[AWS security]Secure an API with Amazon API Gateway!

overview

you’ll practice several ways to secure AWS APIs with API Gateway and associated AWS ecosystem resources. When you’re finished with this lab, you’ll have a basic API secured with industry best practices.

What is API Gateway?

Fully managed service that makes it for developers to create, publish, maintain, monitor and secure APIs at any scale.

Deployment types

• Edge-optimized endpoint (use CloudFront to reduce TLS connection overhead and designed for a global scale)
• Regional endpoint (designed for the same region and can configure your own CDN and protect with WAF)
• private endpoint (securely expose your REST APIs only to other services within your VPC or connect via Direct Connect)

Structure of a REST API

Method request: For example, URL/*/GET

Integration Request: Map the request parameters of method request to the format required by the backend