API Gateway

Question 1

What are the mechanisms for controlling and managing access to your API Gateway?

Answer 1

• Resource-based policies to allow or deny access to your APIs and methods from specified source IP addresses or VPC endpoints.
• Standard AWS IAM roles and policies offer flexible and robust access controls that can be applied to an entire API or individual methods.
• IAM tags can be used together with IAM policies to control access.
• Endpoint policies for interface VPC endpoints allow you to attach IAM resource policies to interface VPC endpoints to improve the security of your private APIs.
• Lambda authorizers are Lambda functions that control access to REST API methods using bearer token authentication—as well as information described by headers, paths, query strings, stage variables, or context variables request parameters.
• Amazon Cognito user pools let you create customizable authentication and authorization solutions for your REST APIs.

Question 2

What are the WebSocket API use cases?

Answer 2

You can use API Gateway WebSocket APIs to build secure, real-time communication applications without having to provision or manage any servers to manage connections or large-scale data exchanges. Targeted use cases include real-time applications such as the following:

• Chat applications
• Real-time dashboards such as stock tickers
• Real-time alerts and notifications

Question 3

Which are the API Gateway integration types?

Answer 3

• MOCK
• AWS - AWS Services
• AWS_PROXY - Lambda
• HTTP_PROXY - backend HTTP endpoints
• HTTP - expose HTTP endpoints in the backend

Question 4

How can a client of your API invalidate an existing cache entry and reload it from the integration endpoint for individual requests?

Answer 4

Using the header Cache-Control: max-age=0