What is Amazon API Gateway

An abstract representation of Amazon API Gateway as a complex network facilitating seamless API communication.

Learn about Amazon API Gateway, the AWS service crucial for creating, maintaining, and securing APIs at any scale. Perfect for developers looking to integrate AWS or third-party services.


Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from your backend services. Using API Gateway, you can create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications. API Gateway supports containerized and serverless workloads, as well as web applications.

Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, CORS support, authorization and access control, throttling, monitoring, and API version management. API Gateway has no minimum fees or startup costs. You pay for the API calls you receive and the amount of data transferred out and, with the API Gateway tiered pricing model, you can reduce your cost as your API usage scales.

API types #

Amazon API Gateway supports different types of APIs tailored to specific use cases.

RESTful APIs: #

These are APIs that conform to the constraints of REST architectural style and are designed around using standard HTTP methods like GET, POST, PUT, DELETE, and PATCH. RESTful APIs are stateless, meaning that each call can be made independently of others, and the call contains all necessary information to complete itself.

HTTP APIs: #

Introduced as a more cost-effective and faster alternative to RESTful APIs, HTTP APIs are optimized for building APIs that proxy to AWS Lambda functions or HTTP endpoints. They offer built-in features like JSON Web Tokens (JWT) and OAuth 2 authorization, CORS, and integration with AWS services.

WebSocket APIs: #

WebSocket APIs maintain a persistent connection between connected clients to enable real-time message transfers. This is ideal for scenarios where you need low-latency communication between the server and the client, such as in chat applications, real-time notifications, and collaborative platforms.

API Gateway handles the requests and responses for these API types, abstracting the backend service complexity and providing developers with the tools to create, publish, document, and monitor their APIs.

Benefits #

Amazon API Gateway offers numerous benefits that make it a powerful tool for building and managing APIs

Efficient API development #

Run multiple versions of the same API simultaneously with API Gateway, allowing you to quickly iterate, test, and release new versions. You pay for calls made to your APIs and data transfer out, and there are no minimum fees or upfront commitments.

Performance at any scale #

Provide end users with the lowest possible latency for API requests and responses by taking advantage of our global network of edge locations using Amazon CloudFront. Throttle traffic and authorize API calls to ensure that backend operations withstand traffic spikes and backend systems are not unnecessarily called.

Cost savings at scale #

API Gateway provides a tiered pricing model for API requests. With an API Requests price as low as $0.90 per million requests at the highest tier, you can decrease your costs as your API usage increases per region across your AWS accounts.

Easy monitoring #

Monitor performance metrics and information on API calls, data latency, and error rates from the API Gateway dashboard, which allows you to visually monitor calls to your services using Amazon CloudWatch.

Flexible security controls #

Authorize access to your APIs with AWS Identity and Access Management (IAM) and Amazon Cognito. If you use OAuth tokens, API Gateway offers native OIDC and OAuth2 support. To support custom authorization requirements, you can execute a Lambda authorizer from AWS Lambda.

RESTful API options #

Create RESTful APIs using HTTP APIs or REST APIs. HTTP APIs are the best way to build APIs for a majority of use cases—they're up to 71% cheaper than REST APIs. If your use case requires API proxy functionality and management features in a single solution, you can use REST APIs.

API-Gateway process flow: #

  1. End Users: This is where the API interaction starts. End users send a request to the API Gateway.

  2. API Gateway Request Workflow:

    • Authorize: First, the API Gateway performs any necessary authorization checks to ensure the caller has the right permissions.
    • Configure: The request is then configured according to the API setup, which may involve specifying endpoints, query string parameters, etc.
    • Meter: Usage is metered for tracking and billing purposes.
    • Transform: The request may be transformed into the format expected by the backend services.
    • Map: The request is mapped to the appropriate backend service.

  3. Backend Service Integrations: The request is sent to the integrated backend service, which processes it and returns a response.

  4. API Gateway Response Workflow:

    • Map: The response from the backend service is mapped according to the API Gateway's configuration.
    • Transform: If necessary, the response is transformed from the backend format to the format expected by the client.
    • Configure: The response may go through additional configuration, which could include setting response headers or status codes.

  5. End Users: Finally, the response is sent back to the end users.

This results in a bidirectional flow where the request and response go through different stages within the API Gateway, allowing for a secure, controlled, and potentially transformed communication between end users and backend services.