API Gateway CheatSheet

• API Gateway is a solution for creating secure APls in your cloud environment at any scale.
• Create APls that act as a front door for applications to access data, business logic, or functionality from back-end services.
• API Gateway throttles api endpoints at 10,000 requests per second (can be increase via service request through AWS support)
• Stages allow you to have multiple published versions of your APl eg. prod, staging. QA
• Each Stage has an Invoke URL which is the endpoint you use to interact with your API
• You can use a custom domain for your Invoke URL eg.
• You need to publish your API via Deploy API. You choose which Stage you want to publish your API
• Resources are your URLs eg. /projects
• Resources can have child resources eg. /projects/-id-/edit
• You defined multiple Methods on your Resources eg GET, POST, DELETE
• CORS issues are common with API Gateway, CORS can be enabled on all or individual endpoints
• Caching improves latency and reduces the amount of calls made to your endpoint
• Same Origin Policies help to prevent XSS attacks
• Same Origin Policies ignore tools like postman or curl
• CORS is always enforced by the client.
• You can require Authorization to your API via AWS Cognito or a custom Lambda.