I would say we are satisfied with the services provided by Amazon API Gateway to our project and to our company. We were trying API Gateway on lambdas and it helped our project to get to the milestone where we would tried to reach. We communicated lambdas to complete the micro services flow.
Pros
Business Process Agility
It can improve business outcomes in terms of revenue
Creates efficiency of services
Cons
It creates unnecessary challenges for customers
Creates confusion to set permissions
Likelihood to Recommend
Amazon API Gateway is enhanced platform for developers team to build, Quality testing, arrange and deploy API both restful and websocket based. It provides excellant integration with other services in all kind of enviorments and helps all the different teams in project lofe cycle ranging between dev, QA and UAT.
VU
Verified User
Consultant in Information Technology (1001-5000 employees)
We are using API Gateway (API GW) as an HTTP front end for internal resources including lambda functions and load-balanced web applications. Other teams are using API GW as integration for static resources.
The main problem that API GW addresses for us is providing an authorization management point for access to internal services. We can use the API keys, authorization hooks, and usage plans to really dial in who can access our applications while controlling how they access them.
Pros
Swagger integration
Rate limiting
API key management
Lambda Integration
Testing and rapid development
Cons
Client certificates are troublesome when trying to attach them to API GW stages.
Debugging across several services can be difficult when API GW is integrated with Route 53 and another service like Lambda or EC2/ELB.
Creating internal/private APIs, particularly with custom domains, can be unintuitive.
Likelihood to Recommend
API GW is great for giving access to asynchronous operations that are fast and don't need to be online all the time. Lambda functions are the classic example.
In the past, an operation that is called on via an HTTP endpoint would be implemented using a server-based solution. With high availability in place that would include a server or two and a load balancer. Over time this setup can be costly, especially if the service is not used at full capacity; cycles are wasted when the servers are sitting there waiting to respond.
If the operation can be distilled down to a function, an API GW + Lambda solution could be put in place that performs the operation as needed only when requested. Comparing the low price point for API GW requests and Lambda CPU+Memory, the savings can be night and day over the server-based implementation.
Our organization uses Amazon API Gateway to orchestrate and consolidate web service APIs across projects. It is a useful multi-purpose tool, and we use it to integrate authentication to our APIs, build out consolidated responses from different API endpoints, and to provide a single point of access to multiple web service APIs developed using a myriad of different technologies and programming languages. It also provides a great way to document and integrate web services via Swagger integrations.
Pros
Service orchestration
Response transformations
Authentication and Authorization
Request throttling
Integration with multiple types of web services
Cons
Ease of configuration
Easier integration with different AWS network schemes
Likelihood to Recommend
If you are using AWS as your primary infrastructure provider, [Amazon] API Gateway is the best gateway option for you to integrate and expose web service applications. It integrates well with security controls provided by AWS such as VPC limits and security groups. Furthermore, it is very easy to use Amazon API Gateway to provide an out-of-the-box auth solution by integrating AWS Cognito. We were able to get authentication and authorization integrated very quickly in to a large number of APIs under the same product umbrella by utilizing API Gateway's integration with Cognito. [Amazon] API Gateway is not the best solution if you're trying to build a microservices architecture, as it's service registration methodology is still quite clunky. For microservices, you'd be better off utilizing tools built specifically for that purpose.
Our team develops several APIs for multiple end-users to consume. These are both internal and external customers. Our services are behind the Amazon API Gateway. This helps in securing our APIs and also helps curtail misuse of our APIs by bad actors. Thus Amazon API Gateway is helping us a great deal as we put a lot of the administration efforts within the gateway itself instead of our code.
Pros
Amazon API Gateway is helping us a great deal as we put a lot of the administration efforts within the gateway itself instead of our code.
Very easy to create different environment set ups like dev, test and UAT.
Easy to change headers without much work from the developers.
Helps in avoiding misuse of our APIs.
Cons
The interface is a little complicated to use. It needs some training.
If there are any errors with the configurations, it would not allow to save.
Likelihood to Recommend
Amazon API Gateway is helping us a great deal as we put a lot of the administration efforts within the gateway itself instead of our code.
Amazon API Gateway is helping us to manipulate our headers both in and out as we want to keep track of additional metadata information.
We got great help from the support team at AWS to use Amazon API Gateway.
Very easy to set up different scenarios for testing, developing and doing UAT.
Amazon API Gateway has been adopted by multiple teams within our organization. It offers an intuitive easy-to-use entry point to the AWS serverless services, and has helped our team move traditional 3-tier web applications to the cloud with ease.
Pros
Support for multiple stages/environments.
Great settings for configuring routing, caching, and CORS.
Integrates well with other AWS services.
Cons
Granting permissions for accessing Lambda functions using stage variables needs to be improved.
Reminders to deploy the API after changes have been made would be helpful.
Likelihood to Recommend
It is best suited for building out the APIs for a serverless backend. It may not be the best option for Mobile backends, in which case AWS AppSync would be preferred over API Gateway.
I have been using API Gateway along with other AWS products. API Gateway provides smooth API architecture which you can easily deploy. In my company, we're using API Gateway integrated with AWS Lambda. API Gateway has mapping templates which you can use to create an event-based architecture. It also gives you the opportunity to protect your endpoints, whether your own "authorization lambda," or via X-API-Key provided from AWS. You may decide to not use an API Key. It gives you the opportunity to define HTTP request headers, query string parameters, or even define the request and response body. You can also export your API as a Postman collection or Swagger to publish it to your users. In our company, we have six different API Gateway instances working with tens of Lambdas. Each instance has a different environment, which provides you with a unique link. We are very happy with API Gateway and do not face any issues except timeout limits until now. Also, enabling CORS is pretty easy, and API Gateway provides you all of the security which makes you feel more comfortable and focus on your work.
Pros
The security provided by API Gateway is very good.
It's very easy to implement event-based architectures.
Very fast deployment, and you are good to go in minutes.
The export features, such as Postman collection or the Swagger extension, are awesome.
Cons
I think there should be another way of enabling CORS. It basically creates OPTIONS for every endpoint, which makes your API Gateway look complicated.
The integration timeout limit is 30 seconds, which limits you into that time.
API Gateway UI should be improved and should work correctly when more than two people are adding/editing endpoints.
Likelihood to Recommend
I think if your software is suitable for event-based architecture, and if you can use Lambda in your architecture, API Gateway is a must and complementary product to use. It provides you tools that you can use to build very scalable and secured endpoints. In my company, we have divided our software into domains and created API Gateway instances for each domain connected to our AWS Lambdas. This provided us better and well-organized APIs which we provide to our customers. The feedback we've received from customers is very positive, and they think that our APIs are well designed and look professional.
VU
Verified User
Engineer in Information Technology (1001-5000 employees)