# What is Amazon API Gateway?
What is Amazon API Gateway?
Amazon API Gateway is an AWS service for creating, publishing, maintaining, monitoring, and securing REST, HTTP, and WebSocket APIs at any scale. API developers can create APIs that access AWS or other web services, as well as data stored in the [AWS Cloud](https://aws.amazon.com/what-is-cloud-computing/). As an API Gateway API developer, you can create APIs for use in your own client applications. Or you can make your APIs available to third-party app developers. For more information, see [Who uses API Gateway?](api-gateway-overview-developer-experience.md#apigateway-who-uses-api-gateway).
API Gateway creates RESTful APIs that:
+ Are HTTP-based.
+ Enable stateless client-server communication.
+ Implement standard HTTP methods such as GET, POST, PUT, PATCH, and DELETE.
For more information about API Gateway REST APIs and HTTP APIs, see [Choose between REST APIs and HTTP APIs](http-api-vs-rest.md), [API Gateway HTTP APIs](http-api.md), [Use API Gateway to create REST APIs](api-gateway-overview-developer-experience.md#api-gateway-overview-rest), and [Develop REST APIs in API Gateway](rest-api-develop.md).
API Gateway creates WebSocket APIs that:
+ Adhere to the [WebSocket](https://datatracker.ietf.org/doc/html/rfc6455) protocol, which enables stateful, full-duplex communication between client and server.
+ Route incoming messages based on message content.
For more information about API Gateway WebSocket APIs, see [Use API Gateway to create WebSocket APIs](api-gateway-overview-developer-experience.md#api-gateway-overview-websocket) and [Overview of WebSocket APIs in API Gateway](apigateway-websocket-api-overview.md).
**Topics**
+ [
## Architecture of API Gateway
](#api-gateway-overview-aws-backbone)
+ [
## Features of API Gateway
](#api-gateway-overview-features)
+ [
# API Gateway use cases
](api-gateway-overview-developer-experience.md)
+ [
## Accessing API Gateway
](#introduction-accessing-apigateway)
+ [
## Part of AWS serverless infrastructure
](#api-gateway-overview-a-serverless-pillar)
+ [
## How to get started with Amazon API Gateway
](#welcome-how-to-get-started)
+ [
# Amazon API Gateway concepts
](api-gateway-basic-concept.md)
+ [
# Choose between REST APIs and HTTP APIs
](http-api-vs-rest.md)
+ [
# Get started with the REST API console
](getting-started-rest-new-console.md)
## Architecture of API Gateway
The following diagram shows API Gateway architecture.
![\[API Gateway architecture diagram\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/Product-Page-Diagram_Amazon-API-Gateway-How-Works.png)
This diagram illustrates how the APIs you build in Amazon API Gateway provide you or your developer customers with an integrated and consistent developer experience for building AWS serverless applications. API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls. These tasks include traffic management, authorization and access control, monitoring, and API version management.
API Gateway acts as a "front door" for applications to access data, business logic, or functionality from your backend services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, any web application, or real-time communication applications.
## Features of API Gateway
Amazon API Gateway offers features such as the following:
+ Support for stateful ([WebSocket](apigateway-websocket-api.md)) and stateless ([HTTP](http-api.md) and [REST](apigateway-rest-api.md)) APIs.
+ Powerful, flexible [authentication](apigateway-control-access-to-api.md) mechanisms, such as AWS Identity and Access Management policies, Lambda authorizer functions, and Amazon Cognito user pools.
+ [Canary release deployments](canary-release.md) for safely rolling out changes.
+ [CloudTrail](cloudtrail.md) logging and monitoring of API usage and API changes.
+ CloudWatch access logging and execution logging, including the ability to set alarms. For more information, see [Monitor REST API execution with Amazon CloudWatch metrics](monitoring-cloudwatch.md) and [Monitor WebSocket API execution with CloudWatch metrics](apigateway-websocket-api-logging.md).
+ Ability to use CloudFormation templates to enable API creation. For more information, see [Amazon API Gateway Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_ApiGateway.html) and [Amazon API Gateway V2 Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_ApiGatewayV2.html).
+ Support for [custom domain names](how-to-custom-domains.md).
+ Integration with [AWS WAF](apigateway-control-access-aws-waf.md) for protecting your APIs against common web exploits.
+ Integration with [AWS X-Ray](apigateway-xray.md) for understanding and triaging performance latencies.
For a complete list of API Gateway feature releases, see [Document history](history.md).
