Intro

• Serverless REST APIs with TLS termination (all of the APIs created with API Gateway expose HTTPS endpoints only)
• API versioning
• Multiple environment (dev, test, prod)
• Request throttling
• Authentication and Authorization
• Supports API keys
• Supports WebSocket
• Cache API responses
• Generate SDK and API specifications
• Swagger / OpenAPI config supported (import or export)
• Transform and validate requests and responses
• Firewall can be implemented using Web Application Firewall (WAF)

Integration

Integration Types

• MOCK - API gateway returns a mock (hardcoded) response (useful in development)

• AWS_PROXY (Lambda Proxy)

  • Incoming request from the client is proxied to the lambda function as a JSON event (request specific params like status code is automatically handled by API gateway)
  • Used to create serverless REST APIs
  • Cannot modify the request & response in API gateway (no mapping template)
  • The entire processing of request happens in the Lambda function

  

• AWS

  • To integrate with AWS resources or a Lambda function (custom integration)
  • Can modify integration requests and responses using mapping templates