Amazon API Gateway was created to address challenges customers faced in managing and monitoring APIs. It allows users to host multiple API versions and stages, generate and distribute API keys to developers, and leverage SigV4 to authorize access. API Gateway provides features like throttling, caching, and SDK generation to help manage traffic and access to backend services. It offers a serverless way to deploy APIs without having to provision or manage servers.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, deploy, secure and monitor APIs at any scale. In this session, you’ll find out how you can quickly declare an API interface and connect it to any public HTTP endpoint, existing web service running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Join us for this introductory session to Amazon API Gateway.
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...Amazon Web Services
How do you create APIs? When publishing a new API there are a lot of factors to consider: Versioning, Network Management, Authorization, Ecosystem Management, and finally client SDKs.
Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. With Amazon API Gateway, you can quickly declare an API interface and connect it to existing web services running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda, and generate an SDK for client applications to access the API. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Amazon API Gateway has no minimum fees or startup costs, and you pay only for the API calls you receive and the amount of data transferred.
Learning Objectives:
Learn how to create APIs in the AWS Cloud without managing a single server with AWS Lambda
Learn how to manage stages and versions of your APIs
Learn how to map parameters and transform data in flight
Building Scalable Services with Amazon API Gateway - Technical 201Amazon Web Services
The session introduces Amazon API Gateway and walks through common patterns and use-cases as implemented by API Gateway customers. The second part of the session is dedicated to diving deeper on the new features introduced in the API Gateway and how to make the most of them.
Speaker: Stefano Bulani, Sr Product Manager, Amazon Web Services
Featured Customer - Temando
Amazon API Gateway is a fully managed service that makes it easy for developers to create, deploy, secure and monitor APIs at any scale. In this session, you’ll find out how you can quickly declare an API interface and connect it to any public HTTP endpoint, existing web service running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Join us for this introductory session to Amazon API Gateway.
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...Amazon Web Services
How do you create APIs? When publishing a new API there are a lot of factors to consider: Versioning, Network Management, Authorization, Ecosystem Management, and finally client SDKs.
Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. With Amazon API Gateway, you can quickly declare an API interface and connect it to existing web services running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda, and generate an SDK for client applications to access the API. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Amazon API Gateway has no minimum fees or startup costs, and you pay only for the API calls you receive and the amount of data transferred.
Learning Objectives:
Learn how to create APIs in the AWS Cloud without managing a single server with AWS Lambda
Learn how to manage stages and versions of your APIs
Learn how to map parameters and transform data in flight
Building Scalable Services with Amazon API Gateway - Technical 201Amazon Web Services
The session introduces Amazon API Gateway and walks through common patterns and use-cases as implemented by API Gateway customers. The second part of the session is dedicated to diving deeper on the new features introduced in the API Gateway and how to make the most of them.
Speaker: Stefano Bulani, Sr Product Manager, Amazon Web Services
Featured Customer - Temando
API Gateways can simplify the work that a developer needs to do to build API based services by helping to standardize authentication and authorization, consumer interfaces, and management needs. With Amazon API Gateway you get all of this and more, including a completely serverless management of your APIs and the ability to host them at almost any scale. You also can get the benefits of the numerous types of APIs that are supported, from pubic to private, REST to Websockets, backed by almost any backend you can think of. In this session we’ll review the powerful capabilities of Amazon API Gateway and how you can get started building awesome APIs.
Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications, AWS
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.
Presented by: Danilo Poccia, Technical Evangelist, Amazon Web Services
Amazon API Gateway and AWS Lambda: Better TogetherDanilo Poccia
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. AWS Lambda is a compute service that runs your code in response to events and automatically manages the compute resources for you, making it easy to build applications that respond quickly to new information. Together they help you build a server-less event-driven backend that is easy to manage and scale.
AWS August Webinar Series - Building Serverless Backends with AWS Lambda and ...Amazon Web Services
AWS Lambda is a compute service that runs your code in response to triggers and automatically manages the compute resources for you. Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.
This webinar will familiarize you with the basics of AWS Lambda and Amazon API Gateway and demonstrate how to build web, mobile, and IoT backends using these services. You will learn how to setup API endpoints that trigger AWS Lambda functions to handle mobile, web, IoT, and 3rd party API requests. You will also learn how to use Lambda to read and write to DynamoDB.
Learning Objectives:
Understand key AWS Lambda and Amazon API Gateway features
Learn how to set up a serverless backend using Amazon API Gateway and AWS Lambda
Explore sample use cases, best practices and tips on using AWS Lambda with Amazon API Gateway
Building API-Driven Microservices with Amazon API Gateway - AWS Online Tech T...Amazon Web Services
Learning Objectives:
- Learn patterns for building APIs for various backend technologies
- Learn how to secure your APIs
- Learn how to handle updates, versioning, and environments using Amazon API Gateway
Migrate your Existing Express Apps to AWS Lambda and Amazon API GatewayAmazon Web Services
This webinar teaches you how to use Amazon API Gateway and AWS Lambda to run your existing Express.js applications with just a few lines of code. We will introduce three new features in API Gateway: proxy integrations, greedy paths, and the ANY HTTP method. Combining these features, you can configure API Gateway in a few simple clicks via the management console and express all of your logic and API definition in code.
