AWS Compute Blog

Category: Amazon API Gateway

Lambda resource policy document

Building well-architected serverless applications: Managing application security boundaries – part 1

This series of blog posts uses the AWS Well-Architected Tool with the Serverless Lens to help customers build and operate applications using best practices. In each post, I address the serverless-specific questions identified by the Serverless Lens along with the recommended best practices. See the introduction post for a table of contents and explanation of the example application. Security question SEC2: […]

Solution overview

Building private cross-account APIs using Amazon API Gateway and AWS PrivateLink

This post is written by Brian Zambrano, Enterprise Solutions Architect and Srinivasa Atta, Sr. Technical Account Manager With microservice architectures, multiple teams within an organization often build different parts of an application. Different teams may own functionality for a given business segment. An effective pattern to support this is a centrally managed public API. This […]

Getting started with serverless for developers: Part 3 – The front door

This blog post is part 3 of Getting started with serverless for developers, helping developers to start building serverless applications from their IDE. In the previous post, I introduce AWS Lambda and show how functions are designed to run business logic for serverless applications. In this blog post, you see how to access that business […]

Evaluating access control methods to secure Amazon API Gateway APIs

This post is written by Bryant Bost, Cloud Application Architect. There is not a one-size-fits-all approach to access control for Amazon API Gateway. Properties of your application such as API type, identity provider, client access patterns, privacy requirements, and others influence the design of your access control solution. Understanding the types of access control available […]

Using multiple segments in Amazon API Gateway base path mapping

Amazon API Gateway recently enhanced base path mapping for custom domains by introducing multi-level base path mapping. Before multi-level base path mapping, paths could not contain a forward slash (/) in a base path. This restriction meant that base paths could only consist of a single word (for example, sales) or a concatenation of several […]

Reference architecture

Building a serverless multi-player game that scales

This post introduces the Simple Trivia Service, a single- and multi-player game built using a serverless-first architecture on AWS. I cover different solutions that you can use to enable connectivity from your game client to a serverless-first backend for both single- and multi-player games.