The document discusses using Amazon API Gateway to implement serverless architectures. It provides examples of using API Gateway to add authentication, access S3 buckets, send emails, and implement fine-grained access control for DynamoDB. While API Gateway can implement some use cases entirely, custom code is often still needed. The document evaluates when API Gateway is a good fit and challenges associated with its use.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. It allows developers to manage multiple versions and stages of APIs, monitor access by third party developers, and handle traffic spikes without operational burden. API Gateway supports features like request throttling, authorization, caching, and SDK generation to help secure and scale APIs.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, deploy, secure and monitor APIs at any scale. In this session, you’ll find out how you can quickly declare an API interface and connect it to any public HTTP endpoint, existing web service running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Join us for this introductory session to Amazon API Gateway.
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...Amazon Web Services
How do you create APIs? When publishing a new API there are a lot of factors to consider: Versioning, Network Management, Authorization, Ecosystem Management, and finally client SDKs.
Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. With Amazon API Gateway, you can quickly declare an API interface and connect it to existing web services running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda, and generate an SDK for client applications to access the API. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Amazon API Gateway has no minimum fees or startup costs, and you pay only for the API calls you receive and the amount of data transferred.
Learning Objectives:
Learn how to create APIs in the AWS Cloud without managing a single server with AWS Lambda
Learn how to manage stages and versions of your APIs
Learn how to map parameters and transform data in flight
API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. It allows hosting multiple API versions and stages, generating SDKs, adding authentication, throttling requests, and caching responses to improve performance and reduce latency. API Gateway supports building and deploying REST and WebSocket APIs. Pricing is based on the number of API calls and amount of data transferred out. Optional dedicated caching tiers are also available.
AWS July Webinar Series - Overview Build and Manage your APs with amazon api ...Amazon Web Services
Amazon API Gateway allows users to build and manage APIs. It provides features like hosting multiple API versions and stages, generating API keys to monitor developer usage, leveraging SigV4 for access authorization, throttling requests to protect backends, and integrating with services like AWS Lambda and Amazon CloudFront. The service addresses challenges like managing multiple API versions and access control. It generates SDKs for APIs to simplify access from clients.
This document summarizes Amazon API Gateway, a fully managed service that allows developers to create, publish, maintain, monitor, and secure APIs at any scale. Key features include hosting multiple API versions and stages, generating SDKs for clients, throttling requests to protect backends, caching API responses, and metering usage with API keys. It also describes how to configure resources and methods, deploy APIs to stages, leverage authentication options like AWS SigV4, and view pricing which includes 1 million free requests per month.
API Gateways can simplify the work that a developer needs to do to build API based services by helping to standardize authentication and authorization, consumer interfaces, and management needs. With Amazon API Gateway you get all of this and more, including a completely serverless management of your APIs and the ability to host them at almost any scale. You also can get the benefits of the numerous types of APIs that are supported, from pubic to private, REST to Websockets, backed by almost any backend you can think of. In this session we’ll review the powerful capabilities of Amazon API Gateway and how you can get started building awesome APIs.
Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications, AWS
Build a Server-less Event-driven Backend with AWS Lambda and Amazon API GatewayDanilo Poccia
The document discusses building a serverless, event-driven backend architecture using AWS Lambda and Amazon API Gateway. It describes how API Gateway can be used to define HTTP endpoints that trigger Lambda functions to execute business logic. This allows building scalable backend services without having to manage servers. The document provides an example media sharing application architecture built with this approach.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. It allows developers to manage multiple versions and stages of APIs, monitor access by third party developers, and handle traffic spikes without operational burden. API Gateway supports features like request throttling, authorization, caching, and SDK generation to help secure and scale APIs.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, deploy, secure and monitor APIs at any scale. In this session, you’ll find out how you can quickly declare an API interface and connect it to any public HTTP endpoint, existing web service running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Join us for this introductory session to Amazon API Gateway.
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...Amazon Web Services
How do you create APIs? When publishing a new API there are a lot of factors to consider: Versioning, Network Management, Authorization, Ecosystem Management, and finally client SDKs.
Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. With Amazon API Gateway, you can quickly declare an API interface and connect it to existing web services running on Amazon Elastic Compute Cloud (Amazon EC2) or code running on AWS Lambda, and generate an SDK for client applications to access the API. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Amazon API Gateway has no minimum fees or startup costs, and you pay only for the API calls you receive and the amount of data transferred.
Learning Objectives:
Learn how to create APIs in the AWS Cloud without managing a single server with AWS Lambda
Learn how to manage stages and versions of your APIs
Learn how to map parameters and transform data in flight
API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. It allows hosting multiple API versions and stages, generating SDKs, adding authentication, throttling requests, and caching responses to improve performance and reduce latency. API Gateway supports building and deploying REST and WebSocket APIs. Pricing is based on the number of API calls and amount of data transferred out. Optional dedicated caching tiers are also available.
AWS July Webinar Series - Overview Build and Manage your APs with amazon api ...Amazon Web Services
Amazon API Gateway allows users to build and manage APIs. It provides features like hosting multiple API versions and stages, generating API keys to monitor developer usage, leveraging SigV4 for access authorization, throttling requests to protect backends, and integrating with services like AWS Lambda and Amazon CloudFront. The service addresses challenges like managing multiple API versions and access control. It generates SDKs for APIs to simplify access from clients.