Learning Objectives:
1. Easier migration to API Gateway and Lambda
2. New API Gateway Catch-all methods
Who Should Attend: Developers
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewaySteve Androulakis
Stephen Liedig (Amazon Web Services) is a Public Sector Solutions Architect at AWS working closely with local and state governments, educational institutions, and non-profit organisations across Australia and New Zealand to design, and deliver, highly secure, scalable, reliable and fault-tolerant architectures in the AWS Cloud while sharing best practices and current trends, with a specific focus on DevOps, messaging, and serverless technologies.
2016 - Serverless Microservices on AWS with API Gateway and Lambdadevopsdaysaustin
Presentation by Matt Barlow
Someone just gave you an idea for a new microservice. How quickly can you build it?
Using Swagger, API Gateway, and Lambda, we'll go from idea to HTTP response with just a few edits. We'll look at how Swagger can auto generate our API Gateway service, docs, client libraries, monitors, and tests, saving us a ton of work. We'll make code changes, version them in Lambda, and evaluate them with curl or Postman in seconds.
Building APIs with Amazon API Gateway: re:Invent 2018 Recap at the AWS Loft -...Amazon Web Services
Building APIs with Amazon API Gateway: re:Invent 2018 Recap at the AWS Loft - San Francisco
API Gateways can simplify the work that a developer needs to do to build API based services by helping to standardize authentication and authorization, consumer interfaces, and management needs. With Amazon API Gateway you get all of this and more, including a completely serverless management of your APIs and the ability to host them at almost any scale. You also can get the benefits of the numerous types of APIs that are supported, from pubic to private, REST to Websockets, backed by almost any backend you can think of. In this session we’ll review the powerful capabilities of Amazon API Gateway and how you can get started building awesome APIs.
Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications
Building Serverless Backends with AWS Lambda and Amazon API GatewayAmazon Web Services
AWS Lambda is a compute service that runs your code without provisioning or managing servers. Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.
This session will familiarize you with the basics of AWS Lambda and Amazon API Gateway and demonstrate how to build web, mobile, and IoT backends using these services. You will learn how to setup API endpoints that trigger AWS Lambda functions to handle mobile, web, IoT, and 3rd party API requests. You will also learn how to use Lambda to read and write to Amazon DynamoDB. We will run through a demo of setting up a simple serverless blogging web application that allows user authentication and the ability to create posts and comments.
AWS DevDay San Francisco, June 21, 2016.
Presenters: Vyom Nagrani, Ceci Deng
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application.
Building Serverless Web Applications - May 2017 AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn the basics of AWS Lambda and Amazon API Gateway
- Understand how to build a web application using these services
- Learn to architect a serverless application
- Gain an overview of frameworks for building serverless applications
What if you could build a web application that could support true web-scale traffic without having to ever provision or manage a single server? In this session, you will learn how to build a serverless website that scales automatically using services like AWS Lambda, Amazon API Gateway, and Amazon S3. We will review several frameworks that can help you build serverless applications, such as the AWS Serverless Application Model (AWS SAM), Chalice, and ClaudiaJS.
Deep Dive on Serverless Web Applications - AWS May 2016 Webinar SeriesAmazon Web Services
Serverless architectures involve building applications and services with infrastructure resources that require zero administration. When building and operating web applications, you have to provision and manage servers to run your application code, install and operate distributed databases, and scale servers to handle API requests. AWS provides you a stack of scalable, fully-managed services that eliminates these operational complexities.
In this session, we will briefly review how you can build web applications using a serverless architecture. We will run through a demo of setting up a simple serverless blogging web application that allows user authentication and the ability to create posts and comments. We will dive into the details of how AWS Lambda, Amazon API Gateway, Amazon S3, Amazon DynamoDB, and Amazon Cognito are used in each component of the web application.
Learning Objectives:
• Review components and benefit of serverless architectures
• Learn how to build a serverless blogging web application
Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In the past, you had to provision and scale servers to run your application code, install and operate distributed databases, and build and run custom software to handle API requests. Now, AWS provides a stack of scalable, fully-managed services that eliminates these operational complexities.
In this session, you will learn about the benefits of serverless architectures and the basics of the serverless stack AWS provides. We will also walk through how you can use serverless architectures for everything from data processing to mobile and web backends.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Jeremy Edberg, Co-Founder, CloudNative, & AWS Community Hero
Learn how to monitor and manage your serverless APIs in production. We show you how to set up Amazon CloudWatch alarms, interpret CloudWatch logs for Amazon API Gateway and AWS Lambda, and automate common maintenance and management tasks on your service.
API Gateways can simplify the work that a developer needs to do to build API based services by helping to standardize authentication and authorization, consumer interfaces, and management needs. With Amazon API Gateway you get all of this and more, including a completely serverless management of your APIs and the ability to host them at almost any scale. You also can get the benefits of the numerous types of APIs that are supported, from pubic to private, REST to Websockets, backed by almost any backend you can think of. In this session we’ll review the powerful capabilities of Amazon API Gateway and how you can get started building awesome APIs.
Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications, AWS
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.
