2.1.2.1. API Gateway Endpoints & Integrations
2.1.2.1. API Gateway Endpoints & Integrations
First Principle: API Gateway endpoints provide public or private access to your APIs, while backend integrations connect them to your application's logic, creating a seamless and secure API surface.
Three endpoint types control how clients reach your API. Edge-optimized (the default) routes requests through CloudFront's global network ā best when clients are geographically distributed. Regional endpoints skip CloudFront, which is better when clients are in the same AWS region or when you manage your own CloudFront distribution. Private endpoints are accessible only from within your VPC, used for internal microservice communication.
The exam tests these distinctions: if a question mentions "clients worldwide," think edge-optimized. If it mentions "internal services" or "VPC only," think private.
- Lambda integration: Invokes an AWS Lambda function directly. The most common integration for serverless APIs.
- HTTP integration: Forwards requests to any publicly accessible HTTP endpoint (e.g., an EC2 instance or on-premises server).
- AWS service integration: Directly invokes other AWS services like DynamoDB or SQS.
Scenario: You are developing a public-facing REST API for a mobile application that needs to serve users globally with low latency. The API's logic is implemented using AWS Lambda functions.
ā ļø Exam Trap: API Gateway "proxy integration" passes the entire request to Lambda and expects a specific response format. "Non-proxy integration" lets you transform requests/responses with mapping templates. Most exam scenarios use proxy integration.
