Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Amazon API Gateway

7.348 visualizaciones

Publicado el

AWS Technical Day - Amazon API Gateway

Publicado en: Tecnología

Amazon API Gateway

  1. 1. ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Introducing Amazon API Gateway Oren Katz – Solutions Architect, AWS orenkatz@amazon.com
  2. 2. Agenda • Why we built Amazon API Gateway • What is Amazon API Gateway? • Amazon API Gateway Features & Functionality • Q&A
  3. 3. Your Feedback • Managing multiple versions and stages of an API is difficult
  4. 4. Your Feedback • Managing multiple versions and stages of an API is difficult • Monitoring 3rd party developers’ access is time consuming
  5. 5. Your Feedback • Managing multiple versions and stages of an API is difficult • Monitoring 3rd party developers’ access is time consuming • Access authorization is a challenge
  6. 6. Your Feedback • Managing multiple versions and stages of an API is difficult • Monitoring 3rd party developers’ access is time consuming • Access authorization is a challenge • Traffic spikes create operational burden
  7. 7. Your Feedback • Managing multiple versions and stages of an API is difficult • Monitoring 3rd party developers’ access is time consuming • Access authorization is a challenge • Traffic spikes create operational burden • What if I don’t want servers at all?
  8. 8. • Host multiple versions and stages of your APIs • Create and distribute API Keys to developers • Leverage AWS Sigv4 to authorize access to APIs • Throttle and monitor requests to protect your backend • Utilizes AWS Lambda Introducing Amazon API Gateway
  9. 9. Introducing Amazon API Gateway • Managed cache to store API responses • Reduced latency and DDoS protection through CloudFront • SDK Generation for iOS, Android and JavaScript • Swagger support • Request / Response data transformation and API mocking
  10. 10. How Does Amazon API Gateway Work?
  11. 11. An API Call Flow Internet Mobile Apps Websites Services API Gateway AWS Lambda functions AWS API Gateway Cache Endpoints on Amazon EC2 / Amazon Elastic Beanstalk Any other publicly accessible endpoint Amazon CloudWatch Monitoring
  12. 12. Build, Deploy, Clone & Rollback • Build APIs with their resources, methods, and settings • Deploy APIs to a Stage – Users can create as many Stages as they want, each with its own Throttling, Caching, Metering, and Logging configuration • Clone an existing API to create a new version – Users can continue working on multiple versions of their APIs • Rollback to previous deployments – We keep a history of customers’ deployments so they can revert to a previous deployment
  13. 13. API Configuration • You can create APIs • Define resources within an API • Define methods for a resource – Methods are Resource + HTTP verb Pet Store /pets /pets/{petId} • GET • POST • PUT
  14. 14. API Deployments • API Configuration can be deployed to a stage • Stages are different environments For example: – Dev (e.g. awsapigateway.com/dev) – Beta (e.g. awsapigateway.com/beta) – Prod (e.g. awsapigateway.com/prod) – As many stages as you need Pet Store dev beta gamma prod
  15. 15. Manage Multiple Versions and Stages of your APIs API 1 (v1) Stage (dev) Stage (prod) API 2 (v2) Stage (dev)
  16. 16. Custom Domain Names • You can configure custom domain names • Provide API Gateway with a signed HTTPS certificate • Custom domain names can point to an API or a Stage • Pointing to an API you have access to all Stages – Beta (e.g. yourapi.com/beta) – Prod (e.g. yourapi.com/prod) • Pointing directly to your “prod” Stage – Prod (e.g. yourapi.com/)
  17. 17. Metering & Authorization
  18. 18. API Keys to Meter Developer Usage • Create API Keys • Set access permissions at the API/Stage level • Meter usage of the API Keys through CloudWatch Logs
  19. 19. API Keys to Authorize Access • The name “Key” implies security – there is no security in baking text in an App’s code • API Keys should be used purely to meter app/developer usage • API Keys should be used alongside a stronger authorization mechanism
  20. 20. Leverage AWS Sigv4, or Use a Custom Header • You can leverage AWS Sigv4 to sign and authorize API calls – Amazon Cognito and AWS Security Token Service (STS) simplify the generation of temporary credentials for your app • You can support OAuth or other authorization mechanisms through custom headers – Simply configure your API methods to forward the custom headers to you backend
  21. 21. Using Sigv4 to authenticate calls to your API Call Login API, no auth required Client API Gateway Backend /login Lambda fn_login User Accounts database Credentials verified Cognito developer authenticated identities Access and secret key /login Receives credentials to sign API calls
  22. 22. Throttling and Caching
  23. 23. API Throttling • Throttling helps you manage traffic to your backend • Throttle by developer-defined Requests/Sec limits • Requests over the limit are throttled – HTTP 429 response • The generated SDKs retry throttled requests
  24. 24. Caching of API Responses • You can configure a cache key and the Time to Live (TTL) of the API response • Cached items are returned without calling the backend • A cache is dedicated to you, by stage • You can provision between 0.5GB to 237GB of cache
  25. 25. Request processing workflow Receive incoming request • Check for item in dedicated cache • If found return cached item Check throttling configuration • Check current RPS rate • If above allowed rate return 429 Execute backend call
  26. 26. Input / Output Models and Transforms
  27. 27. API Models • Models are a JSON Schema representation of your API requests and responses • Models are used for input and output filtering, and SDK generation • You can reuse models across multiple methods in your API
  28. 28. Input / Output Transforms • Use Velocity Templates to transform data • Filter output results – Remove private or unnecessary data – Filter dataset size to improve API performance • GET to POST – Read all query string parameters from your GET request, and create a body to make a POST to your backend • JSON to XML – Receive JSON input and transform it to XML for your backend – Receive JSON from a Lambda function and transform it to XML
  29. 29. Transform Example: JSON to XML API Gateway Backend GET - /sayHello Lambda fn_sayHello /sayHello { “message” : “hello world” } <xml> <message> Hello world </message> </xml> #set($root = $input.path('$')) <xml> <message> $root.message </message> </xml>
  30. 30. SDK Generation
  31. 31. Generate Client SDKs Based on Your APIs • SDKs are generated based on API deployments (Stages) • If Request and Response Models are defined, the SDK includes input and output marshalling of your methods • SDKs know how to handle throttling responses • SDKs also know how to sign requests with AWS temporary credentials (SigV4) • Support for Android, iOS, JavaScript, …
  32. 32. Demo
  33. 33. Amazon API Gateway Pricing • $3.50 per Million API Gateway requests • Included in the AWS Free Tier – 1 Million API requests per month for 12 months • Data Transfer Out (Standard AWS Prices) – $0.09/GB for the first 10 TB – $0.085/GB for the next 40 TB – $0.07/GB for the next 100 TB – $0.05/GB for the next 350 TB
  34. 34. Optional – Dedicated Cache Pricing Cache Memory Size (GB) Price per Hour (USD) 0.5 $0.020 1.6 $0.038 6 $0.200 13 $0.250 28 $0.500 58 $1.000 118 $1.900 237 $3.800
  35. 35. Availability • Today! • Initially available in: – US East (N. Virginia) – US West (Oregon) – EU West (Dublin) – Plan to enable other regions rapidly
  36. 36. Amazon API Gateway Build, Deploy & Manage your APIs http://aws.amazon.com/apigateway/
  37. 37. Your Feedback is Important to AWS Please complete the session evaluation. Tell us what you think!
  38. 38. NEW YORK
  39. 39. NEW YORK ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

×