What is Amazon API Gateway?

"Creating a RESTful API with ease"

Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.

With a few clicks in the AWS Management Console, you can create an API that acts as a "front door" for applications to access data, business logic, or functionality from your back-end services, such as applications running on EC2, code running on AWS Lambda, or any web application

How API Gateway works

Application -> REST API -> Action


Rest API


Users -> API Gateway --> (Lambda|EC2|DDB)

What Can API Gateway Do?

API Gateway Configuration

How Do I Configure API Gateway?

API Gateway Deployments

How Do I Deploy API Gateway?

API Gateway Caching

Same Origin Policy

In computing, the same-origin policy is an important concept in the web application security model. Under the policy, a web browser permits scripts container in a first web page to access data in a second web page, but only if both webpages have the same origin

This is done to prevent Cross-site Scripting (XSS) attacks.
* Enforced by web browsers.
* Ignored by tools like PostMan and curl

CORS Explained

CORS is one way the server at the other end (not the client code in the browser) can relax the same-origin policy.

Cross-origined resource sharing (CORS) is a mechanism that allows restricted resources (e.g. fonts) on a web page to be requested from another domain outside the domain from which the first resource was served.

CORS in Action

API Gateway Authorization

API Gateway Authorizers

Understanding "Custom Authorizer"

API Gateway Exam Tips