Presented by: Danilo Poccia, Technical Evangelist, Amazon Web Services
Amazon API Gateway and AWS Lambda: Better TogetherDanilo Poccia
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. AWS Lambda is a compute service that runs your code in response to events and automatically manages the compute resources for you, making it easy to build applications that respond quickly to new information. Together they help you build a server-less event-driven backend that is easy to manage and scale.
AWS August Webinar Series - Building Serverless Backends with AWS Lambda and ...Amazon Web Services
AWS Lambda is a compute service that runs your code in response to triggers and automatically manages the compute resources for you. Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.
This webinar will familiarize you with the basics of AWS Lambda and Amazon API Gateway and demonstrate how to build web, mobile, and IoT backends using these services. You will learn how to setup API endpoints that trigger AWS Lambda functions to handle mobile, web, IoT, and 3rd party API requests. You will also learn how to use Lambda to read and write to DynamoDB.
Learning Objectives:
Understand key AWS Lambda and Amazon API Gateway features
Learn how to set up a serverless backend using Amazon API Gateway and AWS Lambda
Explore sample use cases, best practices and tips on using AWS Lambda with Amazon API Gateway
Building API-Driven Microservices with Amazon API Gateway - AWS Online Tech T...Amazon Web Services
Learning Objectives:
- Learn patterns for building APIs for various backend technologies
- Learn how to secure your APIs
- Learn how to handle updates, versioning, and environments using Amazon API Gateway
Migrate your Existing Express Apps to AWS Lambda and Amazon API GatewayAmazon Web Services
This webinar teaches you how to use Amazon API Gateway and AWS Lambda to run your existing Express.js applications with just a few lines of code. We will introduce three new features in API Gateway: proxy integrations, greedy paths, and the ANY HTTP method. Combining these features, you can configure API Gateway in a few simple clicks via the management console and express all of your logic and API definition in code.
Learning Objectives:
1. Easier migration to API Gateway and Lambda
2. New API Gateway Catch-all methods
Who Should Attend: Developers
Stephen Liedig: Building Serverless Backends with AWS Lambda and API GatewaySteve Androulakis
Stephen Liedig (Amazon Web Services) is a Public Sector Solutions Architect at AWS working closely with local and state governments, educational institutions, and non-profit organisations across Australia and New Zealand to design, and deliver, highly secure, scalable, reliable and fault-tolerant architectures in the AWS Cloud while sharing best practices and current trends, with a specific focus on DevOps, messaging, and serverless technologies.
2016 - Serverless Microservices on AWS with API Gateway and Lambdadevopsdaysaustin
Presentation by Matt Barlow
Someone just gave you an idea for a new microservice. How quickly can you build it?
Using Swagger, API Gateway, and Lambda, we'll go from idea to HTTP response with just a few edits. We'll look at how Swagger can auto generate our API Gateway service, docs, client libraries, monitors, and tests, saving us a ton of work. We'll make code changes, version them in Lambda, and evaluate them with curl or Postman in seconds.
Building APIs with Amazon API Gateway: re:Invent 2018 Recap at the AWS Loft -...Amazon Web Services
Building APIs with Amazon API Gateway: re:Invent 2018 Recap at the AWS Loft - San Francisco
API Gateways can simplify the work that a developer needs to do to build API based services by helping to standardize authentication and authorization, consumer interfaces, and management needs. With Amazon API Gateway you get all of this and more, including a completely serverless management of your APIs and the ability to host them at almost any scale. You also can get the benefits of the numerous types of APIs that are supported, from pubic to private, REST to Websockets, backed by almost any backend you can think of. In this session we’ll review the powerful capabilities of Amazon API Gateway and how you can get started building awesome APIs.
Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications
Building Serverless Backends with AWS Lambda and Amazon API GatewayAmazon Web Services
AWS Lambda is a compute service that runs your code without provisioning or managing servers. Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.
This session will familiarize you with the basics of AWS Lambda and Amazon API Gateway and demonstrate how to build web, mobile, and IoT backends using these services. You will learn how to setup API endpoints that trigger AWS Lambda functions to handle mobile, web, IoT, and 3rd party API requests. You will also learn how to use Lambda to read and write to Amazon DynamoDB. We will run through a demo of setting up a simple serverless blogging web application that allows user authentication and the ability to create posts and comments.
AWS DevDay San Francisco, June 21, 2016.
Presenters: Vyom Nagrani, Ceci Deng
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application.
Building Serverless Web Applications - May 2017 AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn the basics of AWS Lambda and Amazon API Gateway
- Understand how to build a web application using these services
- Learn to architect a serverless application
- Gain an overview of frameworks for building serverless applications
What if you could build a web application that could support true web-scale traffic without having to ever provision or manage a single server? In this session, you will learn how to build a serverless website that scales automatically using services like AWS Lambda, Amazon API Gateway, and Amazon S3. We will review several frameworks that can help you build serverless applications, such as the AWS Serverless Application Model (AWS SAM), Chalice, and ClaudiaJS.
Deep Dive on Serverless Web Applications - AWS May 2016 Webinar SeriesAmazon Web Services
Serverless architectures involve building applications and services with infrastructure resources that require zero administration. When building and operating web applications, you have to provision and manage servers to run your application code, install and operate distributed databases, and scale servers to handle API requests. AWS provides you a stack of scalable, fully-managed services that eliminates these operational complexities.