# API Gateway use cases
The following use cases section presents an overview of the different types of API Gateway APIs and the different kinds of developers who use API Gateway. For more detailed information about the difference between REST APIs and HTTP APIs, see [Choose between REST APIs and HTTP APIs](http-api-vs-rest.md).
**Topics**
+ [
## Use API Gateway to create REST APIs
](#api-gateway-overview-rest)
+ [
## Use API Gateway to create HTTP APIs
](#api-gateway-overview-http)
+ [
## Use API Gateway to create WebSocket APIs
](#api-gateway-overview-websocket)
+ [
## Who uses API Gateway?
](#apigateway-who-uses-api-gateway)
## Use API Gateway to create REST APIs
An API Gateway REST API is made up of resources and methods. A resource is a logical entity that an app can access through a resource path. A method corresponds to a REST API request that is submitted by the user of your API and the response returned to the user.
For example, `/incomes` could be the path of a resource representing the income of the app user. A resource can have one or more operations that are defined by appropriate HTTP verbs such as GET, POST, PUT, PATCH, and DELETE. A combination of a resource path and an operation identifies a method of the API. For example, a `POST /incomes` method could add an income earned by the caller, and a `GET /expenses` method could query the reported expenses incurred by the caller.
The app doesn't need to know where the requested data is stored and fetched from on the backend. In API Gateway REST APIs, the frontend is encapsulated by *method requests* and *method responses*. The API interfaces with the backend by means of *integration requests* and *integration responses*.
For example, with DynamoDB as the backend, the API developer sets up the integration request to forward the incoming method request to the chosen backend. The setup includes specifications of an appropriate DynamoDB action, required IAM role and policies, and required input data transformation. The backend returns the result to API Gateway as an integration response.
To route the integration response to an appropriate method response (of a given HTTP status code) to the client, you can configure the integration response to map required response parameters from integration to method. You then translate the output data format of the backend to that of the frontend, if necessary. API Gateway enables you to define a schema or model for the [payload ](https://en.wikipedia.org/wiki/Payload_(computing)) to facilitate setting up the body mapping template.
API Gateway provides REST API management functionality such as the following:
+ Support for generating SDKs and creating API documentation using API Gateway extensions to OpenAPI
+ Throttling of HTTP requests
## Use API Gateway to create HTTP APIs
HTTP APIs enable you to create RESTful APIs with lower latency and lower cost than REST APIs.
You can use HTTP APIs to send requests to AWS Lambda functions or to any publicly routable HTTP endpoint.
For example, you can create an HTTP API that integrates with a Lambda function on the backend. When a client calls your API, API Gateway sends the request to the Lambda function and returns the function's response to the client.
HTTP APIs support [OpenID Connect](https://openid.net/developers/how-connect-works/) and [OAuth 2.0](https://oauth.net/2/) authorization. They come with built-in support for cross-origin resource sharing (CORS) and automatic deployments.
To learn more, see [Choose between REST APIs and HTTP APIs](http-api-vs-rest.md).
## Use API Gateway to create WebSocket APIs
In a WebSocket API, the client and the server can both send messages to each other at any time. Backend servers can easily push data to connected users and devices, avoiding the need to implement complex polling mechanisms.
For example, you could build a serverless application using an API Gateway WebSocket API and AWS Lambda to send and receive messages to and from individual users or groups of users in a chat room. Or you could invoke backend services such as AWS Lambda, Amazon Kinesis, or an HTTP endpoint based on message content.
You can use API Gateway WebSocket APIs to build secure, real-time communication applications without having to provision or manage any servers to manage connections or large-scale data exchanges. Targeted use cases include real-time applications such as the following:
+ Chat applications
+ Real-time dashboards such as stock tickers
+ Real-time alerts and notifications
API Gateway provides WebSocket API management functionality such as the following:
+ Monitoring and throttling of connections and messages
+ Using AWS X-Ray to trace messages as they travel through the APIs to backend services
+ Easy integration with HTTP/HTTPS endpoints
## Who uses API Gateway?
There are two kinds of developers who use API Gateway: API developers and app developers.
An API developer creates and deploys an API to enable the required functionality in API Gateway. The API developer must be a user in the AWS account that owns the API.
An app developer builds a functioning application to call AWS services by invoking a WebSocket or REST API created by an API developer in API Gateway.
