Best of API GatewayMarch 2024

  1. 1
    Article
    Avatar of bytebytegoByteByteGo·2y

    EP103: Typical AWS Network Architecture in One Diagram

    This post discusses typical AWS network architecture, including VPC, AZs, internet gateway, VPN, VPC peering, transit gateway, and various types of VPC endpoints.

  2. 2
    Article
    Avatar of freecodecampfreeCodeCamp·2y

    How to Build a Custom API Gateway with Node.js

    Learn how to build a custom API gateway with Node.js. Understand the role and benefits of an API gateway in a microservices architecture. Explore security measures and features in API gateways. Build a basic API gateway with rate limiting and timeouts using the http-proxy-middleware package.

  3. 3
    Article
    Avatar of cloudflareCloudflare·2y

    Protecting APIs with JWT Validation

    Cloudflare customers can now protect their APIs from broken authentication attacks by validating incoming JSON Web Tokens (JWTs) with API Gateway's JWT Validation. The release addresses feature requests for supporting the Bearer token format, creating multiple JWKS configs, validating JWTs sent in cookies, and excluding managed endpoints in a JWT validation rule. Broken authentication is a major threat in API security, and JWT validation helps enforce a positive security model for authenticated API users. JWTs provide short-lived sessions and enhanced security compared to other authentication methods. API attacks like missing or broken authentication, expired token reuse, and Broken Function Level Authorization attacks can be prevented with proper authentication and authorization. API Gateway's JWT Validation checks JWT signatures, expiration times, and the presence of authentication tokens to protect against these attacks. Cloudflare Access and custom Cloudflare Workers are other options for JWT validation, but API Gateway provides an easier and more manageable experience. Future releases will expand the capabilities of API Gateway, including generating and enforcing authorization policies and enhancing API management with Cloudflare.

  4. 4
    Article
    Avatar of theburningmonktheburningmonk.com·2y

    When to use API Gateway vs. Lambda Function URLs

    Explore the trade-offs between using Function URLs and API Gateway for building REST APIs using serverless technologies. Function URLs are cheaper, faster, and have fewer moving parts, making them suitable for public APIs or internal APIs within a microservices architecture. On the other hand, API Gateway offers more flexibility, direct integration with AWS services, and a wide range of features. It is a preferred choice for most cases, especially if cost is not a primary concern.

See all API Gateway archives