In this session, we will briefly review how you can build web applications using a serverless architecture. We will run through a demo of setting up a simple serverless blogging web application that allows user authentication and the ability to create posts and comments. We will dive into the details of how AWS Lambda, Amazon API Gateway, Amazon S3, Amazon DynamoDB, and Amazon Cognito are used in each component of the web application.
Learning Objectives:
• Review components and benefit of serverless architectures
• Learn how to build a serverless blogging web application
Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In the past, you had to provision and scale servers to run your application code, install and operate distributed databases, and build and run custom software to handle API requests. Now, AWS provides a stack of scalable, fully-managed services that eliminates these operational complexities.
In this session, you will learn about the benefits of serverless architectures and the basics of the serverless stack AWS provides. We will also walk through how you can use serverless architectures for everything from data processing to mobile and web backends.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Jeremy Edberg, Co-Founder, CloudNative, & AWS Community Hero
Learn how to monitor and manage your serverless APIs in production. We show you how to set up Amazon CloudWatch alarms, interpret CloudWatch logs for Amazon API Gateway and AWS Lambda, and automate common maintenance and management tasks on your service.
Learn about the state of Serverless after AWS re:Invent 2020. Check out the most impactful new features, and use cases for the new capabilities. Event recording (including 1hr long Q&A) is at http://YouTube.ServerlessToronto.org
LINKS FROM THE MEETUP CHAT:
Best practices in Product Management https://www.meetup.com/lean-product/
Some good PMs (Product Managers) will be here https://www.productfaculty.com/cpo-mastery
re:Invent 2020 Sessions https://virtual.awsevents.com/agenda
Amazon Aurora Serverless v2 - Instant scaling for demanding workloads https://virtual.awsevents.com/media/1_3nlad51o
OpenTelemetry & AWS X-Ray https://aws.amazon.com/blogs/opensource/enhancing-aws-x-ray-support-in-opentelemetry-javascript-sdk/
Adrian Cockcroft’s architecture trends and topics for 2021 https://virtual.awsevents.com/esearch/search?keyword=cockcroft
Dirk Froehner's talk "Application integration patterns for microservices" https://virtual.awsevents.com/media/1_6zks63br
"Tim Bray and Friends | Messaging Series" https://aws.amazon.com/messaging/twitch/
"How I started building serverless apps - the Serverless Coffee Break with Emily Shea" https://www.youtube.com/watch?v=oxHnUFMRWu8
Our Knowledge sponsor https://www.manning.com/
4 Serverless events already scheduled for 2021, RSVP at https://www.meetup.com/Serverless-Toronto/events
LINKS FROM THE PRESENTATION:
https://twitter.com/jbesw
1 ms billing https://s12d.com/1ms
Container image support for AWS Lambda https://s12d.com/OCI
https://s12d.com/extensions-intro
https://s12d.com/extensions-building
https://s12d.com/extensions-logs
Decoupling serverless workloads with Amazon EventBridge (James Beswick) https://virtual.awsevents.com/media/1_gyzid3q3
AWS Lambda – Part 1: Optimizing your serverless applications (Chris Munns) https://virtual.awsevents.com/media/1_bhnvfdgz
Best practices for securing your serverless applications (Rob Sutter) https://virtual.awsevents.com/media/1_zchhd4oh
API Gateway – Beyond the proxy (Eric Johnson) https://virtual.awsevents.com/media/1_hgw8wdl7
The serverless LAMP stack (Ben Smith) https://virtual.awsevents.com/media/1_ajbfgmdl
Becoming proficient with serverless application observability (Julian Wood) https://virtual.awsevents.com/media/1_t0qj8lcg
Resources for learning AWS https://ServerlessLand.com/learn
Cost is often the conversation starter when customers think about moving to the cloud. AWS helps lower costs for customers through its “pay only for what you use” pricing model, frequent price drops, and pricing model choice to support variable & stable workloads. In this session, you will learn about the financial considerations of owning and operating a traditional data center or managed hosting provider versus utilizing AWS. We will detail our TCO methodology and showcase cost comparisons for some common customer use-cases. We’ll also cover a few AWS cost optimization areas, including Spot and Reserved Instances, EC2 Auto Scaling, and consolidated billing.
Presenter:
Amit Sharma, Solution Architect, Amazon Internet Services
Krishnenjit Roy, Director IT Operations, Freshdesk
Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more. In this session, you’ll learn how to get started with serverless computing with AWS Lambda, which lets you run code without provisioning or managing servers. We’ll introduce you to the basics of building with Lambda and how you can benefit from features such as continuous scaling, built-in high availability, integrations with AWS and third-party apps, and subsecond metering pricing. We’ll also introduce you to the broader portfolio of AWS services that help you build serverless applications with Lambda, including Amazon API Gateway, Amazon DynamoDB, AWS Step Functions, and more.
by John Burry, Principal Mobile Solutions Architect, AWS
The web application is almost complete, but we need capabilities to allow our users to request a ride on a unicorn. In this session, we will take a look at how we can implement an API in the cloud that can scale with your startup.
by Nader Dabit, Developer Advocate AWS
You’ve got an awesome startup idea – Wild Rydes! The next generation in transportation will be driven by a willing unicorn population and your new startup will produce the worlds first unicorn hailing services. It’s just seven days to launch, and your designers have delivered the final designs for your website, but your idea depends on the mobile economy! Can you build out your web and mobile infrastructure in time for your launch?