The app developer is the customer of the API developer. The app developer doesn't need to have an AWS account, provided that the API either doesn't require IAM permissions or supports authorization of users through third-party federated identity providers supported by [Amazon Cognito user pool identity federation](https://docs.aws.amazon.com/cognito/latest/developerguide/). Such identity providers include Amazon, Amazon Cognito user pools, Facebook, and Google.
### Creating and managing an API Gateway API
An API developer works with the API Gateway service component for API management, named `apigateway`, to create, configure, and deploy an API.
As an API developer, you can create and manage an API by using the API Gateway console, described in [Get started with API Gateway](getting-started.md), or by calling the [API references](api-ref.md). There are several ways to call this API. They include using the AWS Command Line Interface (AWS CLI), or by using an AWS SDK. In addition, you can enable API creation with [AWS CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-reference.html) or (in the case of REST APIs and HTTP APIs) [OpenAPI extensions for API Gateway](api-gateway-swagger-extensions.md).
For a list of Regions where API Gateway is available, as well as the associated control service endpoints, see [Amazon API Gateway Endpoints and Quotas](https://docs.aws.amazon.com/general/latest/gr/apigateway.html).
### Calling an API Gateway API
An app developer works with the API Gateway service component for API execution, named `execute-api`, to invoke an API that was created or deployed in API Gateway. The underlying programming entities are exposed by the created API. There are several ways to call such an API. To learn more, see [Invoke REST APIs in API Gateway](how-to-call-api.md) and [Invoke WebSocket APIs](apigateway-how-to-call-websocket-api.md).
## Accessing API Gateway
You can access Amazon API Gateway in the following ways:
+ **AWS Management Console** – The AWS Management Console provides a web interface for creating and managing APIs. After you complete the steps in [Set up to use API Gateway](setting-up.md), you can access the API Gateway console at [https://console.aws.amazon.com/apigateway](https://console.aws.amazon.com/apigateway).
+ **AWS SDKs** – If you're using a programming language that AWS provides an SDK for, you can use an SDK to access API Gateway. SDKs simplify authentication, integrate easily with your development environment, and provide access to API Gateway commands. For more information, see [Tools for Amazon Web Services](https://aws.amazon.com/developer/tools/).
+ **API Gateway V1 and V2 APIs** – If you're using a programming language that an SDK isn't available for, see the [Amazon API Gateway Version 1 API Reference](https://docs.aws.amazon.com/apigateway/latest/api/API_Operations.html) and [Amazon API Gateway Version 2 API Reference](https://docs.aws.amazon.com/apigatewayv2/latest/api-reference/api-reference.html).
+ **AWS Command Line Interface** – For more information, see [Getting Set Up with the AWS Command Line Interface](https://docs.aws.amazon.com/cli/latest/userguide/) in the *AWS Command Line Interface User Guide*.
+ **AWS Tools for Windows PowerShell** – For more information, see [Setting Up the AWS Tools for Windows PowerShell](https://docs.aws.amazon.com/powershell/latest/userguide/) in the *AWS Tools for PowerShell User Guide*.
## Part of AWS serverless infrastructure
Together with [AWS Lambda](https://docs.aws.amazon.com/lambda/latest/dg/), API Gateway forms the app-facing part of the AWS serverless infrastructure. To learn more about getting started with serverless, see the [Serverless Developer Guide](https://docs.aws.amazon.com/serverless/latest/devguide/welcome.html).
For an app to call publicly available AWS services, you can use Lambda to interact with required services and expose Lambda functions through API methods in API Gateway. AWS Lambda runs your code on a highly available computing infrastructure. It performs the necessary execution and administration of computing resources. To enable serverless applications, API Gateway supports [streamlined proxy integrations](api-gateway-set-up-simple-proxy.md) with AWS Lambda and HTTP endpoints.
## How to get started with Amazon API Gateway
For an introduction to Amazon API Gateway, see the following:
+ [Get started with API Gateway](getting-started.md), which provides a walkthrough for creating an HTTP API.
+ [Serverless land](https://serverlessland.com/video?tag=Amazon%20API%20Gateway), which provides instructional videos.
+ [Happy Little API Shorts](https://www.youtube.com/playlist?list=PLJo-rJlep0EDFw7t0-IBHffVYKcPMDXHY), which is a series of brief instructional videos.
# Amazon API Gateway concepts
API Gateway concepts
The following section describes introductory concepts for using API Gateway.
**API Gateway**
API Gateway is an AWS service that supports the following:
+ Creating, deploying, and managing a [RESTful](https://en.wikipedia.org/wiki/Representational_state_transfer) application programming interface (API) to expose backend HTTP endpoints, AWS Lambda functions, or other AWS services.
