Building APIs with Amazon API Gateway

Deploying Applications on AWS

Dunieski Otano

Amazon Web Services Solutions Architect

Three clients, one backend

  • Web, mobile, and a partner all call one backend
  • Each speaks a slightly different format
  • A front door validates and transforms every caller

 

Three client types connecting through a single API Gateway that routes requests to backend services

Deploying Applications on AWS

What API Gateway does

API Gateway as a managed front door: web and mobile clients route through a central gateway with routing, auth, throttling, and transformation features to Lambda, HTTP endpoints, and AWS services

  • A fully managed front door for your APIs
  • Handles routing, auth, throttling, and transformation
  • Sits between clients and your backend
  • Backends: Lambda, HTTP endpoints, or AWS services
Deploying Applications on AWS

Integration types

  • Lambda proxy: passes the whole request to Lambda
  • Lambda non-proxy: you map request and response fields
  • HTTP: forwards to an HTTP backend
  • MOCK: returns a response with no backend at all

Four API Gateway integration types: Lambda proxy passing full request, Lambda non-proxy using mapping templates, HTTP forwarding to an endpoint, and MOCK returning a static response

Deploying Applications on AWS

Request and response transformations

  • Mapping templates reshape payloads with VTL
  • Velocity Template Language transforms body, headers, params
  • Request mapping: client format to backend format
  • Response mapping: backend format to client format

VTL mapping template flow: client payload transformed by request template before reaching the backend, then backend response transformed by response template before returning to the client

Deploying Applications on AWS

Request validation

Request validation modes: validate body against JSON schema, validate required query and header parameters, or validate both before the Lambda backend is invoked

  • Reject bad input before it reaches the backend
  • Required parameters: headers, query strings, paths
  • Model schemas: validate the JSON body shape
  • Validate body, parameters, or both
Deploying Applications on AWS

Status codes and error contracts

  • Override backend status codes for a consistent contract
  • Map a backend 502 to a clean 503 for clients
  • Gateway responses: customize error bodies
  • Clients get predictable errors regardless of backend

Full API Gateway request lifecycle: validation rejects bad input at the gate, mapping template reshapes valid input for the backend, response template formats the output into a consistent client contract

Deploying Applications on AWS

Putting it together

  • Client request → validation → transformation → backend
  • Bad input rejected at the gate
  • Good input reshaped for the backend
  • Backend response reshaped into the client contract

Full API Gateway request lifecycle: validation rejects bad input at the gate, mapping template reshapes valid input for the backend, response template formats the output into a consistent client contract

Deploying Applications on AWS

Let's practice!

Deploying Applications on AWS

Preparing Video For Download...