Amazon introduces API Gateway, aims to dominate yet another area

Another day, another industry sector that Amazon Web Services aims to own. This time it's API management that this cloud powerhouse is rolling out as a product

Amazon Web Services (AWS) is, frankly, an incredible organization to watch. Already widely regarded as the biggest (by many orders of magnitude) public cloud vendor, they have a history of not sitting on their laurels but rather innovating rapidly to increase the value they offer to customers. Hardly an AWS event goes by without the company announcing some new piece of tech that is set to get developers hearts racing.

Today it's the API space that AWS is looking to. APIs are, of course, the glue that enables software and infrastructure to function in this modern age. APIs are the little building blocks that allow infrastructure, services, applications and data to be stitched together across diverse hardware, solutions, and geographies.

And the growth in the awareness and understanding of the import of APIs is massive. Research suggest that there are more than 10,000 public APIs in existence, and that number is growing rapidly.

Given these facts it is hardly surprising that AWS is today announcing its new Amazon API Gateway offering. API Gateway is a product borne through pragmatism. AWS itself has 43 (and growing) services, the vast majority of which use APIs for both public-facing and internal functions. AWS knows first-hand the difficulties around building, managing, and monitoring APIs. That's what API Gateway is all about - it is a suite of tools aimed at making it ever-easier for organizations to create their public APIs.

API Gateway aims to fill the full lifecycle of API management. It covers of the management of multiple versions and stages of an API, the management of third party access, the all-important authorization and security factors, and automation of an API into infrastructure as well. So, what specific check boxes is AWS filling with this initial offering? Pretty much the base level of what an API management platform should cover, including:

  • Host multiple versions and stages of APIs
  • Create and distribute API Keys to developers
  • Leverage AWS Identity and Access Management (IAM) and Signature Version 4
  • Throttle and monitor requests to protect the backend
  • Global distribution through the global AWS network with over 50 PoPs around the world
  • Leverages AWS Lambda Additional Features
  • Managed cache to store API responses
  • Reduced latency and DDoS protection through Amazon CloudFront
  • SDK Generation for iOS, Android, and JavaScript
  • Swagger support
  • Input and output data transformation

AWS has thought pretty hard about both basic functionality and interesting value-adds that they can offer here. Obviously, there are the basics - developers can build APIs with their resources, methods, and settings. They can deploy APIs to a stage and create as many stages as they want, each with its own throttling, caching, metering, and logging configuration. They can clone an existing API to create a new version and still have the ability to work on multiple versions of their APIs. AWS even keeps a copy of deployments and allows customers to rollback to previous deployments.

But the really interesting stuff is in the value add. AWS has seen the API Gateway as an excellent partner for AWS Lambda, its recently announced event-driven infrastructure offering. Lambda can actually be the endpoint for an API, thereby creating a situation where an API call triggers some computation within Lambda, all without needing to spin up servers. Of course, EC2 and any publicly accessible endpoints are accepted as well.

AWS also covers off transformations. The gateway supports request and response transformations, allowing users to transform their API actions. Users can filter output results to remove private or unnecessary data. They can read all query string parameters from their GET request, and create a body to make a POST to their backend. Or they can receive JSON input and transform it to XML for their backend. I suspect there are many more interesting examples of these transformations to come.

This version of the API Gateway is focused on public APIs, but in a conversation with Simon Poile, General Manager of the project, I was advised that everything is in place to enable private APIs as well. The only thing missing is support for Amazon Virtual Private Cloud (VPC). While focusing on Public API support at launch, Poile did indicate that support for Amazon Virtual Private Cloud (VPC) would be coming soon - it strikes me that VPC support will be coming sooner rather than later.

The gateway is priced on both requests and transfer. API Gateway requests are $3.50 per million requests, while data transfer is $0.09/GB for the first 10 TB and then cheaper for higher volumes of data.

Of course, the question of import here is what this means for the other API management vendors. Companies like Apigee, 3Scale and others all provide similar services. Initially, those guys are all OK. They have significant jobs to do in terms of consulting for large organizations and enabling private API creation and management. Over time, however, and as AWS broadens to private functionality, it will be interesting to see what impact that API Gateway has on all of these other vendors. Yet another example of AWS doing one of two things depending on what side of the fence you sit: either further eating into the product opportunities for industry players or continuing its impressive rate of innovation. I'll leave it for readers to judge.  


Copyright © 2015 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022