This document summarizes Amazon API Gateway, a fully managed service that allows developers to create, publish, maintain, monitor, and secure APIs at any scale. Key features include hosting multiple API versions and stages, generating SDKs for clients, throttling requests to protect backends, caching API responses, and metering usage with API keys. It also describes how to configure resources and methods, deploy APIs to stages, leverage authentication options like AWS SigV4, and view pricing which includes 1 million free requests per month.
API Gateways can simplify the work that a developer needs to do to build API based services by helping to standardize authentication and authorization, consumer interfaces, and management needs. With Amazon API Gateway you get all of this and more, including a completely serverless management of your APIs and the ability to host them at almost any scale. You also can get the benefits of the numerous types of APIs that are supported, from pubic to private, REST to Websockets, backed by almost any backend you can think of. In this session we’ll review the powerful capabilities of Amazon API Gateway and how you can get started building awesome APIs.
Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications, AWS
Build a Server-less Event-driven Backend with AWS Lambda and Amazon API GatewayDanilo Poccia
The document discusses building a serverless, event-driven backend architecture using AWS Lambda and Amazon API Gateway. It describes how API Gateway can be used to define HTTP endpoints that trigger Lambda functions to execute business logic. This allows building scalable backend services without having to manage servers. The document provides an example media sharing application architecture built with this approach.
Serverless Web Apps using API Gateway, Lambda and DynamoDBAmazon Web Services
This document provides an overview of serverless computing using AWS services like API Gateway, Lambda and DynamoDB. It begins with an introduction to serverless computing and how it differs from traditional VM-based and container-based architectures by focusing on functions as the unit of scale. It then provides overviews of DynamoDB as a fully managed NoSQL database service and Lambda for running code without managing servers. It discusses how API Gateway can be used to create serverless APIs that integrate with Lambda. The document concludes with best practices tips for using Lambda and serverless deployment with AWS SAM.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.
Presented by: Danilo Poccia, Technical Evangelist, Amazon Web Services
The document discusses simple security best practices for startups using AWS. It recommends locking away root credentials, creating individual IAM users with least privilege, and using roles, MFA, and rotating credentials. It also discusses encrypting data at rest using services like S3, EBS, RDS, and Redshift, and encrypting data in transit using SSL. Logging and auditing can be done with CloudTrail. The Well-Architected Framework and Trusted Advisor provide guidance on security, reliability, performance efficiency and cost optimization.
With the recent introduction of AWS Tools for Visual Studio Team Services, .NET developers have more ways than ever to easily use AWS services for their .NET applications. In this workshop, we run through building a .NET chatbot as we take advantage of AWS Lambda and Amazon Lex. The best part? You can build and deploy the chatbot directly to AWS without ever leaving Visual Studio.
AWS Summit Barcelona 2015 - Introducing Amazon API GatewayVadim Zendejas
Amazon API Gateway was created to address challenges customers faced in managing and monitoring APIs. It allows users to host multiple API versions and stages, generate and distribute API keys to developers, and leverage SigV4 to authorize access. API Gateway provides features like throttling, caching, and SDK generation to help manage traffic and access to backend services. It offers a serverless way to deploy APIs without having to provision or manage servers.
This document discusses the architecture for building cross-platform mobile apps using Xamarin. It recommends using portable class libraries for shared models, services and view models. It describes adding platform-specific projects for Android, iOS, and UWP. It also discusses connecting apps to cloud services like Azure Storage and Mobile Apps and securing access using shared access signatures. The document demonstrates completing the shared UI with Xamarin.Forms and optionally using native platform UIs.
Web components allow developers to create reusable custom elements with encapsulated styles and markup. They include APIs for custom elements, shadow DOM, and HTML templates. Web components solve challenges like maintaining a consistent and unified UI across frameworks. Common problems are addressed through standards like custom elements, shadow DOM, and templates. Web components are supported across major browsers and offer benefits like portability, isolated styles, and execution speed.
The document discusses how to approach crafting ColdFusion applications like an architect. It begins by introducing the presenter and then outlines topics to be covered including comparing a software architect to a building architect and how an architect's work relates to code. It discusses questions to consider when starting a project and designing entities and infrastructure. It also contrasts the roles of a software architect and code, explaining concepts like object-oriented programming, services, and user interfaces. Finally, it discusses different application server architectures.
This document summarizes AWS Lambda and API Gateway. It discusses that Lambda allows developing microservice functions in a serverless environment with no server management needed and very low costs. API Gateway provides an interface for HTTP APIs and integrates with Lambda. While Lambda and API Gateway are easy to use and scale automatically with no servers to manage, there are some limitations and restrictions to consider like package size limits, processing time restrictions, and limited Node.js version support in Lambda. Testing APIs locally can also be challenging when using AWS services.
Amazon API Gateway helps developers create and manage APIs to connect backend systems like EC2 and Lambda to mobile, web, and server applications. An API in API Gateway consists of resources and methods. Resources represent logical entities that can be accessed via HTTP verbs like GET and POST. Methods map API requests to integrations with backend systems. API Gateway handles request/response mapping and provides benefits like monitoring, security controls, and scalability without servers. Pricing is based on monthly API calls and data transfer. Caching can reduce costs for frequently requested data.