+ Creating, deploying, and managing a [WebSocket](https://datatracker.ietf.org/doc/html/rfc6455) API to expose AWS Lambda functions or other AWS services.
+ Invoking exposed API methods through the frontend HTTP and WebSocket endpoints.
**API Gateway REST API**
A collection of HTTP resources and methods that are integrated with backend HTTP endpoints, Lambda functions, or other AWS services. You can deploy this collection in one or more stages. Typically, API resources are organized in a resource tree according to the application logic. Each API resource can expose one or more API methods that have unique HTTP verbs supported by API Gateway. For more information, see [Choose between REST APIs and HTTP APIs](http-api-vs-rest.md).
**API Gateway HTTP API**
A collection of routes and methods that are integrated with backend HTTP endpoints or Lambda functions. You can deploy this collection in one or more stages. Each route can expose one or more API methods that have unique HTTP verbs supported by API Gateway. For more information, see [Choose between REST APIs and HTTP APIs](http-api-vs-rest.md).
**API Gateway WebSocket API**
A collection of WebSocket routes and route keys that are integrated with backend HTTP endpoints, Lambda functions, or other AWS services. You can deploy this collection in one or more stages. API methods are invoked through frontend WebSocket connections that you can associate with a registered custom domain name.
**API deployment**
A point-in-time snapshot of your API Gateway API. To be available for clients to use, the deployment must be associated with one or more API stages.
**API developer**
Your AWS account that owns an API Gateway deployment (for example, a service provider that also supports programmatic access).
**API endpoint**
A hostname for an API in API Gateway that is deployed to a specific Region. The hostname is of the form `{api-id}.execute-api.{region}.amazonaws.com`. The following types of API endpoints are supported:
+ [Edge-optimized API endpoint](#apigateway-definition-edge-optimized-api-endpoint)
+ [Private API endpoint](#apigateway-definition-private-api-endpoint)
+ [Regional API endpoint](#apigateway-definition-regional-api-endpoint)
**API key**
An alphanumeric string that API Gateway uses to identify an app developer who uses your REST or WebSocket API. API Gateway can generate API keys on your behalf, or you can import them from a CSV file. You can use API keys together with [Lambda authorizers](apigateway-use-lambda-authorizer.md) or [usage plans](api-gateway-api-usage-plans.md) to control access to your APIs.
See [API endpoints](#apigateway-definition-api-endpoints).
**API owner**
See [API developer](#apigateway-definition-api-developer).
**API stage**
A logical reference to a lifecycle state of your API (for example, 'dev', 'prod', 'beta', 'v2'). API stages are identified by API ID and stage name.
**App developer**
An app creator who may or may not have an AWS account and interacts with the API that you, the API developer, have deployed. App developers are your customers. An app developer is typically identified by an [API key](#apigateway-definition-api-key).
**Callback URL**
When a new client is connected to through a WebSocket connection, you can call an integration in API Gateway to store the client's callback URL. You can then use that callback URL to send messages to the client from the backend system.
**Developer portal**
An application where API providers can share their APIs and API documentation to API consumers. APIs are grouped into products, which are a collection of REST API endpoints, API documentation, and supplemental product documentation.
See [API Gateway portals](apigateway-portals.md).
**Edge-optimized API endpoint**
The default hostname of an API Gateway API that is deployed to the specified Region while using a CloudFront distribution to facilitate client access typically from across AWS Regions. API requests are routed to the nearest CloudFront Point of Presence (POP), which typically improves connection time for geographically diverse clients.
See [API endpoints](#apigateway-definition-api-endpoints).
**Integration request**
The internal interface of a WebSocket API route or REST API method in API Gateway, in which you map the body of a route request or the parameters and body of a method request to the formats required by the backend.
**Integration response**
The internal interface of a WebSocket API route or REST API method in API Gateway, in which you map the status codes, headers, and payload that are received from the backend to the response format that is returned to a client app.
**Mapping template**
A script in [Velocity Template Language (VTL)](https://velocity.apache.org/engine/devel/vtl-reference.html) that transforms a request body from the frontend data format to the backend data format, or that transforms a response body from the backend data format to the frontend data format. Mapping templates can be specified in the integration request or in the integration response. They can reference data made available at runtime as context and stage variables.
The mapping can be as simple as an [identity transform](https://en.wikipedia.org/wiki/Identity_transform) that passes the headers or body through the integration as-is from the client to the backend for a request. The same is true for a response, in which the payload is passed from the backend to the client.
