API Gateway is a fully managed service for developers that makes it easy to build, publish, manage, and secure entire APIs. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on EC2 code running on AWS Lambda, or any web application.
-
Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.
-
Amazon API Gateway has no minimum fees or startup costs. You pay only for the API calls you receive and the amount of data transferred out.
-
API Gateway does the following for your APIs:
- Exposes HTTP(S) endpoints for RESTful functionality
- Uses serverless functionality to connect to Lambda & DynamoDB
- Can send each API endpoint to a different target
- Runs cheaply and efficiently
- Scales readily and effortlessly
- Can throttle requests to prevent attacks
- Track and control usage via an API key
- Can be version controlled
- Can be connected to CloudWatch for monitoring and observability
-
Since API Gateway can function with AWS Lambda, you can run your APIs and code without needing to maintain servers.
-
Amazon API Gateway provides throttling at multiple levels including global and by a service call.
- In software, athrottling process, or a throttling controller as it is sometimes called, is a process responsible for regulating the rate at which application processing is conducted, either staticalyy or dynamically.
- Throttling limits can be set for standard rates and bursts. For example, API owners can set a rate limit of 1000 requests per second for a specific method in their REST APIs, and also configure Amazon API Gateway to handle a burst of 2000 requests per second for a few seconds.
- Amazon API Gateway tracks the number of requests per second. Any requests over the limit will receive a 429 HTTP response. The client SDKs generated by Amazon API Gateway retry calls automatically when met with this response.
-
You can add caching to API calls by provisioning an Amazon API Gateway cache and specifying its size in gigagytes. The cache is procisioned for a specific stage of your APIs. This improves performance and reduces the traffic sent to your backend. Cache settings allow you yo control the way the cache key is built and the TTL of the data stored for each methos. Amazon API Gateway also exposes management APIs that help you invalidate the cache for each stage.
-
You can enable API caching for improving latency and reducing I/O for your endpoint.
-
When caching for a particular API stage (version controlled version), you cache responses for a particular TTL in seconds.
-
API Gateway supports AWS Certificate Manager and can make use of free TLS/SSL certificates.
-
With API Gateway, there are two kinds of API calls:
- Calls to the API Gateway API to create, mdify, delete, or deploy REST APIs. These are logged in CloudTrail.
- API calls set up by the developers to deliver their custom functionality: These are not logged in CloudTrail.