Domain Driven Design with Onion Architecture is a powerful combination of Architecture Patterns that can dramatically improve code quality and can help you learn a great deal about writing "clean" code.
by Nader Dabit, Developer Advocate, AWS
We want to complement our awesome web site with an equally awesome mobile application for both iOS and Android that can be deployed from the mobile app stores. In this session, Nader Dabit will take you from Hello World to building a beautiful responsive mobile application using React Native.
This document discusses improvements made to the text editor in VA Smalltalk using the Scintilla library and related technologies. Key points include:
- Scintilla was integrated into the Common Widgets Framework, providing a modernized text editor with additional features while maintaining full API compatibility.
- Direct2D and DirectWrite were used to provide hardware-accelerated, higher quality font rendering.
- Features like auto-indent, keyboard shortcuts, drag-and-drop text editing, and multiple undo/redo were added.
- Code completion, syntax highlighting, bracket matching, variable highlighting, line numbers, and breakpoint management were enhanced using Scintilla capabilities.
Microservices with AWS Lambda and the Serverless FrameworkRowell Belen
This document provides an introduction to serverless computing using AWS Lambda and the Serverless Framework. It defines serverless computing as a cloud computing model that allows building and running applications without managing servers. Key differences between Platform as a Service (PaaS) and serverless are discussed, with scaling being a major distinction. AWS Lambda is introduced as Amazon's serverless compute platform, and other serverless platforms from Microsoft, Google, and IBM are also mentioned. The Serverless Framework is defined as a toolkit for developing, deploying and managing serverless applications on AWS. Examples are provided of serverless application code and configuration using the Serverless Framework. Considerations for cloud-scale development and operations with serverless architectures are also discussed.
The document provides an overview of IBM Cloud Functions (formerly known as IBM Bluemix OpenWhisk) and serverless computing. It discusses what serverless computing is, how IBM Cloud Functions works, the benefits over traditional infrastructure, supported languages and triggers, use cases, and demos of serverless applications that have been built on IBM Cloud Functions.
As presented to the Milwaukee Alt.Net group on November 21st, 2011.
UPDATE April 19, 2012: added some domain logic organization slides using Fowler's 4 basic patterns.
apidays LIVE London 2021 - Consumer-first APIs in Open Banking by Chris Dudle...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
Banking APIs and Fintech Ecosystems
Consumer-first APIs in Open Banking
Chris Dudley, Developer Portal Architect for IBM API Connect at IBM
The document discusses Node.js and how it provides a runtime environment and libraries for building server-side JavaScript applications. It describes key Node.js components like the V8 JavaScript engine, libuv library, and non-blocking I/O. It also covers the Node package manager NPM and how Express.js is a web framework built on Node.js that simplifies building web apps and APIs using middleware, routing, and other features. The document advocates for building RESTful APIs that follow best practices like using a uniform interface, being stateless and cacheable.
API Gateways are going through an identity crisisChristian Posta
API Gateways provide functionality like rate limiting, authentication, request routing, reporting, and more. If you've been following the rise in service-mesh technologies, you'll notice there is a lot of overlap with API Gateways when solving some of the challenges of microservices. If service mesh can solve these same problems, you may wonder whether you really need a dedicated API Gateway solution?
The reality is there is some nuance in the problems solved at the edge (API Gateway) compared to service-to-service communication (service mesh) within a cluster. But with the evolution of cluster-deployment patterns, these nuances are becoming less important. What's more important is that the API Gateway is evolving to live at a layer above service mesh and not directly overlapping with it. In other words, API Gateways are evolving to solve application-level concerns like aggregation, transformation, and deeper context and content-based routing as well as fitting into a more self-service, GitOps style workflow.
In this talk we put aside the "API Gateway" infrastructure as we know it today and go back to first principles with the "API Gateway pattern" and revisit the real problems we're trying to solve. Then we'll discuss pros and cons of alternative ways to implement the API Gateway pattern and finally look at open source projects like Envoy, Kubernetes, and GraphQL to see how the "API Gateway pattern" actually becomes the API for our applications while coexisting nicely with a service mesh (if you adopt a service mesh).
analytic engine - a common big data computation service on the awsScott Miao
This document summarizes Scott Miao's presentation on Analytic Engine (AE), a common big data computation service on AWS. AE provides a RESTful API for users to create AWS EMR clusters, submit jobs to clusters, and delete clusters. It handles job scheduling and delivery to clusters to optimize usage of AWS resources. Using AE and AWS services like EMR and S3 allows Trend Micro to scale their data and computation needs elastically with reduced operational overhead compared to managing infrastructure on their own.
Serverless Web Apps using API Gateway, Lambda and DynamoDBAmazon Web Services
This document provides an overview of serverless computing using AWS services like API Gateway, Lambda and DynamoDB. It begins with an introduction to serverless computing and how it differs from traditional VM-based and container-based architectures by focusing on functions as the unit of scale. It then provides overviews of DynamoDB as a fully managed NoSQL database service and Lambda for running code without managing servers. It discusses how API Gateway can be used to create serverless APIs that integrate with Lambda. The document concludes with best practices tips for using Lambda and serverless deployment with AWS SAM.
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.
Presented by: Danilo Poccia, Technical Evangelist, Amazon Web Services
The document discusses simple security best practices for startups using AWS. It recommends locking away root credentials, creating individual IAM users with least privilege, and using roles, MFA, and rotating credentials. It also discusses encrypting data at rest using services like S3, EBS, RDS, and Redshift, and encrypting data in transit using SSL. Logging and auditing can be done with CloudTrail. The Well-Architected Framework and Trusted Advisor provide guidance on security, reliability, performance efficiency and cost optimization.
