Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale.

With the proliferation of mobile devices and the rise in the Internet of Things (IoT), it is increasingly common to make back-end systems and data accessible to applications through APIs. Because so many applications use these APIs, and communities of developers rely on them, an increasing amount of time and effort is spent developing and managing APIs. Amazon API Gateway is a pay-as-you-go service that takes care of all of the undifferentiated heavy lifting involved in securely and reliably running APIs at scale. And, to make it easy for you to use these APIs, Amazon API Gateway can generate client SDKs for a number of languages, including JavaScript, iOS, and Android.

Key Product Features

Build, Deploy, and Manage APIs

With Amazon API Gateway, you can quickly and easily create a custom API to your code running in AWS Lambda, and then call the Lambda code from your API. Amazon API Gateway can execute AWS Lambda code in your account, start AWS Step Functions state machines, or make calls to AWS Elastic Beanstalk, Amazon EC2, or web services outside of AWS with publicly accessible HTTP endpoints. Using the Amazon API Gateway console, you can define your REST API and its associated resources and methods, manage your API lifecycle, generate your client SDKs, and view API metrics.


Amazon API Gateway helps you manage traffic to your back-end systems by allowing you to set throttling rules, based on the number of requests per second, for each HTTP method in your APIs. In addition, you can set up a cache with customizable keys and time-to-live in seconds for your API data to avoid hitting your back-end services for each request. Amazon API Gateway handles any level of traffic received by an API, so you are free to focus on your business logic and services rather than maintaining infrastructure.

API Lifecycle Management

Amazon API Gateway lets you run multiple versions of the same API simultaneously so that applications can continue to call previous API versions even after the latest versions are published. Amazon API Gateway also helps you manage multiple release stages for each API version, such as alpha, beta, and production. Each API stage can be configured to interact with different backend endpoints based on your API setup. Specific stages and versions of an API can be associated with a custom domain name and managed through Amazon API Gateway. Stage and version management allow you to easily test new API versions that enhance or add new functionality to earlier API releases, and ensures backward-compatibility as your user communities transition to adopt the latest release.

SDK Generation

Amazon API Gateway can generate client SDKs for a number of platforms, which you can use to quickly test new APIs from your applications and distribute SDKs to third-party developers. The generated SDKs handle API keys and sign requests using AWS credentials. Amazon API Gateway can generate client SDKs for JavaScript, iOS, and Android.

API Operations Monitoring

After an API is deployed and in use, Amazon API Gateway provides you with a dashboard to visually monitor calls to the services. The Amazon API Gateway console is integrated with Amazon CloudWatch, so you get back-end performance metrics, such as API calls, latency, and error rates. Because API Gateway uses CloudWatch to record monitoring information, you can set up custom alarms on Amazon API Gateway APIs. Amazon API Gateway can also log API execution errors to CloudWatch Logs to make debugging easier.

AWS Authorization

To authorize and verify API requests to AWS services, API Gateway can help you leverage signature version 4 -- the same technology used by AWS for its services. Using signature version 4 authentication, you can use Identity and Access Management (IAM) and access policies to authorize access to your APIs and all your other AWS resources. You can also use AWS Lambda functions to verify and authorize bearer tokens such as JWT tokens or SAML assertions.

API Keys for Third-Party Developers

API Gateway helps you manage the ecosystem of third-party developers accessing your APIs. You can create API keys on Amazon API Gateway, set fine-grained access permissions on each API key, and distribute them to third-party developers to access your APIs. You can also define plans that set throttling and request quota limits for each individual API key. The use of API keys is completely optional and must be enabled on a per-method level.


Intended Usage and Restrictions

Your use of this service is subject to the AWS Customer Agreement.