Across three days, AWS experts will guide you through all the pieces that are needed to produce an awesome mobile experience for both your unicorns and your riders.
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIsAmazon Web Services
Amazon API Gateway is a fully managed service that makes it easy for developers to create, deploy, secure, and monitor APIs at any scale. In this presentation, you’ll find out how to quickly declare an API interface and connect it with code running on AWS Lambda. Amazon API Gateway handles all of the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. We will demonstrate how to build an API that uses AWS Identity and Access Management (IAM) for authorization and Amazon Cognito to retrieve temporary credentials for your API calls. We will write the AWS Lambda function code in Java and build an iOS sample application in Objective C.
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...Amazon Web Services
Attend this session to dive deeper into AWS's content delivery service, Amazon CloudFront. Learn how you can use CloudFront to accelerate the delivery of your APIs or applications, including content that cannot be cached, to global clients. We'll also walk you through how you can use Lambda@Edge, which gives you the ability to execute custom code inline with your CloudFront events to customize applications. With Lambda@Edge, you can now generate custom responses right at the edge, allowing you to leverage CloudFront to reduce end-to-end latency and more efficiently filter traffic to your back-end origin servers. We'll walk you through Lambda@Edge use cases and walk through a demo to show how this works.
Get An Attractive Score in AWS Developer Associate (DVA-C02) ExamAdinaCoyle
Click Here---> https://bit.ly/3oHuKuS <---Get complete detail on DVA-C02 exam guide to crack Developer Associate. You can collect all information on DVA-C02 tutorial, practice test, books, study material, exam questions, and syllabus. Firm your knowledge on Developer Associate and get ready to crack DVA-C02 certification. Explore all information on DVA-C02 exam with number of questions, passing percentage and time duration to complete test.
Similar to AWS Summit Barcelona 2015 - Introducing Amazon API Gateway (20)
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
7. Your Feedback
• Managing multiple versions and stages of an API is difficult
• Monitoring 3rd party developers’ access is time consuming
8. Your Feedback
• Managing multiple versions and stages of an API is difficult
• Monitoring 3rd party developers’ access is time consuming
• Access authorization is a challenge
9. Your Feedback
• Managing multiple versions and stages of an API is difficult
• Monitoring 3rd party developers’ access is time consuming
• Access authorization is a challenge
• Traffic spikes create operational burden
10. Your Feedback
• Managing multiple versions and stages of an API is difficult
• Monitoring 3rd party developers’ access is time consuming
• Access authorization is a challenge
• Traffic spikes create operational burden
• What if I don’t want servers at all?
11. • Host multiple versions and stages of your APIs
• Create and distribute API Keys to developers
• Leverage AWS Sigv4 to authorize access to APIs
• Throttle and monitor requests to protect your backend
• Utilizes AWS Lambda
Introducing Amazon API Gateway
12. Introducing Amazon API Gateway
• Managed cache to store API responses
• Reduced latency and DDoS protection through CloudFront
• SDK Generation for iOS, Android and JavaScript
• Swagger support
• Request / Response data transformation and API mocking
14. An API Call Flow
Internet
Mobile Apps
Websites
Services
API
Gateway
AWS Lambda
functions
AWS
API Gateway
Cache
Endpoints on
Amazon EC2 /
Amazon
Elastic
Beanstalk
Any other publicly
accessible endpoint
Amazon
CloudWatch
Monitoring
15. Build, Deploy, Clone & Rollback
• Build APIs with their resources, methods, and settings
• Deploy APIs to a Stage
– Users can create as many Stages as they want, each with its own
Throttling, Caching, Metering, and Logging configuration
• Clone an existing API to create a new version
– Users can continue working on multiple versions of their APIs
• Rollback to previous deployments
– We keep a history of customers’ deployments so they can revert to a
previous deployment
16. API Configuration
• You can create APIs
• Define resources within an API
• Define methods for a resource
– Methods are Resource + HTTP verb
Pet Store
/pets
/pets/{petId}
• GET
• POST
• PUT
17. API Deployments
• API Configuration can be deployed to
a stage
• Stages are different environments
For example:
– Dev (e.g. awsapigateway.com/dev)
– Beta (e.g. awsapigateway.com/beta)
– Prod (e.g. awsapigateway.com/prod)
– As many stages as you need
Pet Store
dev
beta
gamma
prod
18. Manage Multiple Versions and Stages of your APIs
API 1 (v1)
Stage (dev)
Stage (prod)
API 2 (v2)
Stage (dev)
19. Custom Domain Names
• You can configure custom domain names
• Provide API Gateway with a signed HTTPS certificate
• Custom domain names can point to an API or a Stage
• Pointing to an API you have access to all Stages
– Beta (e.g. yourapi.com/beta)
– Prod (e.g. yourapi.com/prod)
• Pointing directly to your “prod” Stage
– Prod (e.g. yourapi.com/)
21. API Keys to Meter Developer Usage
• Create API Keys
• Set access permissions at the API/Stage level
• Meter usage of the API Keys through
CloudWatch Logs
22. API Keys to Authorize Access
• The name “Key” implies security – there is
no security in baking text in an App’s code
• API Keys should be used purely to meter
app/developer usage
• API Keys should be used alongside a
stronger authorization mechanism