With the recent introduction of AWS Tools for Visual Studio Team Services, .NET developers have more ways than ever to easily use AWS services for their .NET applications. In this workshop, we run through building a .NET chatbot as we take advantage of AWS Lambda and Amazon Lex. The best part? You can build and deploy the chatbot directly to AWS without ever leaving Visual Studio.
AWS Summit Barcelona 2015 - Introducing Amazon API GatewayVadim Zendejas
Amazon API Gateway was created to address challenges customers faced in managing and monitoring APIs. It allows users to host multiple API versions and stages, generate and distribute API keys to developers, and leverage SigV4 to authorize access. API Gateway provides features like throttling, caching, and SDK generation to help manage traffic and access to backend services. It offers a serverless way to deploy APIs without having to provision or manage servers.
This document discusses the architecture for building cross-platform mobile apps using Xamarin. It recommends using portable class libraries for shared models, services and view models. It describes adding platform-specific projects for Android, iOS, and UWP. It also discusses connecting apps to cloud services like Azure Storage and Mobile Apps and securing access using shared access signatures. The document demonstrates completing the shared UI with Xamarin.Forms and optionally using native platform UIs.
Web components allow developers to create reusable custom elements with encapsulated styles and markup. They include APIs for custom elements, shadow DOM, and HTML templates. Web components solve challenges like maintaining a consistent and unified UI across frameworks. Common problems are addressed through standards like custom elements, shadow DOM, and templates. Web components are supported across major browsers and offer benefits like portability, isolated styles, and execution speed.
The document discusses how to approach crafting ColdFusion applications like an architect. It begins by introducing the presenter and then outlines topics to be covered including comparing a software architect to a building architect and how an architect's work relates to code. It discusses questions to consider when starting a project and designing entities and infrastructure. It also contrasts the roles of a software architect and code, explaining concepts like object-oriented programming, services, and user interfaces. Finally, it discusses different application server architectures.
This document summarizes AWS Lambda and API Gateway. It discusses that Lambda allows developing microservice functions in a serverless environment with no server management needed and very low costs. API Gateway provides an interface for HTTP APIs and integrates with Lambda. While Lambda and API Gateway are easy to use and scale automatically with no servers to manage, there are some limitations and restrictions to consider like package size limits, processing time restrictions, and limited Node.js version support in Lambda. Testing APIs locally can also be challenging when using AWS services.
Amazon API Gateway helps developers create and manage APIs to connect backend systems like EC2 and Lambda to mobile, web, and server applications. An API in API Gateway consists of resources and methods. Resources represent logical entities that can be accessed via HTTP verbs like GET and POST. Methods map API requests to integrations with backend systems. API Gateway handles request/response mapping and provides benefits like monitoring, security controls, and scalability without servers. Pricing is based on monthly API calls and data transfer. Caching can reduce costs for frequently requested data.
Domain Driven Design with Onion Architecture is a powerful combination of Architecture Patterns that can dramatically improve code quality and can help you learn a great deal about writing "clean" code.
by Nader Dabit, Developer Advocate, AWS
We want to complement our awesome web site with an equally awesome mobile application for both iOS and Android that can be deployed from the mobile app stores. In this session, Nader Dabit will take you from Hello World to building a beautiful responsive mobile application using React Native.
This document discusses improvements made to the text editor in VA Smalltalk using the Scintilla library and related technologies. Key points include:
- Scintilla was integrated into the Common Widgets Framework, providing a modernized text editor with additional features while maintaining full API compatibility.
- Direct2D and DirectWrite were used to provide hardware-accelerated, higher quality font rendering.
- Features like auto-indent, keyboard shortcuts, drag-and-drop text editing, and multiple undo/redo were added.
- Code completion, syntax highlighting, bracket matching, variable highlighting, line numbers, and breakpoint management were enhanced using Scintilla capabilities.
Microservices with AWS Lambda and the Serverless FrameworkRowell Belen
This document provides an introduction to serverless computing using AWS Lambda and the Serverless Framework. It defines serverless computing as a cloud computing model that allows building and running applications without managing servers. Key differences between Platform as a Service (PaaS) and serverless are discussed, with scaling being a major distinction. AWS Lambda is introduced as Amazon's serverless compute platform, and other serverless platforms from Microsoft, Google, and IBM are also mentioned. The Serverless Framework is defined as a toolkit for developing, deploying and managing serverless applications on AWS. Examples are provided of serverless application code and configuration using the Serverless Framework. Considerations for cloud-scale development and operations with serverless architectures are also discussed.
The document provides an overview of IBM Cloud Functions (formerly known as IBM Bluemix OpenWhisk) and serverless computing. It discusses what serverless computing is, how IBM Cloud Functions works, the benefits over traditional infrastructure, supported languages and triggers, use cases, and demos of serverless applications that have been built on IBM Cloud Functions.
As presented to the Milwaukee Alt.Net group on November 21st, 2011.
