Amazon API Gateway - API Management - AWS Certification


Let’s get a quick overview of Amazon API Gateway from an AWS certification perspective. We will look at important certification questions regarding Amazon API Gateway.

You will learn

  • What is Amazon API Gateway?
  • What are the typical problems in building an API?
  • Why do we need Amazon API Gateway?
  • When do we use Amazon API Gateway?
  • How do you implement authentication and authorization for Amazon API Gateway?

AWS Certification - 25 PDF Cheat Sheets + Free Course

Each cheat sheet contains:

  • FAQs and Tutorials with 5-20 slides
  • Notes to quickly review and prepare for certification exam
  • Certification Exam Tips
  • Certification and Interview Scenario Questions
Download

REST API Challenges

Most applications today are built around REST API.

Management of REST API is not easy:

  • You’ve to take care of authentication and authorization
  • You’ve to be able to set limits (rate limiting, quotas) for your API consumers
  • You’ve to take care of implementing multiple versions of your API
  • You would want to monitor your API calls
  • You would want to be able to cache API requests

Amazon API Gateway

How about a fully managed service with auto scaling that can act as a “front door” to your APIs? Welcome “Amazon API Gateway”

Amazon API Gateway helps you to “publish, maintain, monitor, and secure APIs at any scale”

You can authorize users by integrating with:

  • AWS IAM (for AWS users using signature version 4)
  • Amazon Cognito
  • Lambda authorizer (custom authorization with JWT tokens or SAML)

Amazon API Gateway Features

Here are some of the important features:

  • Integrates with AWS Lambda, Amazon EC2, Amazon ECS or any web application
  • Supports HTTP(S) and WebSockets (two way communication - chat apps and streaming dashboards)
  • Serverless. Pay for use (API calls and connection duration)
  • Provides API Lifecycle Management for RESTful APIs and WebSocket APIs
  • You can Run multiple versions of the same API
  • Supports Rate Limits(request quota limits), throttling and fine-grained access permissions using API Keys for Third-Party Developers
  • Lifecycle management for REST APIs
  • Versioning and multiple environments
  • API keys - Generate API keys to monitor usage
    • Implement plans and quota limits for external applications (or developer)
    • WARNING - Do NOT use API keys for Authorization
  • Enable caching for API calls with TTL
  • Protect backends by throttling requests
  • Integrates with
    • Amazon CloudWatch - Performance metrics, API calls, latency data and error rates
    • Amazon CloudWatch Logs - Debug logging
    • AWS CloudTrail - Complete history of changes to your REST API

Amazon API Gateway - Authentication and Authorization & Approaches

How can you implement Authentication with API Gateway?

How do you authenticate a REST API call?

  • Attach a signature or token with your API call

Here are some of the important options:

  • AWS Signature Version 4
    • Create a signature using your AWS secret access key and send it with your API request
    • For API consumers belonging to your AWS account
  • Lambda authorizers
    • Implement a Lambda function to authenticate (JWT, OAuth etc) the token and return IAM policies.
    • Integrate with any custom user directory
  • Amazon Cognito

Search


Certification - Recommended Reading

Amazon RDS - Relational Database Service and Amazon Aurora

Multi-AZ vs Multi-Region vs Read replicas - Amazon RDS

Database Primer - Availability vs Durability vs RTO vs RPO vs Consistency

Migrating databases in AWS - Data Pipeline vs DMS vs SCT

Amazon RedShift vs RedShift Spectrum vs Amazon EMR - A comparison

AWS Data Lakes - Simplified Big Data Solutions

Amazon RedShift - Big Data in AWS

Amazon Cognito - User Pools, Identity Pools

Amazon S3 Storage Classes - Standard vs Standard-IA vs One Zone vs Intelligent-Tiering vs Glacier

Amazon S3 Glacier - vs Amazon S3

Free Videos - Get Started with AWS Certification

Complete Course - AWS Certified Solutions Architect Associate

Get our amazing course pursued by thousands of learners

  • 400+ Lectures
  • 28 hours on-demand video
  • 18 articles
  • 2 downloadable resources
  • Full lifetime access

Image


Search