Infinite Potential of API Gateway

Get a high-level theoretical glimpse of all that can be achieved through the API Gateway.

API Gateway features

Let’s examine API Gateway’s different possibilities. First, this lesson gives a theoretical overview of the various aspects. We’ll then explore the implementation of each in upcoming chapters.

API types

REST API is the most straightforward and popular service integration pattern. However, sometimes we need bidirectional communication between client and server, for example, in chat applications or applications that display asynchronous notifications. To implement such bidirectional communication, API Gateway also provides for WebSockets.

Additionally, API Gateway provides two variants of the REST API. These are the HTTP API and the private REST API. They all follow the Representational State Transfer (REST) protocol. There are minor differences in the way AWS API Gateway handles them. For example, the HTTP API in API Gateway is lightweight and provides reduced functionality at a reduced cost. On the other hand, the private REST API in the API Gateway provides access to the resources inside a Virtual Private Cloud (VPC).

Service integration

We saw how to configure the API Gateway to invoke a Lambda function. However, we can often skip this Lambda function and let the API Gateway communicate directly with the other services. Such service integration significantly reduces cost and latency.

Our API can then directly connect with the DynamoDB or S3 or invoke a step function asynchronously. If we use this smartly, it can result in very low latency and cost.

HTTP integration

We can configure API Gateway to proxy a request to a third-party HTTP request. Consider, for example, an application that invokes a third-party API from RapidAPI with the related API keys.

It’s a security risk to embed API keys in the client browser application. It creates messy code if the client has to invoke several different APIs. Therefore, collating everything into a single API within the API Gateway makes more sense.

Then, based on the path in the API, API Gateway can invoke the related third-party API, with the API key configured in AWS.

All this is possible with HTTP integration.

Data mapping

In our example, the API Gateway only passed the data to and fro. We also have an opportunity to manipulate this data in transit. Such data mapping is handy when we work with service integrations.

We can define a schema for transforming the request and response as it passes through the API Gateway to any AWS service that’s integrated with the API.

Using this mapping as a parameter in the request passed on to the downstream service has much potential. For example, if we have a service integration where API Gateway is used to trigger an SNS Event, it can be helpful if we can add the IP address of the caller in the SNS Subject.

Data model and validation

We can define and enforce a data model for the input request. API Gateway validates this model before actually passing it into our service. This forms a protective layer, guarding our services against stray invocation attempts.

Security

Any application that’s open to the internet has to worry about security. If it’s a niche application we develop, we can expect many prying eyes. API Gateway provides several features that can help safeguard the API.

It supports authentication and authorization with API Keys, the Authenticator Lambda function, and Cognito Integration. It also provides for security in the form of throttling on high loads. We can mask the internal service errors with clean responses to ensure that the internals remain hidden.

Usage quotas

We can assign quotas to the individual users by using API keys. For example, we can specify that each API key can authenticate up to 100 requests per day.

Deployment stages

API Gateway helps us with non-destructive deployments. We can easily deploy newer versions of the API without messing with the existing ones. This simplifies the development cycle and enables faster and more frequent deployments.

Logging and tracing

Because of the integration with CloudWatch and X-Ray services, API Gateway enables an elegant framework for tracking and debugging individual API requests and responses.

These are just a few major features we get with API Gateway. As we go through each of these in depth, we’ll better appreciate its power. Let’s get started.