REST APIĀ – Network Design – ANS-C01 Study Guide

REST API

REST stands for Representational State Transfer. The REST architecture, or RESTful API, is a well-defined schema that allows dissimilar devices and services to interact with each other. The REST API makes calls to the API gateway, which, in turn, proxies the request to backend services in any format required.

The REST API’s main elements are a client that is the software that makes the request, the server (or gateway) that is the access point to the data, and the resource that is the content or data being requested such as an image, data file, or video clip.

The REST requests include the HTTP method (GET, PUT, POST, or DELETE) endpoint information that is in a URL format that is the pointer to where the resource is located on the Internet, the headers, and the body of information. The headers contain data about the request such as authentication information, the IP address, or the name of the computer where the data is located and formatting information. The body contains information to the servers such as what data you are requesting and if you want to add or replace it.

HTTP API

An updated version of the REST API was created by AWS in 2019 and is known as the HTTP API; it is now a standard option of the service. The REST and HTTP APIs are both RESTful services, with the HTTP API available at a lower cost with a more limited feature set than the REST version. The HTTP APIs are commonly used for Lambda and HTTP back ends. The HTTP APIs include native support of the OpenID connect OAuth 2.0 authorization methods. CORS and automatic deployment are also included in the service.

WebSocket Protocol

WebSocket support for API Gateway adds the ability to use persistent connection APIs for bidirectional real-time streaming, chat, financial trading, collaboration, or multiplayer gaming applications. Services supported include Lambda, HTTP, and many AWS services that require either bidirectional, stateful, or streaming data. A single WebSocket API call is established, and not only is data sent to the application, the application can stream voice and video back to the requester over the same connection without the browser having to first make the request. WebSocket URLs are identified with WSS:// and support encryption for data in transit.

API Gateway Configuration

In the AWS console or using the CLI, you define a container for the API you are creating. Resources are configured, and for each, you select an HTTP method such as GET, PUT, POST, PATCH, or DELETE. Security is then configured. The next step is to define the backend target and how to communicate with its interface. Targets can be any type of service such as DynamoDB, RDS, EC2, Lambda, etc. The API request from the client to the services and its response can be transformed between data formats as required.

The service supports HTTPS and uses its own domain name for all requests. However, you can also use your own domain name if desired. AWS Security Manager is supported, and SSL/TLS certificates are included at no additional cost.

External APIs can be imported into the gateway with support for the OpenAPI/Swagger format. OpenAPI (OAS) was originally called Swagger and was OpenAPI version 2. It was superseded by version 3 and is now only called OpenAPI. OpenAPI is a standard interface specification for the RESTful API that defines what the API structure is. The specification defines the formats for endpoints, operations such as GET and PUT, both input and output parameters, and authentication. It also describes the API’s contact information, licensing, and terms of use. The data format is either YAML or JSON, which makes it rather easy to understand by us humans. To migrate your APIs into and out of API gateway, you can generate OpenAPI output code or import it in either JSON or YAML format. Both operations are completed in the API Gateway console or CLI with various options to add extensions for AWS or Postman formats.

After you complete your API Gateway configurations, they will not take effect until you select Deploy API from the pull-down menu to activate it.