Q
Manage Learn to apply best practices and optimize your operations.

What are the benefits of the Amazon API Gateway tool for AWS?

Can the new Amazon API Gateway help make the AWS public cloud networks more secure? Expert Dan Sullivan examines how this new tool can benefit enterprises.

The new Amazon API Gateway tool for AWS was recently introduced. Are there security benefits to using these types...

of API gateway tools? Would certain enterprise cloud environments benefit more from their implementation?

Application program interfaces are standard features of distributed applications, but they present significant overhead from a security perspective. An API is like the front door of an application, and it is facing the Internet. An API gateway service is a good idea for anyone who would rather add product functionality than spend time locking down their API.

Although the Amazon API Gateway tool is new, developers have had options from Microsoft Azure and third parties, such as Apigee, CA API Management and Mashery. These services offer a range of capabilities not limited to security, such as the ability to set rate limits and quotas, throttle users that exceed quotas, consolidate multiple application services into a single management system, and provide analytics reporting. Authentication and authorization services are especially important selling points of API management systems, at least to the infosec team.

Amazon's API Gateway is new, and like many AWS services, should be considered a first version with additional features to come later. Even if the Amazon API Gateway never reaches feature parity with third-party API gateway providers, it offers a singular advantage: It integrates with the AWS ecosystem.

API Gateway integrates with AWS's Identity and Access Management (IAM) and Cognito to provide authentication and authorization services. Organizations that already use IAM can leverage their existing users, groups and privilege assignments. For applications that depend on OAuth or OpenID, the API Gateway can integrate with back-end services for authentication.

The gateway service integrates with CloudWatch, Amazon's performance management service that can also help identify potential security issues, such as excessive numbers of calls or other suspicious activity. Amazon also offers CloudTrail for logging API calls to the standard logging service in AWS. There is also a service for generating API keys. The API keys are included in logging information to enable tracking users of the API.

Next Steps

Find out how to assess cloud API security risks

Take a closer look at Amazon's AWS cloud platform

Read more on criteria for choosing a public cloud platform

Take this quiz on API codes, RESTful APIs and more.

This was last published in January 2016

Dig Deeper on Cloud Computing Frameworks and Standards

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How would you put an API gateway to use in your organization?
Cancel
API Gateway plays a significant role in working with AWS Lambda for serverless applications. 
Cancel

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly

Close