UPDATE April 19, 2012: added some domain logic organization slides using Fowler's 4 basic patterns.
apidays LIVE London 2021 - Consumer-first APIs in Open Banking by Chris Dudle...apidays
apidays LIVE London 2021 - Reaching Maximum Potential in Banking & Insurance with API Mindset
October 27 & 28, 2021
Banking APIs and Fintech Ecosystems
Consumer-first APIs in Open Banking
Chris Dudley, Developer Portal Architect for IBM API Connect at IBM
The document discusses Node.js and how it provides a runtime environment and libraries for building server-side JavaScript applications. It describes key Node.js components like the V8 JavaScript engine, libuv library, and non-blocking I/O. It also covers the Node package manager NPM and how Express.js is a web framework built on Node.js that simplifies building web apps and APIs using middleware, routing, and other features. The document advocates for building RESTful APIs that follow best practices like using a uniform interface, being stateless and cacheable.
API Gateways are going through an identity crisisChristian Posta
API Gateways provide functionality like rate limiting, authentication, request routing, reporting, and more. If you've been following the rise in service-mesh technologies, you'll notice there is a lot of overlap with API Gateways when solving some of the challenges of microservices. If service mesh can solve these same problems, you may wonder whether you really need a dedicated API Gateway solution?
The reality is there is some nuance in the problems solved at the edge (API Gateway) compared to service-to-service communication (service mesh) within a cluster. But with the evolution of cluster-deployment patterns, these nuances are becoming less important. What's more important is that the API Gateway is evolving to live at a layer above service mesh and not directly overlapping with it. In other words, API Gateways are evolving to solve application-level concerns like aggregation, transformation, and deeper context and content-based routing as well as fitting into a more self-service, GitOps style workflow.
In this talk we put aside the "API Gateway" infrastructure as we know it today and go back to first principles with the "API Gateway pattern" and revisit the real problems we're trying to solve. Then we'll discuss pros and cons of alternative ways to implement the API Gateway pattern and finally look at open source projects like Envoy, Kubernetes, and GraphQL to see how the "API Gateway pattern" actually becomes the API for our applications while coexisting nicely with a service mesh (if you adopt a service mesh).
analytic engine - a common big data computation service on the awsScott Miao
This document summarizes Scott Miao's presentation on Analytic Engine (AE), a common big data computation service on AWS. AE provides a RESTful API for users to create AWS EMR clusters, submit jobs to clusters, and delete clusters. It handles job scheduling and delivery to clusters to optimize usage of AWS resources. Using AE and AWS services like EMR and S3 allows Trend Micro to scale their data and computation needs elastically with reduced operational overhead compared to managing infrastructure on their own.
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Amazon Web Services
In recent years, more and more enterprises notice about what values of Big Data can bring, and willing to devote more resources to Big Data field. Doing Hadoop for PoC and further for running in PROD. In common cases, enterprises need to get their servers first for running their Hadoop. By now, thanks for the popularity of Hadoop and its ecosystem. Enterprises have another choice for doing Hadoop, which is, doing it on Public Cloud platforms, such as Amazon, etc. Trend Micro also noticed this trends for Big Data on the cloud, and would like to leverage its elasticity to enable more chances to find more values from our Big Data with less of constraints. In this sharing, we would like to introduce our common Big Data computation platform - Analytic Engine (AE), which is a simple RESTful API service running on AWS for Trenders, with features, such as createCluster, deleteCluster and submitJob, etc. By now, Trenders can run their research jobs, and furthermore, build their own PoC/Staging/PROD levels of services based on AE, to get any computation resources they want, anytime and anyplace in Trend Micro, just by few RESTful API calls.
Real-world development Decomposing a serverless skills-based routing application on AWS
Presenter: Adam Larter, Principal Solutions Architect, Developer Specialist
Rovshan Musayev presented on building a serverless self-service framework using AWS Lambda. He discussed how the need for automation led to creating a self-service model where teams can provision resources without asking. The framework uses AWS services like API Gateway, Lambda, SQS, and DynamoDB along with CI/CD tools. Testing is done through mocking and unit testing. Lessons learned include the importance of testing from the start and avoiding long living branches in source control.
The document provides an overview of a presentation on serverless development, outlining topics that will be covered such as building serverless APIs, CI/CD pipelines, development frameworks like AWS SAM and Chalice, debugging and testing locally, security features like Amazon Cognito, and using services like AWS Lambda and Amazon API Gateway. Paul Maddox will give the presentation, sharing his 16 years of development experience and focusing on debunking myths around serverless development.
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsAmazon Web Services
Software release cycles are now measured in days instead of months. Cutting-edge companies are continuously delivering high-quality software at a fast pace. In this session, we will cover how you begin your DevOps journey by sharing best practices and tools by the "two pizza" engineering teams at Amazon. We will showcase how you can accelerate developer productivity by implementing continuous integration and delivery workflows. Here to share their story is FamilySearch, a large nonprofit customer, deploys 1700 code implementations a day using native AWS tools. This allows them to improve feature sets, provide better member experience, and improve their ability to deliver improved functionality quickly. FamilySearch has been doing DevOps in the cloud longer than any of our PS customers and their expertise in this field is unmatched. In this session, they'll provide deep insight into managing the challenges of migrating to a DevOps model, using cloud services to differentiate a business, and improving an organization's ability to do more with less.
Get the EDGE to scale: Using Cloudfront along with edge compute to scale your...Amazon Web Services
You could use Cloud Front to deliver pages faster, however, customized processing still required requests to be forwarded back to compute resources at centralized servers, which may slow down the end user experience. This session shows how a combination of Cloud Front, and edge compute can help you scale out your resources in a much more effective way than you think.
