Mark BateAWS Solutions Architect

Amazon API GatewayManaged APIs in the Cloud

Host multiple versions and stages of your APIsCreate and distribute API keys to developersLeverage AWS Sig-v4 to authorize access to APIsThrottle and monitor requests to protect your backendManaged cache to store API responsesSDK Generation for iOS, Android, and JavaScriptSwagger supportRequest / Response data transformation and API mocking

Features

How does it work?

An API Call Flow

API Gateway

Mobile Apps

Websites

Services

Internet

Any publicendpoint

Amazon CloudWatch Monitoring

AWS Lambda Functions

API Gateway Cache

Build, Deploy, Clone & Rollback

Build APIs with their resources, methods, and settingsDeploy APIs to a Stage—Each stage has its own Throttling, Caching, Metering, and Logging

Clone an existing API to create a new versionRollback to previous deployments

API Configuration

Pet Store

/pets/{petid}• GET• POST• PUT

/petsDefine resources within an API

Create an API

Define methods for a resources—Methods are Resource + HTTP verb

API Configuration

dev

beta

gamma

prod

Pet StoreAPI Configuration can be deployed to a stageStages are different environments

For example:—dev (e.g. thisismyapi.com/dev)—beta (e.g. thisismyapi.com/beta)—prod (e.g. thisismyapi.com/prod)—As many stages as needed

Stage (dev)

APIv2

Stage (prod)

Stage (dev)

Managing Multiple Versions and Stages of your APIs

APIv1

You can configure custom domain namesProvide API Gateway with a signed HTTPS certificateCustom domain names can point to an API or a StagePointing to an API you have access to all stages—beta (e.g. thisismyapi.com/beta)—prod (e.g. thisismyapi.com/prod)

Pointing directly to your Prod stage—prod (e.g. thisismyapi.com/)

Custom Domain Names

Securing your API

API Keys to Meter Developer Usage

Create API Keys

Set access permissions at the API/Stage level

Meter usage of API Keys through CloudWatch Logs

API Keys to Meter Developer Usage

Create API KeysThe name “Key” implies security – there is no security in

baking text in an App’s codeSet access permissions at the API/Stage levelAPI Keys should be used alongside a stronger

authorization mechanismMeter usage of API Keys through CloudWatch LogsAPI Keys should be used purely to meter app/developer

usage

You can leverage AWS Sig-v4 to sign and authorize API calls—Amazon Cognito and AWS Security Token Service (STS) simplify the

generation of temporary credentials for your appYou can support OAuth or other authorization mechanisms through custom headers—Simply configure your API methods to forward the custom headers to

your backend

Authentication Options

Using Sig-v4

Call /login (no auth)

Receive credentials to sign API

calls

Client API Gateway Back End

/login

/login

fn_Login

Credentials verified

Access & Secret Key

Throttling and Caching

Throttling helps you manage traffic to your backendThrottle by developer-defined Requests/Sec limitsRequests over the limit are throttled—HTTP 429 response

The generated SDKs retry throttled requests

API Throttling

You can configure a cache key and the Time to Live (TTL) of the API responseCached items are returned without calling the backendA cache is dedicated to you, by stageYou can provision between 0.5GB to 237GB of cache

Caching API Responses

An API Call Flow

cached? throttled?

itemHTTP 429

SDK Generation

SDKs are generated based on API deployments (Stages)If Request and Response Models are defined, the SDK includes input and output marshaling of your methodsSDKs know how to handle throttling responsesSDKs also know how to sign requests with AWS temporary credentials (Sig-v4)Support for Android, iOS, JavaScript, …

Generate Client SDKs Based on Your APIs

How much does it cost?

Amazon API Gateway Pricing

$3.50 per Million API Gateway requests1 Million API requests per month for 12 months— Included in the AWS Free Tier

Data Transfer Out (Standard AWS Prices)—$0.09/GB for the first 10 TB—$0.085/GB for the next 40 TB—$0.07/GB for the next 100 TB—$0.05/GB for the next 350 TB

Optional – Dedicated Cache Pricing

Cache Memory Size (GB) Price per Hour (USD)0,5 $0,0201,6 $0,0386 $0,200

13 $0,25028 $0,50058 $1,000118 $1,900237 $3,800

Availability

Amazon API Gateway

http://aws.amazon.com/apigateway/