Amazon's New API Gateway Offers New API implementations on AWS
|Richard Harris in Enterprise Tuesday, July 14, 2015|
Amazon’s new API Gateway is a pay-as-you-go service which offers the opportunity to build and run application backends and connect applications to API implementations that run on AWS Lambda, Amazon Elastic Compute Cloud (EC2), or a publicly addressable service hosted outside of AWS.
The platform allows companies to implement APIs that wrap around, enhance, and effectively modernize legacy systems - providing the ability to aggregate the results from multiple legacy RPC-style web services calls into a single response, filter and process the data, while protecting the backend service from overload through the built-in throttling feature.
The API Gateway was designed to deliver on the following abilities:
- Scalable & Efficient: Handle any number of requests per second (RPS) while making good use of system resources.
- Self-Service & Highly Usable: Provide the ability to define, revise, deploy, and monitor APIs with a couple of clicks, without requiring specialized knowledge or skills, including easy SDK generation.
- Reliable: Build services that are dependable, with full control over error handling, including customized error responses.
- Secure: Takes advantage of the latest AWS authorization mechanisms and IAM policies to manage APIs and AWS resources.
- Performant: Build services that are globally accessible (via CloudFront) for low latency access, with data transfer to the backend over the AWS network.
- Cost-Effective: Build services that are economical to run, with no fixed costs and pay-as-you-go pricing.
Amazon uses an example of customers that use Swagger to describe their APIs, who can now import their existing definitions into the API Gateway in minutes using the tool that Amazon supplies, and connect them to new or existing implementations.
The platform provides the ability to test APIs from within the AWS Management Console, with full access to the HTTP status code, the response (body and headers), and the request log. There is also the ability to create multiple environments (which the gateway calls stages) of a given API and then selectively deploy them within the scope of a tag that that is defined. Each operation in each version can, but does not have to, have a distinct implementation. When the time comes to create a new version of an API, developers can clone an existing one, deploy the clone to a distinct stage, and continue to work on both, with the eventual goal of deprecating the older one. There is also the opportunity to use custom domain names to exercise more control over the URL of each service.
After deploying an API, the Gateway will accept, handle, monitor, and respond to requests. Developers can configure a cache on a per-stage basis, with control over the lifetime of cached responses and the mapping of request parameters to cache keys.
Requests to APIs are logged to Amazon CloudWatch and detailed metrics are reported to Amazon CloudWatch on a per-stage, per-method basis. Administrative actions such as creating and configuring APIs are logged to CloudTrail for auditing. Requests can be throttled if they exceed a desired rate, and developers can use AWS Identity and Access Management (IAM), Amazon Cognito, or OAuth credentials to authorize access to individual methods.
Read more: http://aws.amazon.com/api-gateway/