Overview of AWS API Gateway

AWS API Gateway is a managed service provided by AWS. The service manages the API endpoints. Some of the benefits it provides:

  • auto management of servers
  • security
  • scaling
  • monitoring
  • speed
  • versioning

API Gateway requires HTTPS. The gateway is dependent on the region, such that whatever lambda or backend connected to the gateway is in the same region.

Example Access Policy Format:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "apigateway:GET"
            ],
            "Resource": [
                "*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "apigateway:*"
            ],
            "Resource": [
                "arn:aws:apigateway:REPLACE-WITH-YOUR-AWS-REGION::/restapis/*/stages/dev"
            ]
        }
    ]
}

Action-Statement = region and the action for the api. This includes the “Effect” and the “Action” as shown above. Wildcards may be used.

Resource-Statement = region and the resource path specificer. This is the “Resource” shown in the Access policy above.

Mapping Templates – transforms some data from one format to another. This is used for mapping Urls as an input parameter. This uses the following variables:

  • $context – holds all contextual information about the API call
    • $context.apiId
    • $context.identity.accountOwner
    • $context.identity.sourceIp
    • $context.identity.userAgent
  • $input – represents the input payload and parameters to be processed by the template
    • $input.json(x)
    • $input.params()
    • $input.path(x)
      • $input.path(‘$…’) maps to …
  • $util – utility functions for using the mapping templates
    • $util.escapeJavaScript()
    • $util.urlEncode()
    • $util.urlDecode()
    • $util.base64Encode()
    • $util.base64Decode()

 

 

API Keys

Used for monitoring API usage – not for authorization. The keys are not encrypted and can be easily sniffed out in the network traffic. It is only used to monitor the API traffic, which can be found through CloudWatch. The tracing can be done at granular – per method – levels.

 

API Logging

The API gateway sends logs to CloudWatch. It can be done at different levels, such as per-stage or per-method. The amount of logging is configured through CloudWatch. The API Gateway Dashboard shows some of the data monitored through CloudWatch, such as the number of API calls (usage) with time, latency, and errors. Note that the Dashboard can be customized.

 

API Deployment

Deploying APIs is as simple as pressing the deploy button. AWS automatically sets up all the backend for you. There are some settings that could be configured during deployment:

  • Cache Settings
  • Cloudwatch Settings
  • Throttling Settings

During deployment you can setup stages (dev, int, prod, etc). Each stage can have its own configuration settings. Once deployment is complete we can test the api using Postman or CURL:

 

 curl https://6emx3bxg98.execute-api.us-east-2.amazonaws.com/dev/shoes
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2091  100  2091    0     0   5347      0 --:--:-- --:--:-- --:--:--  5347[{"name":"middleware real-time cross-training shoe","color":"cyan","description":"A(n) Awesome, Small cross-training shoe made from the finest Concrete designed for the redefine individual!","size":1,"price":"961.00"},{"name":"framework user-facing spinning shoe","color":"orange","description":"A(n) Generic, Tasty spinning shoe made from the finest Cotton designed for the redefine individual!","size":1,"price":"256.00"},{"name":"matrices optimizing spinning shoe","color":"red","description":"A(n) Licensed, Practical spinning shoe made from the finest Granite designed for the target individual!","size":6,"price":"395.00"},{"name":"internet solution fresh-thinking aerobic shoe","color":"orchid","description":"A(n) Awesome, Awesome aerobic shoe made from the finest Concrete designed for the optimize individual!","size":4,"price":"529.00"},{"name":"extranet disintermediate basketball shoe","color":"gold","description":"A(n) Fantastic, Gorgeous basketball shoe made from the finest Granite designed for the enhance individual!","size":4,"price":"83.00"},{"name":"website 24 hour tennis shoe","color":"yellow","description":"A(n) Fantastic, Licensed tennis shoe made from the finest Soft designed for the deliver individual!","size":3,"price":"220.00"},{"name":"help-desk grid-enabled spinning shoe","color":"grey","description":"A(n) Licensed, Intelligent spinning shoe made from the finest Cotton designed for the whiteboard individual!","size":5,"price":"116.00"},{"name":"array reciprocal tennis shoe","color":"turquoise","description":"A(n) Intelligent, Small tennis shoe made from the finest Cotton designed for the reinvent individual!","size":4,"price":"160.00"},{"name":"initiative background running shoe","color":"black","description":"A(n) Incredible, Small running shoe made from the finest Fresh designed for the visualize individual!","size":7,"price":"394.00"},{"name":"neural-net motivating running shoe","color":"orchid","description":"A(n) Unbranded, Awesome running shoe made from the finest Rubber designed for the extend individual!","size":7,"price":"547.00"}]

 

References

Scalable AWS API Gateway (pluralsight)
William Button; 2016
https://app.pluralsight.com/player?course=scalable-aws-api-gateway