Speaker: Anil Nair
Solution Architect, Amazon India
This document discusses serverless computing and AWS Lambda. It provides an overview of virtual machines, containers, and serverless/functions as a service. It describes how AWS Lambda works, including how to author functions using various programming languages. It also discusses how to integrate Lambda with other AWS services like API Gateway, Step Functions, S3, DynamoDB and more. It introduces the AWS Serverless Application Repository and AWS SAM for defining serverless applications.
Andrew May - Getting Certified for Fun and ProfitAWS Chicago
This document provides information about AWS certifications, including foundational, associate, professional, and specialty certifications. It discusses the benefits of obtaining certifications, such as helping to land jobs or command higher salaries. It provides breakdowns of the exam formats and sample questions for certifications like Cloud Practitioner, Developer Associate, Solutions Architect Associate, and SysOps Administrator Associate. The document recommends levels of experience and gives advice for preparing for exams, including exploring AWS services, reading documentation, taking practice exams, and registering for exams.
Twelve-factor serverless applications - MAD302 - Santa Clara AWS SummitAmazon Web Services
The twelve-factor application model represents 12 best practices for building modern, cloud-native applications. With guidance on factors like configuration, deployment, runtime, and multiple-service communication, the twelve-factor model prescribes best practices that apply to everything from web applications to APIs to data processing applications. Although serverless computing and AWS Lambda have changed application development, the twelve-factor best practices remain relevant and applicable in a serverless world. In this talk, we apply the twelve-factor model to serverless application development with AWS Lambda and Amazon API Gateway, and we show you how these services enable you to build scalable, well-built, low-administration applications.
This document introduces CloudBridge, a Python library that provides a simple, uniform API for interacting with multiple cloud providers. It aims to allow users to write code once that can run on any supported cloud without specialization for individual providers. CloudBridge focuses on mature cloud APIs and offers a set of conformance tests to ensure compatibility without needing separate testing for each provider. The document outlines the goals, design, and features of CloudBridge, and provides code samples for setting up a provider and launching an instance using the uniform API.
Zombie Apocalypse Workshop by Warren Santer and Kyle Somers, Solutions Archit...Amazon Web Services
The document provides an overview of a workshop on building serverless microservices using AWS Lambda. The workshop will introduce AWS Lambda, Amazon API Gateway, Amazon DynamoDB, and Amazon Cognito. Attendees will work in teams to build a secure, scalable chat service for zombie apocalypse survivors using these AWS serverless technologies. The workshop includes breakout sessions where attendees will add features like typing indicators, SMS integration with Twilio, messaging search with Elasticsearch, integration with Slack, and zombie sensor data integration with Intel Edison.
This document provides an overview of API gateways. It discusses the API gateway pattern which includes separating client and server code, providing distinct API views from the same origin, and composing calls between APIs. It also includes an architecture diagram and discusses core features like uniform authentication, REST over HTTPS, horizontal scalability, payload rewrite, request composition, and backend as a service. Popular API gateway players like APIGEE, AWS API Gateway, and Kong are compared. Potential pitfalls around dependency, lock-in, scalability, and backend savings are also covered. The conclusion recommends using API gateways as accelerators but planning to reduce their footprint, using standard protocols, managing cache/data, and being able to migrate to an open
Learn about what a serverless architecture is, why they are growing in popularity, and who the key players are in a serverless API build on the AWS platform. Then get started building your own servless API!
Architecting ASP.NET Core Microservices Applications on AWS (WIN401) - AWS re...Amazon Web Services
In this session, learn how to architect, configure, and deploy an ASP.NET Core microservices application running in containerized AWS Fargate tasks. We cover how to use Amazon DynamoDB for session state and how to use Amazon Cognito for identity management. We also discuss using Amazon ECS for service discovery and AWS CodePipeline to create CI/CD pipelines for each microservice so that each one is individually deployed when an AWS CodeCommit repository is updated. Join us, and learn everything you need to know to start designing and deploying containerized ASP.NET Core applications on AWS.
Deep Dive on Lambda@Edge - August 2017 AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn how you can use Lambda@Edge and Amazon CloudFront to deliver richer, more personalized content with low latency to your customers
- Learn how you can use serverless coding across Amazon's network of edge locations
- Find out from our customers how they are using Lambda@Edge
Today, developers have to forward requests from distributed CDN endpoints back to compute resources at their centralized servers in order to do any customized processing, slowing down the end user experience. The Lambda-based processing model allows you to write JavaScript code that runs within the growing network of AWS edge locations. In this tech talk, we will provide a deep dive on the capabilities of Lambda@Edge and its use cases.
The document discusses serverless computing and the callback server architecture used by Veracode for dynamic application security testing. It summarizes the advantages of replacing the existing callback server with EC2 and Postgres with a serverless architecture using AWS Lambda, API Gateway, and DynamoDB. While the serverless approach provided benefits like automatic scaling and lower costs, it required learning new skills and significantly more effort on devops tasks for deployment automation compared to development. Security best practices like monitoring, access control, and dependency scanning were also emphasized for serverless architectures.
Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In the past, you had to provision and scale servers to run your application code, install and operate distributed databases, and build and run custom software to handle API requests. Now, AWS provides a stack of scalable, fully-managed services that eliminates these operational complexities.
In this session, you will learn about the benefits of serverless architectures and the basics of the serverless stack AWS provides. We will also walk through how you can use serverless architectures for everything from data processing to mobile and web backends.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Jeremy Edberg, Co-Founder, CloudNative, & AWS Community Hero
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
20 Comprehensive Checklist of Designing and Developing a WebsitePixlogix Infotech
Dive into the world of Website Designing and Developing with Pixlogix! Looking to create a stunning online presence? Look no further! Our comprehensive checklist covers everything you need to know to craft a website that stands out. From user-friendly design to seamless functionality, we've got you covered. Don't miss out on this invaluable resource! Check out our checklist now at Pixlogix and start your journey towards a captivating online presence today.
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Zilliz
Join us to introduce Milvus Lite, a vector database that can run on notebooks and laptops, share the same API with Milvus, and integrate with every popular GenAI framework. This webinar is perfect for developers seeking easy-to-use, well-integrated vector databases for their GenAI apps.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
2. Contents
Real-world examples of some serverless implementation patterns, using API
Gateway primarily. In particular:
■ Introduction: authentication for a serverless project for the BBC
■ Quick intro to API Gateway as a serverless toolkit
■ Example access to other serverless services using API Gateway
● S3
● Email
● DynamoDB
■ How to practically use API Gateway yourself
■ Spotting candidates for this approach
3. Me
■ Nearly 30 years professional experience
■ Dev, Ops, DevOps, Architecture, Consultancy, Strategy,
Stuff
■ Ran engineering for Online Operations at the BBC in
2000/2001
■ CTO of a dotcom during the boom (and bust)
■ Owner/Director of Isotoma since 2004
■ Still write code, mostly Python, Go and Typescript
4. Characteristics of "serverless"
1. No cost when no use, cost scales with usage
2. Provisioning decisions taken by the cloud provider
3. "Infinite" scaling capacity
Not really anything to do with servers or the lack thereof, or
FaaS
6. IDT Cloud Introduction
■ IDT = In Depth Toolkit ¯_(ツ)_/¯
■ BBC News journalists often need to embed charts and
other visualisations in their output
■ An existing tool, IDT, provided charting services for
journalists, using the previous generation of BBC News
delivery infrastructure, Forge, which was PHP
7. IDT Cloud Introduction
■ BBC News are moving to AWS and all services should now
be delivered from with AWS services
■ This was an opportunity to entirely rewrite IDT and make
it fit for purpose
■ We had (largely) complete freedom to choose
implementation technologies
■ The new version is called IDT Cloud
8. Particular challenges
■ BBC News audience is approx 500M people globally, in
many languages, which is quite a lot
■ Must function on a wide range of devices, including some
old phones and in both landscape and portrait
■ Which is hard for charts!
■ Lots of choices for how to fit charts onto small devices -
but often the choices depend on the size, language and
aspect ratio
■ Kind of high traffic levels sometimes
9. Architecture
Lots of moving parts
■ Datastore for chart origination material (JSON blobs
describing charts, plus ancillary artifacts like background
images)
■ Integration with other BBC News systems, including
several generations of CMS
■ Editorial interface for journalists to interact with their
charts
■ Rendering system to deliver charts in every output format
needed
11. Authentication
■ We wanted a private application for authorized BBC Users
only
■ BBC Users are authorized by either:
● a) having a valid client X509 certificate in their
browser, or
● b) Logging into the BBC Login single sign-on system
■ API Gateway is on the public internet
■ API Gateway can't see client certs (this sucks by the way,
AWS should support X509 PKI everywhere)
12. The Authentication Proxy
Our solution:
1. require AWS_IAM authentication for the API,
● all requests to it must be signed
2. Send users via a proxy, running on EC2, that examines the
client certificate. If it is not present it goes through the
login ceremony via BBC Login
3. Authenticated users are proxied to API Gateway with
signed requests
13. Not actually overkill
Seems like an overcomplex solution
- but the proxy is entirely reusable, providing a standard way
for new applications to be delivered via API Gateway with no
authentication code needed.
16. What API Gateway really is
■ URL mapping
■ Access Control and Management
■ Validation & Error Handling
■ Request & Response Transformation
■ Access to AWS backing services
■ A bunch of other useful stuff (throttling, API keys etc.)
17. Core Anti-feature
■ Really, really, really, really annoying to configure and deploy. Even more
than usual.
