Effectively Managing API using AWS API Gateway & Lambda
API Gateway is a fully managed service that enables developers to create, publish, maintain, monitor, and secure APIs at any scale. In this blog, you’ll learn how to effectively manage API using AWS API Gateway & Lambda.
API (Application Programming Interface) are the best way to integrate the business applications with other applications without worrying about risk of exposing the implementation details to the clients. In large enterprises with numerous API catering to various business processes, it often becomes a challenge to manage these API and ensure that its available for the right clients.
Some of the challenges faced by the infrastructure team / application developers are that they need to ensure that the access to the APIs is need-based and accesses are restricted to specific purpose and scope of work and are always secured and are scalable to the business demands. Additionally, the teams need the metrics and measurements on utilization and performance to effectively calibrate and size the infrastructure.
API Gateway Service from AWS is a simple and powerful solution that addresses most of the challenges listed above. It allows the developers in creating, publishing, maintaining, monitoring and securing RESTFUL and Web Socket based API. In addition, the developers can build a security layer to ensure that the access to the API are restricted and managed effectively. When integrated with AWS Lambda and other AWS services, it offers more powerful and comprehensive solution in managing the APIs.
Configure / Create API
Using the simple and intuitive system of the AWS API Gateway, the developer shall be able create a new API (WebSocket or REST) or import from swagger file, configure each API methods as an API call or a Lambda function or a AWS Services and allow the client requests and server responses to flow through API Gateway.
Create Stage and Deploy
All APIs configured on the Gateway, needs to be deployed on a Stage – dev or stage or prod, which is the running environment for the API. The system allows the developer to set additional parameters like Caching, throttling, applying certificates, logging and tracking using tools like CloudWatch, generate SDK for the developers accessing the API through the Gateway.
Usage Plan
AWS Gateway allows the developer to create a usage plan and set the thresholds for the API calls from the connecting clients.
Create API Keys
As additional security feature to the API, the developer shall leverage the API Key which the client applications need for accessing the API resources. At any point in time, if the developer suspects that the security is breached, the developer shall delete the keys and recreate them.
Dashboard
API Gateway service comes with a rich and informative metric dashboard for each stage environment. The developer shall be able to view the metrics around the API calls, latency for each call, and specific error code. The dashboard allows drilling down each metric for more details and display options.
Additional Features
API Gateway comes with additional features that allows the developers to leverage the Lambda feature to build additional security features like pre-processing API payloads, responses from the end-points, building security using AWS Cognito, OAUTH2.0 and others.
Advantages
While there are few similar tools in the market to manage the enterprise APIs, AWS API Gateway are easy to use and intuitive backed by its powerful cloud services. Some of the other advantages listed below :
- Feature-rich service: like most of the AWS services, the AWS Gateway services are easy to administer and intuitive allowing the developers to easily configure the API, deploy them on different stage environments, set caching for faster response, set custom domains for the APIs, set thresholds for the API Calls, custom response for HTTP error codes etc.
- Customize Security: The developers can adopt the API keys to enforce security on the clients calling the API. Additionally, the developers shall be able to build additional security layer like OAuth and AWS Cognito.
- Process Payload: Using the AWS Lambda, the developers shall be able to pre-process the API calls to enforce additional business conditions etc. and post-process the response from the API End Points.
- Monetize Infrastructure: Depending on the applicability, with appropriate controls measures, organization shall be able to monetize the API services by exposing some of the business API for 3rd party consumptions for monetary considerations.
Written by,
Geetha Pandiyan & Umashankar Nedunchezhian
1Cloud Hub
Updated on June 5, 2020