a

Share

AWS API Gateway

Amazon API Gateway

Amazon API Gateway is a fully managed service that makes it simple for developers to construct, publish, maintain, monitor, and protect APIs at any size.

Why API Gateway?

Using Amazon API Gateway, developers can easily build, publish, maintain, monitor, and defend APIs of any scale. It is available as a public or private cloud service. Data, business logic, and functionality from your backend services are accessible to apps through APIs, which serve as the “front door” to those services.The API Gateway can be used to construct RESTful APIs and WebSocket APIs that allow for real-time two-way communication applications. Serverless and containerized workloads, as well as web applications and web services, are all supported by API Gateway. In order to accept and handle hundreds of thousands of API calls simultaneously, API Gateway is in charge of all the duties involved. All of the above activities are included in this list, which includes CORS support, authorization (including throttling and monitoring), and API version management.

Using API Gateway does not entail any upfront expenditures or a minimum fee. API calls and data transfers are billed separately, allowing you to have full control over your costs. The tiered pricing model of API Gateway ensures that you can scale your API usage while keeping your expenses as low as possible.

When it comes to HTTP APIs, the cost is based on the number of requests made. For the first 300 million requests, the price is $1 per million requests, and for subsequent requests, it decreases to $0.90 per million. It’s important to note that this pricing applies to requests of up to 512 KB of data per request.

REST APIs, on the other hand, have a slightly different pricing structure. The cost for the first 350 million requests is $3.50 per million, and for the next 667 million, it decreases to $2.80 per million. Additionally, there is a pricing tier called the ‘next 19 billion’ which costs $2.38 per million requests. If your API usage exceeds 20 billion requests, the price further reduces to $1.51 per million.

It’s worth mentioning that these prices are calculated on a monthly basis. However, it is important to consider that serving 20 billion requests per month is typically associated with the scale of cloud providers like AWS, Google, and Microsoft.

How it Works

 

Image sourced from Amazon Web Services

Features

 

It is simple for developers to publish, maintain, monitor, protect, and run APIs at any scale using the Amazon API Gateway, which is a fully managed service provided by Amazon.This service allows you to pay for it on a pay-as-you-go basis, and it will take care of all of the undifferentiated heavy lifting that is required in order to run APIs in a secure and reliable manner on a wide scale.As a result of the proliferation of mobile devices and the rise of the Internet of Things, it is becoming an increasingly common practice to make backend systems and data accessible to apps through the use of application programming interfaces (APIs). This practice is gaining popularity. A growing amount of time and effort is being spent on the construction and administration of application programming interfaces (APIs) in order to accommodate the large number of apps and communities of developers that rely on APIs. It is possible to construct client SDKs that are compatible with API Gateway using a variety of programming languages. These languages include JavaScript, iOS, and Android. Client software development kits (SDKs) can also be generated by API Gateway for usage in conjunction with other API Gateway services, such as web services.

Amazon API Gateway provides comprehensive monitoring capabilities to track the performance and health of APIs. The API Gateway console seamlessly integrates with CloudWatch, enabling users to access backend performance metrics such as API calls, response latency, and error rates. Users have the flexibility to configure custom alarms on API Gateway APIs, ensuring timely notifications for any unusual activity or issues. Additionally, API Gateway can log detailed information about API execution errors to CloudWatch Logs, allowing for efficient troubleshooting and analysis. This robust monitoring feature set empowers users to proactively monitor and manage the performance of their APIs effectively.

 

RESTful and WebSocket API Support

API Gateway gives you the ability to create RESTful APIs by using either HTTP or REST APIs. HTTP APIs ought to be used for the construction of APIs that lack API management functionality. In comparison to REST APIs implemented through API Gateway, serverless HTTP APIs can reduce costs by up to 71 percent and latency by up to 60 percent. Using API Gateway, you may access REST APIs and API management tools such as consumption plans and API keys for your API proxy-enabled applications. Use WebSocket APIs to construct real-time two-way communication apps like chat and streaming dashboards.

 

Private AWS ELB & Cloud Map integrations

API Gateway supports a variety of integrations to cater to different use cases. One such integration is with private AWS ELB and Cloud Map. With this integration, VPC resources can seamlessly be accessed through API Gateway. This allows for secure and controlled access to resources within your Virtual Private Cloud.