**Method request**
The public interface of an API method in API Gateway that defines the parameters and body that an app developer must send in requests to access the backend through the API.
**Method response**
The public interface of a REST API that defines the status codes, headers, and body models that an app developer should expect in responses from the API.
**Mock integration**
In a mock integration, API responses are generated from API Gateway directly, without the need for an integration backend. As an API developer, you decide how API Gateway responds to a mock integration request. For this, you configure the method's integration request and integration response to associate a response with a given status code.
**Model**
A data schema specifying the data structure of a request or response payload. A model is required for generating a strongly typed SDK of an API. It is also used to validate payloads. A model is convenient for generating a sample mapping template to initiate creation of a production mapping template. Although useful, a model is not required for creating a mapping template.
**Portal**
See [Developer portal](#apigateway-definition-developer-portal).
**Portal Product**
A service or functionality that you want to share. Your portal product is a collection of product REST endpoints and product pages. Product REST endpoints are the access points to your portal product, and they consist of the path and method of a REST API and the stage it's deployed to. Product pages are documentation that you provide to explain how API consumers can use your product endpoints. You can share products across AWS accounts to add them to portals.
See [Create a product](apigateway-portals-create-portal-product.md).
**Private API**
See [Private API endpoint](#apigateway-definition-private-api).
**Private API endpoint**
An API endpoint that is exposed through interface VPC endpoints and allows a client to securely access private API resources inside a VPC. Private APIs are isolated from the public internet, and they can only be accessed using VPC endpoints for API Gateway that have been granted access.
**Private integration**
An API Gateway integration type for a client to access resources inside a customer's VPC through a private REST API endpoint without exposing the resources to the public internet.
**Proxy integration**
A simplified API Gateway integration configuration. You can set up a proxy integration as an HTTP proxy integration or a Lambda proxy integration.
For HTTP proxy integration, API Gateway passes the entire request and response between the frontend and an HTTP backend. For Lambda proxy integration, API Gateway sends the entire request as input to a backend Lambda function. API Gateway then transforms the Lambda function output to a frontend HTTP response.
In REST APIs, proxy integration is most commonly used with a proxy resource, which is represented by a greedy path variable (for example, `{proxy+}`) combined with a catch-all `ANY` method.
**Quick create**
You can use quick create to simplify creating an HTTP API. Quick create creates an API with a Lambda or HTTP integration, a default catch-all route, and a default stage that is configured to automatically deploy changes. For more information, see [Create an HTTP API by using the AWS CLI](http-api-develop.md#http-api-examples.cli.quick-create).
**Regional API endpoint**
The host name of an API that is deployed to the specified Region and intended to serve clients, such as EC2 instances, in the same AWS Region. API requests are targeted directly to the Region-specific API Gateway API without going through any CloudFront distribution. For in-Region requests, a Regional endpoint bypasses the unnecessary round trip to a CloudFront distribution.
In addition, you can apply [latency-based routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-latency) on Regional endpoints to deploy an API to multiple Regions using the same Regional API endpoint configuration, set the same custom domain name for each deployed API, and configure latency-based DNS records in Route 53 to route client requests to the Region that has the lowest latency.
See [API endpoints](#apigateway-definition-api-endpoints).
**Route**
A WebSocket route in API Gateway is used to direct incoming messages to a specific integration, such as an AWS Lambda function, based on the content of the message. When you define your WebSocket API, you specify a route key and an integration backend. The route key is an attribute in the message body. When the route key is matched in an incoming message, the integration backend is invoked.
A default route can also be set for non-matching route keys or to specify a proxy model that passes the message through as-is to backend components that perform the routing and process the request.
**Route request**
The public interface of a WebSocket API method in API Gateway that defines the body that an app developer must send in the requests to access the backend through the API.
**Route response**
The public interface of a WebSocket API that defines the status codes, headers, and body models that an app developer should expect from API Gateway.
**Usage plan**
A [usage plan](api-gateway-api-usage-plans.md) provides selected API clients with access to one or more deployed REST or WebSocket APIs. You can use a usage plan to configure throttling and quota limits, which are enforced on individual client API keys.
**WebSocket connection**
API Gateway maintains a persistent connection between clients and API Gateway itself. There is no persistent connection between API Gateway and backend integrations such as Lambda functions. Backend services are invoked as needed, based on the content of messages received from clients.
