Application Programming Interfaces (APIs) are the foundation of present-day software development. These interfaces allow for smooth communication between programs and the sharing of information which enables complex integrated applications to be created. However, cloud infrastructure presents challenges when it comes to managing and scaling APIs because they are often complicated. This is where Amazon API Gateway helps.Amazon API Gateway is a fully managed Amazon Web Service that supports developers in building, publishing, maintaining, monitoring, and safeguarding APIs regardless of their size. This can act as a crucial component for applications to communicate with backend services on AWS or any other web application.IntroductionAmazon API Gateway is a fully managed service that simplifies the API creation process for developers. With Amazon API Gateway, you can design, publish, maintain, monitor, and secure APIs in any capacity. APIs are like the "front door" for applications, allowing them to connect with data, business logic, or functionality from such backend services. This particular service provides an opportunity to create RESTful APIs and WebSocket APIs with bidirectional real-time communication needed for online applications. Apart from that, API Gateway can be used to support swift deployment (serverless) and containerized applications, and it can be used for web applications as well. API Gateway fulfills the processing and takes care of the API calls, handling the load of possibly thousands of requests passing through, such as CORS support, access control traffic management, monitoring, throttling, API version management, and so on. The use of this service requires no minimum fee or startup costs, charging per API calls and data out. The more the API usage increases, the lower the payment level becomes according to the tiered pricing model of API Gateway.How does Amazon API Gateway work?Amazon API Gateway is a tool that developers use to create and manage applications. They define the names of the APIs, the method through which the APIs communicate with other services, and the way API requests and content transfers are managed.There are many types of SDKs and systems that can be implemented on specific mobile and web applications.Amazon API Gateway accepts and enables the management of payload data sent over HTTP. This data can be in any of the formats using JavaScript Object Notation or Extensible Markup Language. Users of an API can access a dashboard in Amazon API Gateway to keep an eye on and view their API calls and generate log files which can be retrieved from Amazon CloudWatch.Two mechanisms are used for traffic management in Amazon API Gateway:Throttling: which manages the flow of the API calls by limiting the number of calls made in a specific period.Caching: This reduces calls made to obtain data as a result of an API call by retaining usual API responses with themselves.Access control to APIs is provided through Amazon API Gateway. The gateway uses access keys to help control the security. One option with Amazon API Gateway is to merge with AWS identity/Access Management (IAM) to manage authorization to APIs. The Amazon Signature Version 4 is an additional way to guarantee API security. Otherwise, developers can also use OAuth tokens for security in their APIs.The Amazon API Gateway will let AWS-run developers run multiple versions of an API in parallel, reducing the need to shut down the existing ones at the time of testing or deployment of new APIs.How to Get Started with the Amazon API Gateway?To get started, first, create a Lambda function using the AWS Lambda console, then generate an HTTP API using the API Gateway console. After your HTTP API is set, you can access your API.When you use your HTTP API, API Gateway directs the request to your Lambda function. Then, Lambda runs the Lambda function and responds to API Gateway. You will soon receive a reply from API Gateway. Here are the steps to follow:API Gateway StepsDevelop a lambda function: Visit AWS Lambda under Compute Services in your AWS console. Click on Create Function and enter the function name, for instance, 'my function,' and specify the default language to be node.js 14. x and then click