Moreover, API Gateway also provides support for IP-based services, such as ECS jobs, through HTTP APIs. This means that you can easily build APIs for services that rely on IP addresses. By leveraging this integration, you can efficiently manage and expose your IP-based services through API Gateway.

While Your article focuses on specific integrations like private AWS ELB, Cloud Map, and IP-based services, it is important to note that API Gateway offers a much broader range of integrations. In fact, API Gateway supports direct integration with various AWS services including EC2, Lambda, Step Functions, SQS, DynamoDB, Kinesis, Eventbridge, VPC links, and many others. Additionally, API Gateway can be used with any workload that operates on ports 80, 443, and the range of 1024 to 65535. This extensive list of supported integrations ensures that you can seamlessly front any workload you can imagine with API Gateway.

When it comes to the different flavors of the API Gateway, Amazon API Gateway supports a variety of options to suit your needs, including REST APIs, HTTP APIs, and Websocket APIs. To grant users access to your APIs, you can leverage the power of AWS Identity and Access Management (IAM) in conjunction with Amazon Cognito. This combination provides a robust security solution. If you are using OAuth tokens, API Gateway has native support for OIDC and OAuth2, making it easier to integrate with existing authentication systems.

 

Resiliency

API Gateway helps you manage traffic by restricting the number of requests per second for each HTTP method in your APIs. By focusing on business logic and services rather than infrastructure, API Gateway frees you from having to worry about it. You can save time by storing your API data in a cache with re-usable keys and a time-to-live in seconds.

By default, the steady-state request rate limit for API Gateway is set to 10,000 requests per second.  In addition, the maximum concurrent request limit for API Gateway is set to 5,000 requests. This limit applies to the total number of requests that can run simultaneously across all APIs within an AWS account. Consequently, if the number of concurrent requests exceeds 5,000, some requests may be queued or may experience delays until the number of concurrent requests decreases.

 

Easy API Development

With API Gateway, you can quickly and easily build a custom API to call AWS Lambda functions. Web services having publicly accessible HTTP endpoints such as Amazon EC2, AWS Elastic Beanstalk, and AWS Lambda are all included. In the API Gateway console, you can design and manage your REST API, create client SDKs, and monitor your API metrics.

In Amazon API Gateway, there are three different types of endpoints:

1. Edge-Optimized Endpoint: This type of endpoint is suitable for clients that are spread across different geographical locations. When API requests are made, they are automatically directed to the nearest CloudFront Point of Presence (POP). Edge-optimized endpoints are the default type for API Gateway REST APIs, allowing for optimized routing and reduced latency for clients located around the world.

2. Regional Endpoint: A regional API endpoint is designed for clients within the same region as the API. This type of endpoint is ideal when clients are located in the same region as the API or when the API serves a small number of clients with high demands. By reducing connection overhead, regional endpoints enable faster and more efficient communication between clients and the API by leveraging the low-latency network within the region.

3. Private Endpoint: A private API endpoint restricts access to the API, making it accessible only from within your Amazon Virtual Private Cloud (VPC). To use a private endpoint, you need to create an interface VPC endpoint, which is an endpoint network interface (ENI) within your VPC. This enables secure and private communication between resources within your VPC and the API Gateway, ensuring that external access is limited to authorized connections within your VPC.

 

API Operations Monitoring

API Gateway provides a dashboard for monitoring service calls when an API is implemented. API calls, latency, and errors are all tracked by Amazon CloudWatch via the API Gateway panel. API Gateway APIs can be equipped with custom alerts thanks to CloudWatch’s ability to record monitoring data. API Gateway can record errors in API execution to CloudWatch Logs to aid in debugging.

 

Authorization from Amazon Web Services

API Gateway offers several options for handling security. One way to authenticate and validate API calls is to use signature version 4 for both REST APIs and WebSocket APIs. This allows you to grant access to AWS resources through AWS Identity and Access Management (IAM). Additionally, bearer tokens such as JWT tokens and SAML assertions can be verified and authorized using AWS Lambda functions. To grant users access to your APIs, you can leverage the power of AWS Identity and Access Management (IAM) in conjunction with Amazon Cognito. This combination provides a robust security solution. If you are using OAuth tokens, API Gateway has native support for OIDC and OAuth2, making it easier to integrate with existing authentication systems. AWS Lambda authenticators can be utilized for more specific authorization needs. With Lambda’s flexibility, you can implement custom authorization rules and policies to meet your unique requirements.

