Amazon Web Services (AWS) have released Amazon API Gateway, a fully managed service that allows developers to publish, maintain, monitor, and secure APIs 'at any scale'. The AWS management web portal allows an API to be created that can act as a 'front door' for applications to access data, business logic, or functionality from backend services, such as applications running on Amazon EC2, code running on AWS Lambda, or any publicly addressable service hosted outside of AWS.
The AWS official blog states that many AWS customers host backend web services for mobile, web, enterprise, or IoT (Internet of Things) applications on AWS. These services have no user interface, and instead they are accessed programmatically, typically using a REST-style interface. In order to successfully host an API backend there must be a supporting infrastructure, which provides security, manages traffic, implements monitoring and provides other essential foundational services.
Amazon API Gateway provides this infrastructure, and handles the tasks involved in accepting and processing up to 'hundreds of thousands' of concurrent API calls, including traffic management, authorisation and access control, monitoring, and API version management. Several industry luminaries commented on the disruptive potential of API Gateway, including Mitch Garnaat, creator of the boto AWS SDK for Python and the AWS CLI:
I felt a great disturbance in The Force. As if a thousand REST Frameworks suddenly cried out in terror and were silenced. #AWSSummit
Jeff Barr, chief evangelist for AWS, stated on the AWS official blog that when providing an API to end-users and customers, it is often necessary, to build, maintain, and distribute software development kits (SDKs) for one or more programming languages. Accordingly, the Amazon API Gateway currently provides automatic generation of SDKs for JavaScript, iOS and Android, with other languages planned for the future. The AWS official blog also states that existing API definitions that are described, for example, using Swagger can be imported into the API Gateway, but this tool is not yet currently available.
Barr suggested that the combination of API Gateway and AWS Lambda, a compute service that runs code in response to events and automatically manages the underlying compute resources, allows APIs to be created that do not require complex backend application provisioning and configuration:
If you use AWS Lambda [in combination with API Gateway], you can implement highly scalable APIs that are totally server-less.
Barr also stated that the API Gateway enables the implementation of APIs that 'wrap around, enhance, and effectively modernize legacy systems'. Results from multiple RPC-style web service calls can be aggregated into a single response, and then the data filtered and processed. The API Gateway can convert XML-style data from existing services into JSON by specifying transformations via JSON-Schema. APIs can be tested from within the AWS Management Console, with full access to the HTTP status code, the response (body and headers), and the request log. The screenshot below shows the endpoint definition and test section of the API Gateway UI:
Multiple environments, which the API Gateway names 'stages', of a given API can be created and selectively deployed within the scope of a tag such as 'dev, beta or prod'. Although not required, each operation in each version can have a distinct implementation. When creating a new version of an API, an existing API can be cloned, deployed to a distinct stage, and then work continued on both with the eventual goal of deprecating the older API.
The AWS official blog states that after an API is deployed the API Gateway will accept, handle, monitor, and respond to requests. A cache can be configured on a per-stage basis, with full control over the lifetime of cached responses and the mapping of request parameters to cache keys. Requests to APIs are logged to Amazon CloudWatch and detailed metrics are reported to Amazon CloudWatch on a per-stage, per-method basis. Administrative actions such as creating and configuring APIs are logged to CloudTrail for auditing. Requests can be throttled if they exceed a desired rate, and AWS Identity and Access Management (IAM), Amazon Cognito, or OAuth credentials can be used to authorise access to individual methods.
Barr describes on the AWS official blog that the API Gateway was designed to deliver on the following promises:
- Scalable and efficient - Handle any number of requests per second (RPS) while making good use of system resources.
- Self-service and highly usable - define, revise, deploy, and monitor APIs without requiring specialised knowledge or skills, including easy SDK generation.
- Reliable - build services that are exceptionally dependable, with full control over error handling, including customised error responses.
- Secure - Allow a developer to take advantage of the latest AWS authorisation mechanisms and IAM policies to manage your APIs and your AWS resources.
- Performant - build services that are globally accessible (via CloudFront) for low latency access, with data transfer to the backend over the AWS network.
- Cost-effective - Allow a developer to build services that are economical to run, with no fixed costs and pay-as-you-go pricing.
The Amazon API Gateway is available now in the US East (Northern Virginia), US West (Oregon), and Europe (Ireland) regions. Additional information about the API Gateway can be found within the AWS documentation portal.