23. Leverage AWS Sigv4, or Use a Custom Header
• You can leverage AWS Sigv4 to sign and authorize
API calls
– Amazon Cognito and AWS Security Token Service (STS) simplify the
generation of temporary credentials for your app
• You can support OAuth or other authorization
mechanisms through custom headers
– Simply configure your API methods to forward the custom headers to
you backend
24. Using Sigv4 to authenticate calls to your API
Call Login API,
no auth required
Client API Gateway Backend
/login
Lambda
fn_login
User
Accounts
database
Credentials
verified
Cognito developer
authenticated
identities
Access and
secret key
/login
Receives
credentials to
sign API calls
26. API Throttling
• Throttling helps you manage traffic to your backend
• Throttle by developer-defined Requests/Sec limits
• Requests over the limit are throttled
– HTTP 429 response
• The generated SDKs retry throttled requests
27. Caching of API Responses
• You can configure a cache key and the Time to Live
(TTL) of the API response
• Cached items are returned without calling the
backend
• A cache is dedicated to you, by stage
• You can provision between 0.5GB to 237GB of
cache
28. Request processing workflow
Receive
incoming
request
• Check for item in
dedicated cache
• If found return
cached item
Check
throttling
configuration
• Check current RPS
rate
• If above allowed
rate return 429
Execute
backend call
30. API Models
• Models are a JSON Schema representation of
your API requests and responses
• Models are used for input and output filtering,
and SDK generation
• You can reuse models across multiple methods
in your API
31. Input / Output Transforms
• Use Velocity Templates to transform data
• Filter output results
– Remove private or unnecessary data
– Filter dataset size to improve API performance
• GET to POST
– Read all query string parameters from your GET request, and create a body
to make a POST to your backend
• JSON to XML
– Receive JSON input and transform it to XML for your backend
– Receive JSON from a Lambda function and transform it to XML
32. Transform Example: JSON to XML
API Gateway
Backend
GET - /sayHello
Lambda
fn_sayHello
/sayHello
{
“message” : “hello world”
}
<xml>
<message>
Hello world
</message>
</xml>
#set($root = $input.path('$'))
<xml>
<message>
$root.message
</message>
</xml>
34. Generate Client SDKs Based on Your APIs
• SDKs are generated based on API deployments (Stages)
• If Request and Response Models are defined, the SDK
includes input and output marshalling of your methods
• SDKs know how to handle throttling responses
• SDKs also know how to sign requests with AWS
temporary credentials (SigV4)
• Support for Android, iOS, JavaScript, …
38. Amazon API Gateway Pricing
• $3.50 per Million API Gateway requests
• Included in the AWS Free Tier
– 1 Million API requests per month for 12 months
• Data Transfer Out (Standard AWS Prices)
– $0.09/GB for the first 10 TB
– $0.085/GB for the next 40 TB
– $0.07/GB for the next 100 TB
– $0.05/GB for the next 350 TB
40. Availability
• Today!
• Initially available in:
– US East (N. Virginia)
– US West (Oregon)
– EU West (Dublin)
– AP North East (Tokyo)
– Plan to enable other regions rapidly
First understand what has driven the decision to build API Gateway, from customer feedback to wider strategic decisions and market forces
Next, look at how the service works, and helps customers with their API services
Finally, open it out for Q&A at the end
Over the past few years the number of APIs published on the internet has grown at an increasing pace
AWS customers have been at the epicenter of this, building APIs on our infrastructure offerings
AWS itself was one of the first companies to offer APIs for developers to interact with its services, this created the DevOps market
Looking at market data from ProgrammableWeb, and talking to our customers, it is apparent that what we see documented on the public internet is only the tip of the iceberg
Both startups and corporations are adopting a service oriented architecture and creating internal, hidden APIs to decouple their system architecture.
At AWS we have some experience building scalable, reliable APIs
These are just a few logos but all of our services expose APIs for developers to interact with them
In fact, if they wanted to developers wouldn’t have to use the management console at all, and could simply rely on our APIs to automate their workflow
Just like all other AWS services, we started this process by talking to our customers. This is what they told us
Very often APIs are built and deployed quickly, one month down the line customers find themselves looking for a way to version and monitor the APIs, something they had not thought about
After an API is published, and has become successful, the next challenge facing our customers is how to manage, monitor and monetize the ecosystem of 3rd party developers utilizing their APIs
Authorization, and auth in general, is a hard task. It’s complex to build and often repetitive work – our customers are reinventing the wheel each time they start a new project.
Managing traffic and operating a reliable network that can protect endpoints against attack is very hard and requires significant investment in terms of equipment, initial setup, and ongoing operation maintenance.
Finally, we have an entire new generation of developers adopting AWS. At the forefront of this are mobile developers, who are entirely focused on their end-user experience to succeed in a very competitive market and not interested in building or managing the required, complex infrastructure, and they shouldn’t have to.
Based on the feedback we received from our customers we worked on a new product, Amazon API Gateway.