For REST APIs specifically, security can be further enhanced through the use of Amazon Virtual Private Cloud (VPC) Endpoint policies, tag policies, or custom Lambda authorizers, providing a tailored approach to securing your API infrastructure. On the other hand, HTTP APIs offer a streamlined set of security features that are designed for simplicity and speed. The standout option for HTTP APIs is the plug-and-play JWT-based security that allows for integration with external JWT providers like Firebase or AWS Cognito, offering a straightforward yet effective security solution. This option, exclusive to HTTP APIs, complements the standard IAM and custom Lambda authorizers. Additionally, both API types fully support TLS connections, ensuring secure data transfer across your systems, facilitated by certificates hosted in AWS Certificate Manager.

 

API Keys for External Developers

Using API Gateway, you can keep track of the many third-party developers who are using your REST APIs. Using API Gateway, you may grant specific third-party developers access to your APIs based on permissions you define for each API key. Throttling and request quotas can be established for each API key individually in your plans. This is an optional feature that must be turned on for each technique before it can be used.

 

Generation of SDKs

To make it easier for you to test new APIs from your apps and to provide SDKs for third-party developers, API Gateway can build client SDKs for a range of platforms. To sign requests and manage API keys in the developed SDKs, AWS credentials are required. API Gateway can produce Ruby and Objective-C/Swift client SDKs for all of the aforementioned platforms. You can use the AWS CLI to develop and download an SDK for a supported platform by using the get-sdk command.

Free AWS Services Template

Download list of all AWS Services PDF

Download our free PDF list of all AWS services. In this list, you will get all of the AWS services in a PDF file that contains  descriptions and links on how to get started.

Management of the API Lifecycle

 

With the help of API Gateway, which is compatible with RESTful APIs, applications will be able to continue using older versions of an API even after the most recent version of the API has been made available to the public. Because API Gateway comes equipped with release management features, it is simple to monitor many API versions at the same time. You can specify which API endpoints you want to communicate with at each stage. When utilising API Gateway, it is possible to give a specialized domain name to a certain version or stage of an API. You are able to test new API versions that either update older API releases or provide new functionality to older API releases. This allows you to ensure backward compatibility when user communities move to accept the most recent release.

Benefits

 

  • API development 

API Gateway allows you to simultaneously operate many versions of the same service for testing and iteration. For API calls and data transfers, there are no upfront fees, and you just pay for what you use. Using Amazon CloudFront, we can deliver the lowest possible latency for API requests and responses to end users. To avoid overloading the back-end processes, it’s critical to keep traffic to a minimum and only permit legitimate API calls.

API Gateway offers tier-based pricing for API queries. AWS account API request fees can be decreased down to just $0.90 per million API requests, even as the volume of API calls increases. To keep tabs on API requests, data latency, and error rates using Amazon CloudWatch, the API Gateway dashboard provides a wealth of metrics and statistics.

Use AWS Identity and Access Management (IAM) with Amazon Cognito to grant users access to your APIs. API Gateway has native OIDC and OAuth2 support if you utilize OAuth tokens. Using AWS Identity and Access Management (IAM) and Amazon Cognito, you may restrict access to your APIs. API Gateway provides native support for OIDC and OAuth2 tokens. It is possible to run a Lambda authorizer using AWS Lambda in order to enable specific custom authorization rules and policies.

  • Effectiveness in any context

Using Amazon CloudFront, we are able to deliver the lowest possible latency for API requests and responses to end users. To avoid overloading the back-end processes, it?s critical to keep traffic to a minimum and only permit legitimate API calls. API Gateway offers tier-based pricing for API queries. AWS account API request fees can be decreased down to just $0.90 per million API requests, even as the volume of API calls increases.