# Choose between REST APIs and HTTP APIs
Choose between REST APIs and HTTP APIs
REST APIs and HTTP APIs are both RESTful API products. REST APIs support more features than HTTP APIs, while HTTP APIs are designed with minimal features so that they can be offered at a lower price. Choose REST APIs if you need features such as API keys, per-client throttling, request validation, AWS WAF integration, or private API endpoints. Choose HTTP APIs if you don't need the features included with REST APIs.
The following sections summarize core features that are available in REST APIs and HTTP APIs. When necessary, additional links are provided to navigate between the REST API and HTTP API sections of the API Gateway Developer Guide.
## Endpoint type
The endpoint type refers to the endpoint that API Gateway creates for your API. For more information, see [API endpoint types for REST APIs in API Gateway](api-gateway-api-endpoint-types.md).
| Endpoint types | REST API | HTTP API |
| --- | --- | --- |
| [Edge-optimized](api-gateway-api-endpoint-types.md#api-gateway-api-endpoint-types-edge-optimized) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Regional](api-gateway-api-endpoint-types.md#api-gateway-api-endpoint-types-regional) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes |
| [Private](api-gateway-api-endpoint-types.md#api-gateway-api-endpoint-types-private) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
## Security
API Gateway provides a number of ways to protect your API from certain threats, like malicious actors or spikes in traffic. To learn more, see [Protect your REST APIs in API Gateway](rest-api-protect.md) and [Protect your HTTP APIs in API Gateway](http-api-protect.md).
| Security features | REST API | HTTP API |
| --- | --- | --- |
| [Mutual TLS authentication](rest-api-mutual-tls.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](rest-api-mutual-tls.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-mutual-tls.md) |
| [Certificates for backend authentication](getting-started-client-side-ssl-authentication.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [AWS WAF](apigateway-control-access-aws-waf.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
## Authorization
API Gateway supports multiple mechanisms for controlling and managing access to your API. For more information, see [Control and manage access to REST APIs in API Gateway](apigateway-control-access-to-api.md) and [Control and manage access to HTTP APIs in API Gateway](http-api-access-control.md).
| Authorization options | REST API | HTTP API |
| --- | --- | --- |
| [IAM](permissions.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](permissions.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-access-control-iam.md) |
| [Resource policies](apigateway-resource-policies.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Amazon Cognito](apigateway-integrate-with-cognito.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes 1 |
| [Custom authorization with an AWS Lambda function](apigateway-use-lambda-authorizer.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](apigateway-use-lambda-authorizer.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-lambda-authorizer.md) |
| [JSON Web Token (JWT)](http-api-jwt-authorizer.md) 2 | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes |
1 You can use Amazon Cognito with a [JWT authorizer](http-api-jwt-authorizer.md).
2 You can use a [Lambda authorizer](apigateway-use-lambda-authorizer.md) to validate JWTs for REST APIs.
## API management
Choose REST APIs if you need API management capabilities such as API keys and per-client rate limiting. For more information, see [Distribute your REST APIs to clients in API Gateway](rest-api-distribute.md), [Custom domain name for public REST APIs in API Gateway](how-to-custom-domains.md), and [Custom domain names for HTTP APIs in API Gateway](http-api-custom-domain-names.md).
| Features | REST API | HTTP API |
| --- | --- | --- |
| [Custom domains](how-to-custom-domains.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](how-to-custom-domains.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-custom-domain-names.md) |
| [API keys](api-gateway-api-usage-plans.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Per-client rate limiting](api-gateway-request-throttling.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Per-client usage throttling](api-gateway-api-usage-plans.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Developer portal](apigateway-portals.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
## Development
As you're developing your API Gateway API, you decide on a number of characteristics of your API. These characteristics depend on the use case of your API. For more information see [Develop REST APIs in API Gateway](rest-api-develop.md) and [Develop HTTP APIs in API Gateway](http-api-develop.md).
| Features | REST API | HTTP API |
| --- | --- | --- |
| [CORS configuration](how-to-cors.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](how-to-cors.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-cors.md) |
| [Test invocations](how-to-test-method.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Caching](api-gateway-caching.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [User-controlled deployments](how-to-deploy-api.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](how-to-deploy-api.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-stages.md) |
| [Automatic deployments](http-api-stages.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes |
| [Custom gateway responses](api-gateway-gatewayResponse-definition.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Canary release deployments](canary-release.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Request validation](api-gateway-method-request-validation.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Request parameter transformation](rest-api-data-transformations.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](rest-api-data-transformations.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-parameter-mapping.md) |
| [Request body transformation](rest-api-data-transformations.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
## Monitoring
API Gateway supports several options to log API requests and monitor your APIs. For more information, see [Monitor REST APIs in API Gateway](rest-api-monitor.md) and [Monitor HTTP APIs in API Gateway](http-api-monitor.md).
