allows creating, deploying and
managing RESTful API to expand backend HTTP endpoints, Lambda functions, or other
AWS services
·
Together with Lambda, API Gateway
forms the app-facing part of the AWS serverless infrastructure
·
Concepts
o API Deployment - a
point in time snapshot of your APi Gateway API
resources and methods. To be available for clients to use, the deployment must
be associated with one or more stages
o API endpoints - Host
names API`s in APi Gateway. Which are deployed to a
specific region and of the format: rest-api-id.exceute-api.region.amazonaws.com
o API key - An
alphanumeric string that API Gateway uses to identify an app developer who uses
your API
o API stage - A
logical reference to a lifecycle state of your API. API stages are identified
by API ID and stage name.
o MODEL - Data schema
specifying the data structure of a request response payload
o Private integration - An
API Gateway integration type for a client to access resources inside a
customer's VPC through a private API endpoint without exposing the resources to
the public internet
o Proxy integration - you
can set up a proxy integration as an HTTP proxy integration type or a Lambda
proxy integration type.
§
For the HTTP proxy integration, API
Gateway passes the entire request and response between the frontend and an HTTP
backend
§
For the Lambda proxy integration, API
Gateway sends the entire request as an input to a backend Lambda function
o Usage Plans - Provides
selected API clients with access to one or more deployed APIs. You can use a
usage plan to configure throttling and quota limits, which are enforced on
individual Client API keys
·
API
ENDPOINT TYPES
o Edge-optimized API endpoint - The
default host name of the API Gateway API that is deployed to the specified
region while using Cloudfront distribution to facilitate client access
typically from across AWS regions. API requests are routed to the nearest
Cloudfront Point of Presence.
o Regional API endpoint - The
host name of an API that is deployed to the specified region and intended to
serve clients such as EC2 instances in the same AWS region. API requests are
targeted directly to the region specific API Gateway without going through the
Cloudfront distribution.
§
You can apply latency-based routing
on regional endpoints to deploy an API to multiple regions using the same
regional APi endpoint configuration, set the same
custom domain name for each deployed API and configure latency based DNS
records in Route 53 to route client requests to the region that has the lowest
latency.
o Private API endpoint - Allows
a client to securely access private API resources inside a VPC. Private APIs
are isolated from the public Internet, and they can only be accessed using VPC
endpoints for APi Gateway that have been granted
access.
·
Features
o API
Gateway can execute Lambda code in your account, start Step Functions state machines,
or make calls to Elastic Beanstalk, EC2 or web services outside of AWS with
publicly accessible HTTP endpoints
o API
Gateway helps you define plans that meter and restrict third-party developer
access to your APIs
o API
Gateway helps you manage traffic to your backend systems by allowing you to set
throttling rules based on the number of requests per second for each HTTP
method in your APIs
o You
can set up a cache with customizable keys and time-to-live in seconds for your
API data to avoid hitting your backend services for each request
o API
Gateway lets you run multiple versions of the same APi
simultaneously with API Lifecycle
o After
you build, test and deploy your APIs , you can package them in an API Gateway
usage plan and sell the plan as a Software as
a Service (SaaS) product through AWS
Marketplace
o API
Gateway offers the ability to create, update and delete documentation
associated with each portion of your API, such as methods and resources.
·
All of the APIs created expose HTTPs endpoints only. API Gateway does not support unencrypted HTTP endpoints
·
Monitoring
o API
Gateway console is integrated with CloudWatch, so you
get backend performance metrics such as APi calls.
Latency, and error rates
o You
can set up custom alarms on API Gateway APIs
o API
Gateway can also log API execution errors to Cloudwatch
logs
·
Security
o To
authorize and verify API requests to AWS services, API Gateway can help you
leverage signature version 4 authentication, you can use IAM and access
policies to authorize access to your APIs and all your other AWS resources
·
Pricing
o You
pay for only the API calls you receive and the amount of data transferred out.
o API
Gateway also provides optional data caching charged at an hourly rate that
varies based on the cache size you select.
·
Limits
|
Resource or Operation |
Default Limit |
Can be increased |
|
Throttle
limit per account per region |
10000
requests per second (RPS) with an additional burst capacity provided by the
token bucket algorithem, using a max bucket
capacity of 5000 request |
YES |
|
Maximum
number of Regional APIs per account per region |
600 |
NO |
|
Maximum
number of Private APIs per account per region |
600 |
NO |
|
Maximum
number of Edge-Optimized APIs per account per region |
120 |
NO |
|
Maximum
number of stages per API |
10 |
YES |
|
Header
Value size |
10240
byres |
NO |
|
Payload
size |
10
MB |
NO |
Sources:
https://docs.aws.amazon.com/apigateway/latest/developerguide/welcome.html
https://aws.amazon.com/api-gateway/features/
https://aws.amazon.com/api-gateway/pricing/
https://aws.amazon.com/api-gateway/faqs/