To keep tabs on API requests, data latency, and error rates using Amazon CloudWatch, the API Gateway dashboard provides a wealth of metrics and statistics. Use AWS Identity and Access Management (IAM) with Amazon Cognito to grant users access to your APIs. API Gateway has native OIDC and OAuth2 support if you utilize OAuth tokens. AWS Lambda authenticators make It possible to use Lambda to meet specific authorization needs. Using AWS Identity and Access Management (IAM) and Amazon Cognito, you may restrict access to your APIs. API Gateway provides native support for OIDC and OAuth2 tokens. It is possible to run a Lambda authorizer using AWS Lambda in order to enable specific custom authorization rules and policies.

  • Scaled-down cost savings

API Gateway offers tier-based pricing for API queries. AWS account API request fees can be decreased down to just $0.90 per million API requests, even as the volume of API calls increases.

  • Streamlined reporting

To keep tabs on API requests, data latency, and error rates using Amazon CloudWatch, the API Gateway dashboard provides a wealth of metrics and statistics.

  • Intuitive security measures are available.

Intuitive security measures are available to address security concerns effectively within Amazon API Gateway. Utilize AWS Identity and Access Management (IAM) with Amazon Cognito to grant users secure access to your APIs. Additionally, API Gateway offers native support for OIDC and OAuth2, ensuring robust security through token authentication.

For advanced authorization needs, AWS Lambda authenticators provide a flexible solution tailored to your specific requirements. By leveraging AWS Identity and Access Management (IAM) and Amazon Cognito, you can implement stringent access controls to safeguard your APIs effectively. With built-in support for OIDC and OAuth2 tokens, API Gateway ensures a secure environment for your resources. Furthermore, the option to deploy a Lambda authorizer using AWS Lambda enables the implementation of customized authorization rules and policies, enhancing the overall security posture of your APIs.

  • Flexible security controls

Using AWS Identity and Access Management (IAM) and Amazon Cognito, you may restrict access to your APIs. API Gateway provides native support for OIDC and OAuth2 tokens. It is possible to run a Lambda authorizer using AWS Lambda in order to enable specific custom authorisation rules and policies.

 

Application Load Bearers

 

An Application Load Balancer (ALB) is a service that primarily focuses on managing the distribution of incoming requests to backend compute resources such as EC2 instances, Lambdas, or other load balancers. While ALBs do not have the capability to directly query databases like DynamoDB or initiate complex workflows like Step Functions, they can serve as a hosting solution for web-facing Lambdas to handle basic call-and-response setups. In this sense, ALBs can be seen as competitors to the HTTP API offering.

One important distinction to note when comparing ALBs to API Gateway is their pricing structure. ALBs have a higher standing cost but a significantly lower cost-per-request, as their pricing is based solely on data transfer. This means that if your application involves a high number of low data volume requests (such as 1 million requests per day at approximately 5KB each), ALBs can often be a more cost-effective choice compared to API Gateway, even when utilizing Web Application Firewall (WAF) functionality.

 

How Does Cost Differ?

 

The pricing structure of Application Load Balancers (ALBs) and API Gateway differs, especially for a high number of low data volume requests. ALBs tend to be more cost-effective in this scenario compared to API Gateway.

ALBs have a unique pricing model that considers both a standing cost and a cost-per-request, which is solely based on data transfer. Although they have a higher standing cost, the cost per request is significantly lower. This means that if you have a large volume of low data volume requests (such as 1 million per day with an average of 5KB per request), ALBs generally prove to be more affordable when compared to API Gateway, even when the Web Application Firewall (WAF) feature is enabled.

Need help on AWS?

AWS Partners, such as AllCode, are trusted and recommended by Amazon Web Services to help you deliver with confidence. AllCode employs the same mission-critical best practices and services that power Amazon’s monstrous ecommerce platform.

API Types:

RESTful APIs

You can construct RESTful APIs optimized for serverless workloads and HTTP backends by utilizing HTTP application programming interfaces (APIs). HTTP APIs are ideal for designing APIs that only require API proxy capabilities, such as web service APIs. By leveraging REST APIs, you can combine API proxy and API administration services into a single solution provided by API Gateway.

WEBSOCKET APIS 

For real-time two-way communication applications like chat apps and streaming dashboards, WebSocket APIs are a quick and effective solution. API Gateway handles the message transfer between your customers and your backend service, maintaining a constant connection for seamless communication.

