Shruti's Blog

AWS API Gateway

AWS API Gateway

Shruti Pawar's photo
Shruti Pawar
·

2 min read

Table of contents

Suppose we develop an application where a user can edit his pictures.

App Name- PhotoEditor

The user can upload the picture -> editor will edit the photo -> user can download the edited photo.

We can just sign up/sign in to the app using our Google/Twitter/Facebook account even if the app is not owned by Google.

Gmail has its database of user information and it won't give its code to anyone. The user should be a member of Gmail and should have his/her authentic account. It will be either valid or invalid.

Gmail can have a function(user id, password)

{

code

}

The result will be either True/False. Thus you just have to invoke the code by passing the parameters. This is called an API.

So, we have two options

  1. Instances

  2. Lambda Function

    Sign Up -L1

    Sign In -L2

    Receive mail -L3

    Delete mail -L4

    Change password -L5

    Update password -L6

    Lambda function will be invoked and only the invoked function will be costed. Gmail will not specify which lambda function they've created. They will create one dummy function e.g. sign in ( ) and this will invoke L2. This will be done internally and the dummy function is called API. The mapping is done through API Gateway.

Advantages

  1. Aws Lambda + API gateway: No infrastructure to manage

  2. Supports WebSocket protocol: used for streaming IPL/Gaming

  3. Handles versioning

  4. Canary Testing

  5. Handles different environments (dev, test, prod...)

  6. Handles Security ( Authentication & Authorization)

  7. Creates API Keys, and handles request throttling ( If a hacker tries to send fishy requests it'll take care of it.

  8. Import API

  9. Cache API responses

API GATEWAY INTEGRATION

  1. Lambda Function- Rest API backend by Lambda

  2. HTTP- On-Prem, Load Balancer

  3. AWS service- SQS

API GATEWAY ENDPOINT TYPES

  1. Private: can be only accessed from your v.p.c and not from outside the AWS environment.

  2. Regional: us-east2 users only no others.

  3. Edge-Optimized: globally, by anyone. It is the default.

Mock integration type-

For the trial, To check if I'm able to call the function, it will not send an actual request to the backend. It will just return the response which is predefined.

Caching API responses

  1. Caching reduces the number of calls made to the backend.

  2. The default TTL is 300 seconds.

  3. Caches are defined per stage.

  4. The cache is expensive. it makes sense in production not in dev and test.

API Gateway Throttling

  1. If I want to block requests after 100 requests.

  2. Throttle- To give service unavailable and reject them.

  3. Define your throttle limits for different stages.

APIsapigatewayaws-apigatewayAWSaws lambda