| Feature | REST API | HTTP API |
| --- | --- | --- |
| [Amazon CloudWatch metrics](monitoring-cloudwatch.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](monitoring-cloudwatch.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-metrics.md) |
| [Access logs to CloudWatch Logs](set-up-logging.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](set-up-logging.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-logging.md) |
| [Access logs to Amazon Data Firehose](apigateway-logging-to-kinesis.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Execution logs](set-up-logging.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [AWS X-Ray tracing](apigateway-xray.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
## Integrations
Integrations connect your API Gateway API to backend resources. For more information, see [Integrations for REST APIs in API Gateway](how-to-integration-settings.md) and [Create integrations for HTTP APIs in API Gateway](http-api-develop-integrations.md).
| Feature | REST API | HTTP API |
| --- | --- | --- |
| [Public HTTP endpoints](setup-http-integrations.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](setup-http-integrations.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-develop-integrations-http.md) |
| [AWS services](api-gateway-api-integration-types.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](api-gateway-api-integration-types.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-develop-integrations-aws-services.md) |
| [AWS Lambda functions](set-up-lambda-integrations.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](set-up-lambda-integrations.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-develop-integrations-lambda.md) |
| [Private integrations with Network Load Balancers](set-up-private-integration.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](set-up-private-integration.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](http-api-develop-integrations-private.md) |
| [Private integrations with Application Load Balancers](http-api-develop-integrations-private.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) [Yes](set-up-private-integration.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes |
| [Private integrations with AWS Cloud Map](http-api-develop-integrations-private.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes |
| [Mock integrations](how-to-mock-integration.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
| [Response streaming](response-transfer-mode.md) | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/success_icon.svg) Yes | ![\[alt text not found\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/negative_icon.svg) No |
# Get started with the REST API console
In this getting started exercise, you create a serverless REST API using the API Gateway REST API console. Serverless APIs let you focus on your applications instead of spending your time provisioning and managing servers. This exercise should take less than 20 minutes to complete, and is possible within the [AWS Free Tier](https://aws.amazon.com/free/).
First, you create a Lambda function using the Lambda console. Next, you create a REST API using the API Gateway REST API console. Then, you create an API method and integrate it with a Lambda function using a Lambda proxy integration. Finally, you deploy and invoke your API.
When you invoke your REST API, API Gateway routes the request to your Lambda function. Lambda runs the function and returns a response to API Gateway. API Gateway then returns that response to you.
![\[Overview of the REST API you create in this tutorial.\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/getting-started-overview-rest.png)
To complete this exercise, you need an AWS account and an AWS Identity and Access Management (IAM) user with console access. For more information, see [Set up to use API Gateway](setting-up.md).
**Topics**
+ [
## Step 1: Create a Lambda function
](#getting-started-rest-new-console-create-function)
+ [
## Step 2: Create a REST API
](#getting-started-rest-new-console-create-api)
+ [
## Step 3: Create a Lambda proxy integration
](#getting-started-rest-new-console-create-integration)
+ [
## Step 4: Deploy your API
](#getting-started-rest-new-console-deploy)
+ [
## Step 5: Invoke your API
](#getting-started-rest-new-console-invoke-api)
+ [
## (Optional) Step 6: Clean up
](#getting-started-cleanup-rest)
## Step 1: Create a Lambda function
You use a Lambda function for the backend of your API. Lambda runs your code only when needed and scales automatically, from a few requests per day to thousands per second.
For this exercise, you use a default Node.js function in the Lambda console.
**To create a Lambda function**
1. Sign in to the Lambda console at [https://console.aws.amazon.com/lambda](https://console.aws.amazon.com/lambda).
1. Choose **Create function**.
1. Under **Basic information**, for **Function name**, enter **my-function**.
1. For all other options, use the default setting.
1. Choose **Create function**.
The default Lambda function code should look similar to the following:
```
export const handler = async (event) => {
const response = {
statusCode: 200,
body: JSON.stringify('The API Gateway REST API console is great!'),
};
return response;
};
```
You can modify your Lambda function for this exercise, as long as the function's response aligns with the [format that API Gateway requires](set-up-lambda-proxy-integrations.md#api-gateway-simple-proxy-for-lambda-output-format).
