Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. It allows developers to create a unified API that acts as a gateway for multiple backend services, providing features like authentication, throttling, monitoring and documentation. The document discusses Amazon API Gateway and how it can be used with AWS Lambda to build scalable and secure APIs. It also provides a case study of how shipping company Temando used API Gateway and Lambda to migrate their monolithic architecture to a microservices approach.
2. Agenda
• What is Amazon API Gateway
• Why use Amazon API Gateway
• Amazon API Gateway and AWS Lambda
• Temando Case Study
• AWS Service Proxy
3. What is Amazon API Gateway
Internet
Mobile Apps
Websites
Services
AWS Lambda
functions
AWS
API Gateway
Cache
Endpoints on
Amazon EC2
Any other publicly
accessible endpointAmazon
CloudWatch
Amazon
CloudFront
Amazon
API Gateway
4. Why Amazon API Gateway
Create a unified API
frontend for multiple
micro-services
DDoS protection
and throttling for
your backend
Authenticate and
authorise requests
to a backend
6. Unified Frontend – Migrating to AWS
InternetMobile Apps Amazon
API Gateway
On premise
web server
1. Use API Gateway in front of an on-premise web service
2. Port the web service to AWS
3. Change integration in API Gateway to call the
new service
8. DDoS and Network Protection
Internet
Mobile Apps
Websites
Services
AWS Lambda
functions
Endpoints on
Amazon EC2
Amazon
CloudFront
Amazon
API Gateway
Layer 7 and layer 3 DDoS protection
Request throttling for backend services
10. Authorisation – AWS Signature Version 4
Mobile Apps AWS Lambda LambdaHandler
API Gateway
Sigv4
Invoke with
caller credentials
Service calls are
authorised using
the IAM Role
DynamoDB
11. Authorisation – Custom authorisers in Lambda
Client
Lambda Auth
function
API Gateway
OAuth token
OAuth
provider
Policy is
evaluated
Policy is
cached
Endpoints on
Amazon EC2
Any other publicly
accessible endpoint
AWS Lambda
functions
403
13. Unmanaged Scalability
VPC subnet
Availability Zone A Availability Zone B
VPC subnet
Auto Scaling group
WEB WEB
Oregon
Tokyo
VPC subnet
Cleanup
loop
EC2 API
start/stop
instances
JOBS
14. Managed
Managed Scalability
InternetMobile apps
AWS Lambda
functions
AWS
API Gateway
cache
Endpoints on
Amazon EC2
Any other publicly
accessible endpoint
Amazon
CloudWatch
Amazon
CloudFront
API
Gateway
API Gateway
Other AWS
services
AWS Lambda
functions
16. Why they use Amazon API Gateway
• Running as high as 200,000 requests per second
• Migrating legacy software to AWS Lambda
• Using AWS Signature Version 4 for strong auth
• Exposing AWS managed services as their own APIs
20. Lambda Invocations
API Gateway
1. Receives the request
2. Authorizes the request
3. Applies mapping templates
4. Invokes Lambda function
5. Applies output mappings
6. Responds to the client
24. - Over 50,000 registered users and counting
- Global Presence
- Offices in Brisbane, Sydney, San Francisco, Vietnam, France
We offer the world’s logistical resources in a single intelligent platform to
make commerce easy and universally accessible.
39. Expose AWS Services as Your Own API
1. Kinesis
• Customers collecting metrics from external developers
2. SQS
• APIs that only insert a record in a queue
3. DynamoDB
• Easy CRUD APIs with Sigv4
4. AWS IoT
• Expose device shadows as API endpoints
40. Kinesis: Configure AWS Service Proxy
1. Select AWS Service Proxy
2. Select the AWS service: Kinesis
3. HTTP method from the service API: POST
4. Set the desired action: PutRecord
5. The Execution Role can perform the action
and trusts apigateway.amazonaws.com
41. Kinesis: Transform the Request
1. Set Kinesis’ content-type: x-amz-json-1.1
2. Static values use Single Quotes: ‘value’
3. Configure Mapping Template
1. Use $util to base64 encode
2. Use $input to read incoming json
3. Static Partition and Stream Name
43. Takeaways
• Use API Gateway to:
1. Abstract the implementation
2. Protect your service from attacks
3. Offload authentication and authorization
• Serverless Architectures allow you to:
1. Build scalable services without managing any
infrastructure
2. Easily build micro-services’ driven applications
44. Next steps
• Go to the API Gateway console: https://console.aws.amazon.com/apigateway/home
• Use the example API to get started quickly
• Learn more about mapping templates: http://amzn.to/1L1hSF5
• Follow the AWS compute blog for updates: http://amzn.to/1SfzoWD
45. AWS Training & Certification
Intro Videos & Labs
Free videos and labs to
help you learn to work
with 30+ AWS services
– in minutes!
Training Classes
In-person and online
courses to build
technical skills –
taught by accredited
AWS instructors
Online Labs
Practice working with
AWS services in live
environment –
Learn how related
services work
together
AWS Certification
Validate technical
skills and expertise –
identify qualified IT
talent or show you
are AWS cloud ready
Learn more: aws.amazon.com/training
46. Your Training Next Steps:
ü Visit the AWS Training & Certification pod to discuss your
training plan & AWS Summit training offer
ü Register & attend AWS instructor led training
ü Get Certified
AWS Certified? Visit the AWS Summit Certification Lounge to pick up your swag
Learn more: aws.amazon.com/training