the create function. Now, a lambda function will be created with the sample code from AWS in node.js. Creating an HTTP APIUse the AWS console to search for the API Gateway service.Afterwards, you will have to create an HTTP API. The AWS Lambda also provides both REST APIs and WebSocket APIs, yet creating an HTTP API is recommended for this demonstration for ease.To add the newly created Lambda function to the API on which you are working, you have to click on 'Add Integration’ Then, select Lambda in the Integrations dropdown, next, pick the lambda function you have created and give a description, for example, ‘my-http-api.’The subsequent action is to check the integration and the names you have provided and then click create.Testing Your APINext, you need to verify your API by conducting a test. Through a web browser, you can call your API.Take this invoke URL and input it in your web browser. Add the name of the lambda function as it should be displayed.The API you have just established will now receive a GET request from your browser.Validate the reply from your API. Now, you can see "Hello from Lambda!" on your screen. Comparison of Amazon API Gateway with Kong, and TykFeatureAmazon API GatewayKongTykDeployment ModelManaged service by AWSOpen-source, enterprise version availableOpen-source, enterprise version availableHostingFully managed, serverlessSelf-hosted or Kong CloudSelf-hosted or Tyk CloudIntegrationAWS services (Lambda, DynamoDB, etc.)Multiple platforms, plugins availableMultiple platforms, plugins availableAuthenticationIAM, Cognito, custom authorizersOAuth2, JWT, Key AuthenticationOAuth2, JWT, Basic AuthRate LimitingBuilt-inBuilt-inBuilt-inMonitoringCloudWatchPrometheus, DatadogPrometheus, Grafana, DatadogScalabilityAutomatically scalableScales with infrastructureScales with infrastructureCostPay-as-you-goFree (Open-source) / Subscription (Enterprise)Free (Open-source) / Subscription (Enterprise)Ease of UseEasy, with AWS integrationModerate, requires setupModerate, requires setupSecurityHigh, with AWS IAM and WAF integrationHigh, customizableHigh, customizableWhat is the purpose of API Gateway in AWS?PurposeDescriptionAPI Creation and DeploymentThe process of defining, creating, and deploying APIs.Integration with AWS Services Easily Integrates with AWS services like Lambda, DynamoDB, S3, and more.Traffic ManagementManages API traffic by throttling, rate limiting, and bursting.SecurityProvides best security features like AWS IAM, Cognito, and custom authorizers.Monitoring and AnalyticsOffers monitoring and logging through Amazon CloudWatch.ScalabilityAutomatically scales to handle thousands of continuous API calls.Cost ManagementProvides a pay-as-you-go pricing model.CachingEnables response caching to improve performance and reduce latency.Versioning and StagingSupports API versioning and deployment stages for better lifecycle management.API Gateway vs load balancerAspectAPI GatewayLoad BalancerPurposeManage and expose APIsDistribute network traffic across multiple serversFunctionalityAPI request routing, rate limiting, securityLoad distribution, high availability, fault toleranceIntegrationAWS services (Lambda, DynamoDB, etc.)EC2 instances, on-premises serversTraffic HandlingAPI-specific features (throttling, caching)Network traffic distributionProtocol SupportHTTP, WebSocketHTTP, HTTPS, TCP, UDPUse CaseAPI management, microservices architectureLoad balancing web applications, scaling servicesCost ModelPay-as-you-go, based on API callsPay-as-you-go, based on traffic processedSecurity FeaturesIAM, Cognito, custom authorizersSSL/TLS termination, security groupsCommands for Amazon API Gateway1: Create a REST APIaws apigateway create-rest-api --name "MyAPI"2: Get a list of REST APIsaws apigateway get-rest-apis3: Delete a REST APIaws apigateway delete-rest-api --rest-api-id <rest-api-id>4: Create a Resourceaws apigateway create-resource --rest-api-id <rest-api-id> --parent-id <parent-id> --path-part <resource-path>5: Get Resourcesaws apigateway get-resources --rest-api-id <rest-api-id>6: Delete a Resourceaws apigateway delete-resource --rest-api-id <rest-api-id> --resource-id <resource-id>7: Put Methodaws apigateway put-method --rest-api-id <rest-api-id> --resource-id <resource-id> --http-method <http-method> --authorization-type <auth-type>8: Get Methodaws apigateway get-method --rest-api-id <rest-api-id> --resource-id <resource-id> --http-method <http-method>9: Delete Methodaws apigateway delete-method --rest-api-id <rest-api-id> --resource-id <resource-id> --http-method <http-method>10: Put Integrationaws apigateway put-integration --rest-api-id <rest-api-id> --resource-id <resource-id> --http-method <http-method> --type <integration-type> --uri <uri>11: Get Integrationaws apigateway get-integration --rest-api-id <rest-api-id> --resource-id <resource-id> --http-method <http-method>12: Delete Integrationaws apigateway delete-integration --rest-api-id <rest-api-id> --resource-id <resource-id> --http-method <http-method>13: Create Deploymentaws apigateway create-deployment --rest-api-id <rest-api-id> --stage-name <stage-name>14: Get Deploymentsaws apigateway get-deployments --rest-api-id <rest-api-id>15: Delete Deploymentaws apigateway delete-deployment --rest-api-id <rest-api-id> --deployment-id <deployment-id>16: Get Stagesaws apigateway get-stages --rest-api-id <rest-api-id>17: Update Stageaws apigateway update-stage --rest-api-id <rest-api-id> --stage-name <stage-name> --patch-operations <operations>18: Delete Stageaws apigateway delete-stage --rest-api-id <rest-api-id> --stage-name <stage-name>19: Create a Usage Planaws apigateway create-usage-plan --name "MyUsagePlan" --throttle burstLimit=500,rateLimit=100020: Get Usage PlansGet Usage Plans21: Delete a Usage Planaws apigateway delete-usage-plan --usage-plan-id <usage-plan-id>22: Create an API Keyaws apigateway create-api-key --name "MyApiKey"23: Get API Keysaws apigateway get-api-keys24: Delete an API Keyaws apigateway delete-api-key --api-key <api-key-id>25: Create a Domain Nameaws apigateway create-domain-name --domain-name <domain-name> --certificate-name <certificate-name>26: Get Domain Namesaws apigateway get-domain-names27: Delete a Domain Nameaws apigateway delete-domain-name --domain-name <domain-name>Amazon API Gateway PricingPricing ComponentDescriptionAPI RequestsPay for the number of API requests made to your APIs.Data TransferPay for data transfer out of API Gateway to the internet.CachingOptional caching feature for reducing the load on your backend by caching responses to API requests.Usage PlansOptional feature for monetizing and metering access to your APIs.Custom Domain NamesPay for custom domain names to provide branded API endpoints.Additional FeaturesAdditional features such as AWS WAF, logging, and monitoring may incur additional costs.Comparison of Amazon API Gateway with Azure API Management and Google Cloud Endpoints:FeatureAmazon API GatewayAzure API ManagementGoogle Cloud EndpointsPricingPay-per-call and data transferTiered pricing based on API calls and featuresPay-per-use based on API callsDeployment ModelsRegional, Edge-optimized, and Private APIsMulti-region deploymentIntegrated with Google Cloud Functions and App EngineIntegration with Other ServicesDeep integration with AWS servicesSeamless integration with Azure servicesTight integration with Google Cloud servicesSecurityIAM, Cognito, API Keys, Lambda authorizersAzure AD, OAuth 2.0, API KeysIAM, API Keys, Auth0Developer PortalBuilt-in, customizable portalBuilt-in, highly customizable portalIntegrated developer portal via Google Cloud ConsoleAnalyticsCloudWatch, X-RayAzure Monitor, Application InsightsStackdriver Logging and MonitoringRate Limiting and ThrottlingYesYesYesCachingIntegrated caching capabilitiesBuilt-in cachingBuilt-in caching with API GatewayConclusionAmazon API Gateway is a comprehensive service that streamlines the process of designing, monitoring, and protecting APIs. Its capabilities include RESTful and WebSocket APIs, traffic management, and integration with AWS services like Lambda for serverless deployments. Amazon API Gateway enables users to handle data flows efficiently, capitalize on scalability, and make the most of its APIs. This results in simpler and more reliable cloud-based API development and management, making it a standout feature of modern applications.Read Morehttps://devopsden.io/article/aws-serverless-application-modelFollow us onhttps://www.linkedin.com/company/devopsden/
