AWS API Gateway

-

 AWS API Gateway



AWS API Gateway - 

  • Enables developers to create, publish, maintain, monitoring, and secure APIs at any scale
  • Allows creating, deploying and managing a restful api to to expose backend HTTP endpoints, lamda functions or other AWS services 
  • Together with lamda, API Gateway forms the app facing part of the AWS Serverless Infrastructure

Features - 
  • API Gateway can execute Lamda code in your account,start step function state machines, or make calls to elastic beanstalk, EC2, or web services outside of AWS with publically acceessible HTTP endpoints 
  • API Gateway helps you define plans that meter and restric third party developer access to your API 
  • API Gateway helps you to manage traffic to your backend systems by allowing you to set throttling rules based on the number of requests per sec for each HTTP method in your API 
  • You can set up a cache with a customaizable keys and time-to-live in sec for your API data to avoid hitting your backend service for each request.
  • API Gateway lets you run multiple versions of the same API simultaneously with API lifecycle 
  • After you build, test and deploy the APIs, you can package them in an API gateway usage plan as a software as a service product through AWS Marketplace 
  • API Gateway offers the ability to create, update and delete documention associated with each portion of your API, such as methods and resources 
  • You can create a data mapping definations from an HTTP APIs method req data to the HTTP API method response parameters 
  • Use wildcard custom domains names (*.example.com) to create multiples URLs that route to one API Gateway HTTP API 
  • You can configure your custom domain name to route requests to different APIs. Using multi-level base path mapping, you can implement path-based API versioning and migrate API traffic between APIs according to request path with many segments 
  • All the APIs created expose HTTP endpoints only. API Gateway does not support unencrypted (HTTP) endpoints  


AWS API Gateway Monitoring - 
  • API Gateway console is integrated with Cloudwatch, so you get backend performance metric such as API calls, latency and errror rates 
  • You can set up custom alarms on API Gateway APIs
  • API Gateway can also log API execution errors to Cloudwatch logs

AWS API Gateway security - 
  • To authorize and verify API requests to AWS services, API Gateway can help you leverage signature version 4. Using signature version 4 authentication, you can use IAM and access policies to authorize access to your APIs and all your other AWS resources 
  • You can enable AWS WAF for your APIs in API Gateway, making it easier to protect your APIs against common web exploits such as SQL injection and cross-site scripting (XSS)
  • For API Gateway HTTP APIs, in addition to the previously OIDC/OAuth2 authorization option, you can also secure them using lamda authorizers and IAM authorizers 

AWS API Gateway Pricing -  
  • You pay only for the API calls you recieve and the amount data transfered out.
  • API Gateway also provides optional data caching charge at an hourly rate that varies based on the cache size you select

Comments

Post a Comment

Popular posts from this blog

AWS Instance Store

-
Image
 AWS Instance Store  AWS Instance Store -  Hardware storage directly attached to EC2 instance amd cannot be detached and attached to another instance  Highest IOPS for any available storage Ephemiral Storage (Loses data when instance is terminated, stopped or hibernated) Good to buffer/cache/scratch data/temporary content  AMI created from an instance does not its instance store volume preserved  You can specify the instance store volumes to an instance when you launch the instance. You can't attach instance store volumes to an instance after you’ve launched it. Raid -  Raid 0  Improve performance of a storage volume by distributing reads and write in a stripes across attached volumes  If you add a storage volume you get the straight addition of throughput and iops For high performance applications Raid 1   Improve data availability by mirroring in multiple volumes For critical applications
Read more

AWS Identity and Access Management

-
Image
  IAM Introduction to IAM -  AWS identity and management is a web service that helps you to securely control access to AWS resources You use IAM to control who is authenticated and authorized to use resources IAM allows you to create and manage AWS users and groups , and use permissions to allow or deny their access to AWS resources IAM is a fundamental part of AWS security, as it allows you to implement the principle of least privilege , ensuring that users and applications have only the permissions they need to perform their tasks IAM also provides features such as multi-factor authentication (MFA) , password policies, and access keys to enhance the security of your AWS environment Features of IAM -  IAM User  -   IAM allows you to create and manage users in your AWS account Each IAM user has a unique name and security credentials, which are used to authenticate and authorize their access to AWS resources IAM users have security credentials that are us...
Read more

Elastic Block Storage (EBS)

-
Image
 Elastic Block Storage (EBS) Elastic Block Storage (EBS) -  AWS Elastic Block Storage is a web service that provides block level storage volumes for use with amazon EC2 instances Amazon EBS volumes are highly available and reliable storage volumes that can be attached to any running instance and used like hard drive Amazon EBS allows you to create storage volumes and attach them to EC2 instances   It is used for various databses (both relational and non relational) as well as a wide range of application such as software testing and development  EBS provides a high performance option for many use cases it is directly attached to the instance Features of EBS  -  Amazon Elastic Block Storage  Region and availability zones are multiple physical location for your resources such as instances and EBS volumes Using security groups, you can specify the protocols, ports and source IP ranges that can reach your instances Elastic IP addresses are static IPv4 ...
Read more