Post on 15-Apr-2017
Mark BateAWS Solutions Architect
Amazon API GatewayManaged APIs in the Cloud
Host multiple versions and stages of your APIsCreate and distribute API keys to developersLeverage AWS Sig-v4 to authorize access to APIsThrottle and monitor requests to protect your backendManaged cache to store API responsesSDK Generation for iOS, Android, and JavaScriptSwagger supportRequest / Response data transformation and API mocking
Features
How does it work?
An API Call Flow
API Gateway
Mobile Apps
Websites
Services
Internet
Any publicendpoint
Amazon CloudWatch Monitoring
AWS Lambda Functions
API Gateway Cache
Build, Deploy, Clone & Rollback
Build APIs with their resources, methods, and settingsDeploy APIs to a Stage—Each stage has its own Throttling, Caching, Metering, and Logging
Clone an existing API to create a new versionRollback to previous deployments
API Configuration
Pet Store
/pets/{petid}• GET• POST• PUT
/petsDefine resources within an API
Create an API
Define methods for a resources—Methods are Resource + HTTP verb
API Configuration
dev
beta
gamma
prod
Pet StoreAPI Configuration can be deployed to a stageStages are different environments
For example:—dev (e.g. thisismyapi.com/dev)—beta (e.g. thisismyapi.com/beta)—prod (e.g. thisismyapi.com/prod)—As many stages as needed
Stage (dev)
APIv2
Stage (prod)
Stage (dev)
Managing Multiple Versions and Stages of your APIs
APIv1
You can configure custom domain namesProvide API Gateway with a signed HTTPS certificateCustom domain names can point to an API or a StagePointing to an API you have access to all stages—beta (e.g. thisismyapi.com/beta)—prod (e.g. thisismyapi.com/prod)
Pointing directly to your Prod stage—prod (e.g. thisismyapi.com/)
Custom Domain Names
Securing your API
API Keys to Meter Developer Usage
Create API Keys
Set access permissions at the API/Stage level
Meter usage of API Keys through CloudWatch Logs
API Keys to Meter Developer Usage
Create API KeysThe name “Key” implies security – there is no security in
baking text in an App’s codeSet access permissions at the API/Stage levelAPI Keys should be used alongside a stronger
authorization mechanismMeter usage of API Keys through CloudWatch LogsAPI Keys should be used purely to meter app/developer
usage
You can leverage AWS Sig-v4 to sign and authorize API calls—Amazon Cognito and AWS Security Token Service (STS) simplify the
generation of temporary credentials for your appYou can support OAuth or other authorization mechanisms through custom headers—Simply configure your API methods to forward the custom headers to
your backend
Authentication Options
Using Sig-v4
Call /login (no auth)
Receive credentials to sign API
calls
Client API Gateway Back End
/login
/login
fn_Login
Credentials verified
Access & Secret Key
Throttling and Caching
Throttling helps you manage traffic to your backendThrottle by developer-defined Requests/Sec limitsRequests over the limit are throttled—HTTP 429 response
The generated SDKs retry throttled requests
API Throttling
You can configure a cache key and the Time to Live (TTL) of the API responseCached items are returned without calling the backendA cache is dedicated to you, by stageYou can provision between 0.5GB to 237GB of cache
Caching API Responses
An API Call Flow
cached? throttled?
itemHTTP 429
SDK Generation
SDKs are generated based on API deployments (Stages)If Request and Response Models are defined, the SDK includes input and output marshaling of your methodsSDKs know how to handle throttling responsesSDKs also know how to sign requests with AWS temporary credentials (Sig-v4)Support for Android, iOS, JavaScript, …
Generate Client SDKs Based on Your APIs
How much does it cost?
Amazon API Gateway Pricing
$3.50 per Million API Gateway requests1 Million API requests per month for 12 months— Included in the AWS Free Tier
Data Transfer Out (Standard AWS Prices)—$0.09/GB for the first 10 TB—$0.085/GB for the next 40 TB—$0.07/GB for the next 100 TB—$0.05/GB for the next 350 TB
Optional – Dedicated Cache Pricing
Cache Memory Size (GB) Price per Hour (USD)0,5 $0,0201,6 $0,0386 $0,200
13 $0,25028 $0,50058 $1,000118 $1,900237 $3,800
Availability