API Gateway Flashcards
What is API Gateway
Application Programming Interface Gateway. Fully managed service that. makes it easy for developers to publish, maintain, monitor or secure API. Easily create an API that acts as a “front door” for apps to access data, business logic or functionality from backend service.
- Apps running on EC2
- Code running on Lambda
- Or any webapp
What kind of API does API Gateway support?
RESTful API.
Uses JSON
How does API Gateway prevent attacks
Throttles requests
What services can API Gateway connect to serverlessly?
Lambda
DynamoDB
Monitoring Service for API Gateway
CloudWatch
CloudWatch Logs
What is API Caching
API Gateway allow to cache endpoint response. This reduces the number of calls made to an endpoint and can improve latency of API requests. These caches have TTLs.
Describe Same Origin Policy
Web browser permits scripting contained in 1st webpage to access data on 2nd webpage (but only if webpages have the same orgin)
This is done to prevent cross-site scripting (XSS) attacks
Enforced by web browsers
Must set up CORS for this
What is CORS
Cross Origin Resource Sharing
relax same-origin policy
Broswer makes HTTP OPTIONS Orgin Policy error means need to connect CORS
If using JS/Ajax and use multiple domains w? API gateway ensure you have enabled CORS
Who enforces CORS
the client
How to import API from an external definition file into API Gateway
Swagger v2.0 definition file
How to create a new API with external definition file
submit POST request include Swagger definition in payload and endpoint config
How to update an existing API with external definition file
PUT request. Contain Swagger definition in payload.
How to specify options in API call
Add query param in request URL
Default limit steady state rate request API Gateway
10000 requests per sec (rps)
Max concurrent requests API Gateway
5000 across all APIs w/in AWS account
