Extending Serverless Api Gateway
Extending Serverless Architectures with Amazon API Gateway
Section titled “Extending Serverless Architectures with Amazon API Gateway”Benefits of APIs
Section titled “Benefits of APIs”Standardize App Communication
Section titled “Standardize App Communication”- Language Bridge: Connect software applications written in different languages in standardized way
- Complexity Hiding: Hide implementation complexity from client applications
- Documentation: Provide clear documentation on API usage and request formatting
- Format Independence: Client applications don’t need to understand microservice technical details
Protect Microservices
Section titled “Protect Microservices”APIs provide essential protection for rapidly scaling microservices:
- Authorization: Choose whether to require authorization for access
- Request Validation: Check request formats and return errors for incorrect formats
- Throttling: Control the number of requests to prevent resource saturation
- Access Control: Restrict resource access to allow only limited actions
Monetize API and Track Statistics
Section titled “Monetize API and Track Statistics”- Usage Tracking: Collect client usage data points for analysis
- Billing Integration: Track usage for billing purposes
- Statistics: Supply detailed usage statistics per client
- Prioritization: Enable preferential usage for paying customers
Amazon API Gateway
Section titled “Amazon API Gateway”Core Capabilities
Section titled “Core Capabilities”- API Types: Create, publish, and maintain REST, HTTP, and WebSocket APIs
- Traffic Management: Configurable traffic management, authorization, and resource access control
- Service Integration: Access to AWS services and publicly accessible endpoints
- Version Management: Host multiple versions and stages of application APIs
- Monetization: Establish client usage plans to control and monetize APIs
- Performance: Cache common responses to improve latency
Backend Integration Options
Section titled “Backend Integration Options”- AWS Lambda: Direct integration for serverless compute
- Amazon EC2: Applications running on EC2 instances
- Amazon ECS: Containerized applications
- Private Applications: VPC or on-premises applications
- Public Endpoints: Publicly accessible HTTP endpoints
- Direct AWS Services: Kinesis, Step Functions, DynamoDB
Advanced Features
Section titled “Advanced Features”- Concurrent Requests: Handle hundreds of thousands of concurrent API requests
- Authorization Integration: Amazon Cognito integration and Lambda authorizer plugins
- Development Environments: Multiple stages for development, testing, and production
- Usage Plans: Third-party developer plans with throttling and quota limits
- API Keys: Extract utilization data per API key for billing and analysis
Choosing an API Type
Section titled “Choosing an API Type”Features:
- Collection of routes and methods
- Extensive API management features
- Usage plans and payload validation
- Private API endpoints and resource policies
- Cross-origin resource sharing (CORS) support
- Stateless architecture
Use Cases:
- Applications requiring comprehensive API management
- Need for usage plans, billing, and access control
- Private API endpoints in VPC
- Resource-based security policies
Features:
- Collection of routes and methods
- Optimized for microservices
- Lower latency and cost than REST APIs
- CORS support
- Stateless architecture
Use Cases:
- Serverless workloads proxying to Lambda functions
- HTTP backends requiring low latency
- Cost-optimized microservice implementations
- Simple proxy functionality
Features:
- Collection of WebSocket routes
- Real-time applications
- Persistent client-backend session
- Payload validation and data transformations
- Stateful connections
Use Cases:
- Real-time messaging applications
- Chat rooms and collaborative tools
- Live data feeds and notifications
- Bidirectional communication requirements
RESTful API Concepts
Section titled “RESTful API Concepts”- HTTP Methods: GET, POST, PUT, PATCH, DELETE for CRUD operations
- Stateless Design: Smooth redeployment and scaling for cloud applications
- Example: POST /class-roster (add student), GET /class-roster (retrieve all students)
Performance HTTP APIs provide up to 70% cost reduction and improved performance over REST APIs for simple proxy use cases.
API Gateway Backend Integrations
Section titled “API Gateway Backend Integrations”AWS Lambda Integration
Section titled “AWS Lambda Integration”Standard microservice pattern using:
- Amazon Cognito for authorization
- API Gateway for request routing
- AWS Lambda for business logic
- Amazon DynamoDB for data storage
HTTP Proxy Integration
Section titled “HTTP Proxy Integration”- Public Endpoints: Connect API routes to publicly routable HTTP endpoints
- Request/Response Flow: API Gateway passes entire request and response between frontend and backend
- Configuration: Simply provide URL of publicly routable HTTP endpoint
First-Class AWS Service Integrations
Section titled “First-Class AWS Service Integrations”Direct connections to AWS service APIs:
- Amazon SQS: Send messages to queues
- AWS Step Functions: Start state machine executions
- Amazon DynamoDB: Direct database operations
- Benefits: Bypass Lambda for simple AWS service calls
VPC Link Integration
Section titled “VPC Link Integration”- REST APIs: Access Network Load Balancer in VPC
- HTTP APIs: Access Network Load Balancer, Application Load Balancer, and other VPC services
- Use Cases: Amazon EC2 instances, Amazon ECS containers, private applications
Activity: Decomposing Monolithic Application
Section titled “Activity: Decomposing Monolithic Application”Monolithic Shopping Application Components
Section titled “Monolithic Shopping Application Components”Original monolithic application includes:
- Shopping Cart: Add, remove, update items with single-digit second response time
- Payments: Finalize cart and process payments (port as-is with minimal changes)
- Delivery: Multi-day process with customer notifications
Solution: Microservices Architecture
Section titled “Solution: Microservices Architecture”Shopping Cart Microservice
Section titled “Shopping Cart Microservice”Solution: Amazon API Gateway HTTP API + AWS Lambda + Amazon DynamoDB
- Performance: Millisecond transactions meeting single-digit response requirements
- Architecture: HTTP API routes requests to Lambda function
- Data Storage: DynamoDB shopping cart table
- Benefit: Scales automatically and provides fast response times
Payment Microservice
Section titled “Payment Microservice”Solution: Amazon API Gateway HTTP API + Application Load Balancer + Amazon ECS + DynamoDB
- Legacy Compatibility: ECS containers allow minimal code changes from on-premises
- Load Distribution: Application Load Balancer distributes payment transactions
- External Integration: Containers access publicly accessible banking APIs
- Data Storage: DynamoDB payment table
- Benefit: Preserves existing payment logic while enabling cloud scalability
Delivery Workflow Service
Section titled “Delivery Workflow Service”Solution: Amazon API Gateway HTTP API + AWS Step Functions + Amazon SQS + Amazon SNS + DynamoDB
Important This is a workflow service, not a microservice, due to multi-day duration.
Workflow Process:
- Initiation: API Gateway receives delivery call, forwards to Step Functions
- Queue Processing: State machine puts request on SQS delivery queue and suspends
- External Processing: Inventory/delivery API polls queue and processes delivery
- Callback: Upon completion, API callbacks to state machine
- Decision Logic: Choice state determines if order delivered or cancelled
- Notifications: Amazon SNS sends email notifications to customers
- Cleanup: If cancelled, refund request placed on SQS refund queue
Benefits: Handles long-running processes with proper state management, error handling, and customer communication.
Amazon API Gateway provides comprehensive API creation and management capabilities with multiple API types suited for different use cases. REST APIs offer full management features, HTTP APIs provide optimized performance for microservices, and WebSocket APIs enable real-time applications requiring active sessions.