The ability to create and run multiple version of an API simultaneously. We have also built Stages. These enable developers to deploy multiple stages of each version simultaneously. For example, dev stage, prod stage, or beta stage.
API Gateway helps developers create, monitor, and manage API Keys that they can distribute to 3rd party developers
Developers who already own an authentication and authorization system can leverage their own infrastructure. For developers who are starting from scratch we have introduced the ability to leverage AWS’ own authorization mechanisms such as Signature V4 on Requests and IAM access policies for fine-grained access control
At AWS we already run a very large, reliable network. API Gateway helps developers leverage all the work we have done over the years and allows developers to throttle incoming requests and use CloudWatch to monitor the status and latency of their APIs and set Alarms.
Finally, it turns out AWS already had the perfect tool for developers who wanted to build server-less backends, it’s AWS Lambda. With the API Gateway customers can now expose AWS Lambda functions as API endpoints.
And beyond this, we’ve listened and included additional features such as…
Customers will be able to provision and configure a dedicated cache for their APIs, we will serve responses from the cache without hitting a customer’s backend whenever possible
Continuing our story on leveraging the powerful network AWS has built, API Gateway leverages Amazon CloudFront to create global distributions for customer’s APIs, this lowers the latency for end users but also gives our customers’ APIs DDoS protection out of the box, both for malicious requests (Layer 7) and for lower level attacks (Layer 3, SYN floods)
API Gateway can automatically generate client SDKs based on our customer’s API definition. This allows developers to take their APIs from concept to integration test in a client app in a matter of hours, now weeks
Many of our customers use Swagger to define their APIs. API Gateway can import Swagger definitions. We have also built an open source Swagger import tool that our customers can use as part of their development workflow. This way they can keep working with Swagger in their local repository, then import and deploy their APIs into API Gateway at build time
We have also integrated with the Apache Velocity templating engine, this allows our customers to transform the shape of requests and responses as they flow through the API Gateway. This gives customers the ability to expose legacy endpoints as modern, RESTful APIs among many other things.
The first thing we want to look at is the standard flow of an API call, including all components in the system
First, a request comes in from a client, this could be a mobile device, a web application or a backend service
The requests arrives at one of our CloudFront PoP locations, it’s accepted and routed through to the API Gateway in the customer’s region
The API Gateway receives the request, then checks for records in the dedicated cache (if it is configured). If there are no cached records available then it will forward the request to the backend for processing
The backend can be a Lambda function, a web service running on Amazon EC2, or any other publicly accessible web service
Once the backend has processed the request the API call metrics are logged in Amazon CloudWatch and the content is returned to the client
Let’s look at what is an API, how you build, and how you deploy an API
The first step is to create a new API, and declare its resources and methods. Once an API is declared it can be tested from the Console or the API Gateway APIs, but it is not yet accessible on the internet
To make the API available it needs to be deployed to a Stage. Stages help you manage your development, beta, production environments etc. Customers can create as many stages as they want, similar to tagging. Each stage can be configured with its own logging, throttling, monitoring and caching settings
At any time you can clone the state of an existing API into a new one, this allows you to start working on v2 of your APIs while v1 is still being developed/fixed.
API Gateway saves a history of the last 300 deployments to each stage, at any time you can point a Stage (for example production) to a different deployment
Let’s look in details at the hierarchical structure of an API
The top level element is the API itself, we call it a REST API.
A rest API can contain many resources, resources are typed objects that are part of your API’s domain. They also represent the path through which the objects will be accessible
You can nest resources, in our example the /pet/{petId} represents an individual pet and is a nested resource of the /pets/ resource.
Each resource can declare methods. Methods are the combination of a resource + an HTTP Verb. We support 7 standard HTTP Verbs, For example, a method is the POST to the /pets/{petId} resources – this would be used to create a new pet
Now that we have declared an API with its resources and methods, we can deploy it to make it accessible to 3rd party developers
APIs are deployed to a Stage
Stages represent environments, for example development of production
In API Gateway Stages are like tags, and developers can create as many stages as they want. A stage is just an alphanumeric string
Stages are part of the path that will be used to reach sources and methods, for example the prod stage will be available at execute-api.apigateway.com/stage/resource
This is a visual representation of how versions and stages are managed by the API Gateway, and how customers can leverage these features for their APIs
The first thing we’ll do is declared a V1 API and start configuring its resources and methods
The next step is to deploy the API to a development stage, we’ll keep deploying to development as we evolve our API
At a certain point, when we are ready for 3rd party developers to access this API, we will publish it to a production stage and distribute API Keys and generated SDKs
All along we will keep deploying APIs to both dev and prod including new features and bug fixed
Eventually we’ll want to make some breaking changes, and work on a much improved v2 API. However, we cannot make breaking changes to the API in production because we have thousands of developers using it.
To manage this situation we’ll simply clone the current state of the v1 API into a new API called v2, and begin development of the new version
By cloning we can keep publishing bug fixes to the first release and supporting users that are calling it with a gentle, gradual deprecation
“… developers feel like they can deliver what they want, when they want to – and that makes for an extremely valuable tool …”
Customers can configure the API Gateway to use a custom domain name they provide instead of the standard AWS domain.
We expect customers to bring their own signed certificate for the HTTPS endpoints
Domain names can be configured to point to an API, our top level item, or directly to a specific stage within an API.