■ Can be done with CloudFormation but it is bad (even for CloudFormation)
■ Can be done with Swagger, but you will need to write some tooling
■ Supported by other tools:
● SAM
● serverless.com
● But they only provide basic functionality
24. Decoupled authentication
■ Authentication is bad
● Authenticating API requests is expensive
● For microservice-based architectures it means all services need
to apply authentication, so authentication changes mean
everything needs releasing
■ Instead, authenticate within API Gateway
■ Services can assume requests are authenticated
■ For bonus points, use Cognito for authentication and you can hand off
almost everything
26. Supported schemes
Lambda Function
■ Bring your own authorizer
■ Called on each request
■ You examine the request to
determine if authenticated
■ Returns:
● A principal identifier
● An IAM Policy
Cognito User Pool
■ Calling client authenticates with
Cognito
■ Include the JWT Token as the
Authorization header
27. Principals & permissions
■ The principal provided is available in the context for your integrations (we
have used a custom header to deliver the principal ID)
■ Associated IAM Policies can be used to secure back-end services
■ Using the "invoke with caller credentials" option in the integration means
the IAM Policies you deliver in the authorizer are used directly
■ With Cognito, users can be placed into groups and the groups provide IAM
Roles, which specify the policies used
■ Together this means you can entirely outsource your authentication,
authorization and user management
28. Benefits
■ Federation - Cognito can federate to lots of identity providers
■ Reduced developer friction - dev environments can ignore authentication
for the most part
■ Security - it is easy to screw up roll-your-own authentication
■ Robustness - This is easily one of the most error-prone parts of a
codebase, so getting rid of it is a good thing
■ Agility - Apply a common authentication layer across heterogenous
underlying serverless and microservices
30. Static files
1. Web applications need static files
a. Initial HTML page
b. Javascript & CSS
c. Images etc.
2. You may wish to deliver these on URLs alongside your API
3. You can do this with API Gateway
31. Static files
■ Super simple use case
■ Two options for the Integration
● HTTP integration to the s3 HTTP endpoint
● Service integration to S3 "as a service"
■ Using the service integration allows us to access objects
in private buckets
34. S3 Blobs
1. Direct access to S3 from React etc. is a common
requirement, for both reading and writing
2. We can do this entirely in API Gateway
35. S3 Blobs
■ For the IDT project we need to store and retrieve
configuration for charts, which are just JSON blobs
■ All authorized users can load and store all blobs, so there
are no complex authorization rules
■ API Gateway can do this without the need for any
Lambda
38. Sending email
1. Sending Email in response to a user request means you
have to constrain at least one of:
a. To address
b. Subject and Body
2. Or it can be used as a spam factory
3. So you can't just hand out SES Access Key and Secret to
your React application (doh)
4. API Gateway to the rescue
39. Simple Email Service (SES)
■ SES is ancient and has a dreadful API
■ This is mostly hidden from you because you either use:
● the SES support in the AWS SDK (which is fine), or
● the SMTP API, which is... SMTP
■ However under the hood it is seriously old skool
■ This is a good (but simple) example of how much heavy
lifting API Gateway can do
40. The SES API
From: sender@isotoma.com
To: president@whitehouse.gov
Subject: Hello Mr President
How are you?
Content-Type: application/x-www-form-urlencoded
Action=SendRawEmail&Source=sender%40isotoma.com&Destin
ations.member.1=president%40whitehouse.gov&RawMessage.
Data=Subject%3A+Hello+Mr+President%0A%0AHow+are+you%3F
%0A'
Serialised as x-www-form-urlencoded rather than JSON or XML.
Also it is generally kind of confusing
Here is a real example that works though:
41. The API we want to provide
Model schema specified in JSON
schema
Input is validated against this
automatically
Then allows us to access named
parts of the input in processing
43. Transformations
■ Uses the Velocity templating language
■ Velocity is kind of terrible
■ all templating languages are terrible
■ but less terrible than writing code. generally.
■ there are loads of useful functions and it is actually
pretty good
■ We use "stage variables" to store constants
46. The feature
IAM Policies can include
conditions restricting access
to DynamoDB tables to rows
where the HASH key matches
defined strings.
We can use the authenticated
user's identifier here, so
restricting a user to only their
rows in the database.
47. How to use it
1. Use cognito
2. Add an IAM Policy like this
3. Use "invoke with caller credentials"
4. Magic
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dynamodb:GetItem",
"dynamodb:PutItem",
"dynamodb:Query"
],
"Resource": [
"table_arn"
],
"Condition": {
"ForAllValues:StringEquals": {
"dynamodb:LeadingKeys": [
"${cognito-
identity.amazonaws.com:sub}"
]
}
}
}
]
}
49. Using API Gateway
1. Cloudformation does have resources to
cover API Gateway (see right)
2. You really don't want to use these!
3. Swagger (OpenAPI) is better
4. BUT it has no concept of variables
5. ALSO CloudFormation tooling for Swagger
is kind of lame
50. Workflow
1. Mock out and test features in the console
2. Export the Swagger from the stage
3. Replace hard coded literals with variables
4. Extend the Swagger to cover your whole API
5. Write something to do configuration management for you
6. Put the file in an S3 bucket
7. Run CloudFormation
8. Write something to update the API by calling the API Gateway API
54. Is this even a good idea?
I think these techniques deliver benefits:
1. Less code
2. Outsource and commoditise
3. Design "with the grain" of the underlying services
4. Enforce simplicity
5. Actual API-first design
But they can be challenging to exploit
55. Spotting candidates
■ Application code is generally "get a request, do some
stuff, access some backing services, return a response"
■ Only a subset can be implemented entirely in API
Gateway:
● No loops
● Single input and single output transformation
56. The challenge
■ Few developers have an in depth knowledge of more than
a couple of AWS services
■ All of the examples I've shown here can instead be
implemented in custom code
■ Organizationally it might be easier to implement in
custom code...
■ ...even if the product is worse
■ And the tooling is, at best, patchy
57. Handling change
■ Replacing these things with Lambda calls is easy
■ Your API remains stable
■ So stubbing out an API early on with simple S3 access
etc. can be a good way to get moving
■ Don't worry if you will later need more complexity