Replace the default response body (`Hello from Lambda!`) with `The API Gateway REST API console is great!`. When you invoke the example function, it returns a `200` response to clients, along with the updated response.
## Step 2: Create a REST API
Next, you create a REST API with a root resource (`/`).
**To create a REST API**
1. Sign in to the API Gateway console at [https://console.aws.amazon.com/apigateway](https://console.aws.amazon.com/apigateway).
1. Do one of the following:
+ To create your first API, for **REST API**, choose **Build**.
+ If you've created an API before, choose **Create API**, and then choose **Build** for **REST API**.
1. For **API name**, enter **my-rest-api**.
1. (Optional) For **Description**, enter a description.
1. Keep **API endpoint type** set to **Regional**.
1. For **IP address type**, select **IPv4**.
1. Choose **Create API**.
## Step 3: Create a Lambda proxy integration
Next, you create an API method for your REST API on the root resource (`/`) and integrate the method with your Lambda function using a proxy integration. In a Lambda proxy integration, API Gateway passes the incoming request from the client directly to the Lambda function.
**To create a Lambda proxy integration**
1. Select the `/` resource, and then choose **Create method**.
1. For **Method type**, select `ANY`.
1. For **Integration type**, select **Lambda**.
1. Turn on **Lambda proxy integration**.
1. For **Lambda function**, enter **my-function**, and then select your Lambda function.
1. Choose **Create method**.
## Step 4: Deploy your API
Next, you create an API deployment and associate it with a stage.
**To deploy your API**
1. Choose **Deploy API**.
1. For **Stage**, select **New stage**.
1. For **Stage name**, enter **Prod**.
1. (Optional) For **Description**, enter a description.
1. Choose **Deploy**.
Now clients can call your API. To test your API before deploying it, you can optionally choose the **ANY** method, navigate to the **Test** tab, and then choose **Test**.
## Step 5: Invoke your API
**To invoke your API**
1. From the main navigation pane, choose **Stage**.
1. Under **Stage details**, choose the copy icon to copy your API's invoke URL.
![\[After you create your REST API, the console shows your API's invoke URL.\]](http://docs.aws.amazon.com/apigateway/latest/developerguide/images/getting-started-rest-invoke-url.png)
1. Enter the invoke URL in a web browser.
The full URL should look like `https://abcd123.execute-api.us-east-2.amazonaws.com/Prod`.
Your browser sends a `GET` request to the API.
1. Verify your API's response. You should see the text `"The API Gateway REST API console is great!"` in your browser.
## (Optional) Step 6: Clean up
To prevent accruing unnecessary costs to your AWS account, delete the resources that you created as part of this exercise. The following steps delete your REST API, your Lambda function, and the associated resources.
**To delete your REST API**
1. In the **Resources** pane, choose **API actions**, **Delete API**.
1. In the **Delete API** dialog box, enter **confirm**, and then choose **Delete**.
**To delete your Lambda function**
1. Sign in to the Lambda console at [https://console.aws.amazon.com/lambda](https://console.aws.amazon.com/lambda).
1. On the **Functions** page, select your function. Choose **Actions**, **Delete**.
1. In the **Delete 1 functions** dialog box, enter **delete**, and then choose **Delete**.
**To delete your Lambda function's log group**
1. Open the [Log groups page](https://console.aws.amazon.com/cloudwatch/home#logs:) of the Amazon CloudWatch console.
1. On the **Log groups** page, select your function's log group (`/aws/lambda/my-function`). Then, for **Actions**, choose **Delete log group(s)**.
1. In the **Delete log group(s)** dialog box, choose **Delete**.
**To delete your Lambda function's execution role**
1. Open the [Roles page](https://console.aws.amazon.com/iam/home?#/roles) of the IAM console.
1. (Optional) On the **Roles** page, in the search box, enter **my-function**.
1. Select your function's role (for example, `my-function-31exxmpl`), and then choose **Delete**.
1. In the **Delete `my-function-31exxmpl`?** dialog box, enter the name of the role, and then choose **Delete**.
**Tip**
You can automate the creation and cleanup of AWS resources by using AWS CloudFormation or AWS Serverless Application Model (AWS SAM). For some example CloudFormation templates, see the [example templates for API Gateway](https://github.com/awsdocs/amazon-api-gateway-developer-guide/tree/main/cloudformation-templates) in the **awsdocs** GitHub repository.