Pointing a custom domain name to an API requires the stage to be included in the path
If the domain name is pointed directly at a stage there is no need for the path variable, resources can be accessed directly form the API root “/”
API Keys are a great tool to manage the community of 3rd party developers interacting with the APIs
API Gateway allows customers to create API Keys through a console interface or through an API for programmatic creation.
Customers can set permissions on API Keys and allow access only to a set of APIs, or stages within an API
Calls made by an API Key are logged in CloudWatch so that customers can always track utilization by 3rd party developers
We always get asked whether API Keys are the authorization mechanism for APIs, so we’ll just be upfront: NO, at least we don’t recommend it
We strongly encourage customers to use a temporary tokens based on a successful user authentication, either by leveraging AWS temporary credentials through API Signature Version 4, or their own Oauth mechanism
AWS gives customers the ability to retrieve temporary, limited privilege credentials that are tied to an IAM role within their AWS account through services like Cognito and STS.
Based on these credentials developers can sign calls to the APIs, the generated client SDKs automatically know how to handle these credentials
In the next slide we’ll go through a real-world use-case for this
Alternatively customers can setup the API Gateway to forward their existing headers to keep using their current OAuth authorization schema
We’ll go through a use case that leverage AWS Lambda and Amazon Cognito to retrieve temporary credentials for a particular end user and authorize access to the APIs
As discussed before the API Gateway helps customers leverage AWS Sigv4 – only one open API is required and then we can verify signatures on all other calls.
API Gateway uses throttling to help protect customer backends and send only request that they can handle
To implement throttling we use the token bucket algorithm
Customers can set the number of RPS calls they know their backend can handle, and a rate at which the bucket is refilled
To limit the number of requests their backend can receive, and further bring down latency customers can configure a dedicated cache for each stage of their API
For each method in their APIs customers can configure which parameters between path, query string and headers form the item key in the cache, and assign each item a time to live
API Gateway automatically caches responses where configured and avoids calling the customer’s backend if the cached item is available and valid
Customers have access to APIs to manage their cache in the API Gateway
When a stage is configured with a dedicated cache, and an item is found to be in cache and valid for a request that would otherwise be throttled, the API Gateway will handle the request and return the cached response
Customers can pick for a range of possible cache sizes to provision a dedicated cache from their stage, from 0.5GB all the way up to 237GB
Let’s put the two together and look at the execution path of an API call
First, when we receive a request, we will check the dedicated cache (if it’s been configured)
If we have an item in the cache then we can handle the request regardless of the throttling configuration, it will have no effect on our customer’s backend
Next, if we don’t have a cache, we check the throttling configuration and the current throttling state (our bucket)
If we are above the limit we will return a 429 response
Otherwise we will execute the backend call and return the result
As we mentioned our generated SDKs automatically know how to handle throttling responses, and they will perform an exponential backoff while retrying the call
API Gateway handles resources as typed objects. Resources can have models associated with them.
Models are simply the JSON schema representation of the request and response data models
If the API Gateway is aware of the request and response models it can
Generate SDKs that include actual objects for each request and response rather than generic (JSON Object)
Allow JSON traversal of requests and responses in the data transformation engine
Let’s look at how request and response data can be transformed in-flight.
We use Apache Velocity as the standard to create, save and execute templates
We have been working with our customers on this and during development we have seen the following use-cases from them
Filter API responses. In many cases legacy APIs tended to return verbose responses with too many objects. Large payloads are a struggle for mobile applications, so customers are using the templates to traverse the response schema and filter the output to return only the necessary fields
RPC to REST. Customers have RPC-style APIs that they wanted to expose to the world in the form of RESTful APIs. RPC often only accept POST calls. Customers used the transform templates to accept a GET call in the API Gateway, then generate the POST body for their backend call reading parameters from the path, query string and headers
Customers who want to leverage Lambda but only run XML APIs have been using the transform templates to receive the JSON output from Lambda, and turn it into an XML before sending it back to the end user. This has allowed them to completely switch their backend technology while causing no disruption for 3rd party developers utilizing their APIs, very neat tablecloth trick. Example: Twilio
Example of a simple transformation flow
API Gateway + Lambda = Server-less backend
Use AWS Lambda to run business logic
Use API Gateway to expose the AWS Lambda functions as endpoints
Transforms Lambda’s JSON output to XML for their APIs
API Gateway can generate client SDKs based on a customer’s API definition.
Simply select the deployment the SDK should target, the platform, and setup a couple of parameters and the API Gateway generates an SDK and makes it available to download through an API or the management console
SDK are model-aware and also come with the built-in AWS core that allows them to handle throttling responses and sign requests using AWS Credentials
We will create an API that uses as a backend a Lambda function
The “Hello World” API will have two methods: GET and POST
Each method will be mapped to a different Lambda function
When you request the “/helloworld” API the Lambda function will be executed and the function will return the response
We are using a very simple node.js function
And we will be able to monitor execution of our API trough CloudWatch
- We created a totally serverless API application in minutes (very simple one).
Build, Deploy & Manage your APIs
Request & Response Transform support
Secure access using Sigv4 or OAuth
Protect your backend with Throttling & Caching
Simplified Client access via SDK Generation
Usage-based pricing