 

Pricing

You only pay for the time your APIs are utilized using Amazon API Gateway. There are no upfront charges or obligations. You only pay for the API requests you receive and the data you transport out of the system when using HTTP APIs or REST APIs. There are no outbound data transmission fees for Private APIs. However, AWS PrivateLink charges will be charged while using private APIs in API Gateway. API Gateway, on the other hand, offers an optional data caching service with variable hourly pricing based on cache size. You can pay only when your WebSocket APIs are in use, and the amount you pay depends on the number of messages transmitted and received as well as the number of connection minutes you have used the APIs.

The costs for caching can vary significantly depending on the size of the cache you choose to provision. For instance, prices start at $0.02 per hour for a minimal cache size of 0.5 GB. For larger needs, such as a 237GB cache, the cost can go up to $3.80 per hour. These figures illustrate the service’s scalability, catering to both small-scale and large-scale operations.

If your services handle an extensive amount of traffic, say around 100 million requests per month (which breaks down to slightly more than 38 requests per second), implementing a robust caching strategy becomes crucial. In this scenario, the investment in caching is not only cost-effective but also essential for maintaining performance. Comparatively, the cost of setting up and managing such capabilities on-premises would likely exceed the straightforward costs of API Gateway’s caching service, not to mention the significant savings on the manpower usually required for such operations.

Regarding Amazon API Gateway, the pricing structure is designed to be transparent and flexible. You won’t encounter any upfront costs or minimum fees, making starting easy. The pricing model is based on two main factors: API calls and data transfers. For HTTP APIs, the cost is $1 per million requests for the initial 300 million requests, covering up to 512 KB of data per request. Beyond that initial threshold, the cost decreases to $0.90 per million requests.

For REST APIs, the pricing is slightly different. You will be charged $3.50 per million requests for the first 350 million requests, and the cost reduces to $2.80 per million requests for the subsequent 667 million requests. These pricing tiers are structured to provide cost efficiency as your API usage scales. While these are the core pricing components, it’s important to note that additional charges may apply for optional data caching based on the cache size selected. This detailed breakdown ensures that you can keep track of your costs and optimize your usage of Amazon API Gateway effectively. In addition, there can be other additional charges depending on how API Gateway is being used, such as data transfer, Lambda, and Cloudwatch. By understanding and considering these potential charges, you can make informed decisions to manage your expenses and maximize the benefits of utilizing Amazon API Gateway.

 

Free AWS Services Template

Text AWS to (415) 890-6431

Text us and join the 700+ developers that have chosen to opt-in to receive the latest AWS insights directly to their phone. Don’t worry, we’ll only text you 1-2 times a month and won’t send you any promotional campaigns - just great content!

Related Articles

Top CI/CD Tools to Use in App Development

Top CI/CD Tools to Use in App Development

Modern software development requires continuous maintenance over the course of its operational lifespan in the form of continuous integration (CI) and continuous deployment (CD). It is tedious work, but helps developers worry less about critical breakdowns. Automating this cycle provides an easier means by which rollbacks can occur in the case of a bad update while providing additional benefits such as security and compliance functionality.

Top Software as a Service Companies in 2024

Top Software as a Service Companies in 2024

Spending for public cloud usage continues to climb with every year. In 2023, nearly $600 billion was spent world-wide with a third of that being taken up by SaaS. By comparison, Infrastructure as a Service only takes up $150 billion and Platform as a Service makes up $139 billion. On average, companies use roughly 315 individual SaaS applications for their operations and are gradually increasing on a yearly basis. SaaS offers a level of cost efficiency that makes it an appealing option for consuming software.

AWS Graviton and Arm-architecture Processors

AWS Graviton and Arm-architecture Processors

AWS launched its new batch of Arm-based processors in 2018 with AWS Graviton. It is a series of server processors designed for Amazon EC2 virtual machines. The EC2 AI instances support web servers, caching fleets, distributed data centers, and containerized microservices. Arm architecture is gradually being rolled out to handle enterprise-grade utilities at scale. Graviton instances are popular for handling intense workloads in the cloud.