aws-api-gateway

title: "Aws Api Gateway" sidebar_label: "Aws Api Gateway" description: "AWS API Gateway for REST and HTTP API management. Use when creating APIs, configuring integrations, setting up authorization, managing stages, implementing rate limiting, or troubleshooting API issues."

Aws Api Gateway

AWS API Gateway for REST and HTTP API management. Use when creating APIs, configuring integrations, setting up authorization, managing stages, implementing rate limiting, or troubleshooting API issues.

Details

Property	Value
Skill Directory	`.github/skills/aws-api-gateway/`
Phase	General
User Invocable	✅ Yes
Usage	`/aws-api-gateway API type, integration pattern, or issue to look up (e.g. 'HTTP API Lambda proxy', 'JWT authorizer', 'CORS configuration', '502 Bad Gateway')`

Documentation

AWS API Gateway

Amazon API Gateway is a fully managed service for creating, publishing, and securing APIs at any scale. Supports REST APIs, HTTP APIs, and WebSocket APIs.

Core Concepts
Common Patterns
CLI Reference
Best Practices
Troubleshooting
References

Core Concepts

API Types

Type	Description	Use Case
HTTP API	Low-latency, cost-effective	Simple APIs, Lambda proxy
REST API	Full-featured, more control	Complex APIs, transformation
WebSocket API	Bidirectional communication	Real-time apps, chat

Key Components

Resources: URL paths (/users, /orders/{id})
Methods: HTTP verbs (GET, POST, PUT, DELETE)
Integrations: Backend connections (Lambda, HTTP, AWS services)
Stages: Deployment environments (dev, prod)

Integration Types

Type	Description
Lambda Proxy	Pass-through to Lambda (recommended)
Lambda Custom	Transform request/response
HTTP Proxy	Pass-through to HTTP endpoint
AWS Service	Direct integration with AWS services
Mock	Return static response

Common Patterns

Create HTTP API with Lambda

AWS CLI:

# Create HTTP API
aws apigatewayv2 create-api \
  --name my-api \
  --protocol-type HTTP \
  --target arn:aws:lambda:us-east-1:123456789012:function:MyFunction

# Get API endpoint
aws apigatewayv2 get-api --api-id abc123 --query 'ApiEndpoint'

SAM Template:

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31

Resources:
  MyApi:
    Type: AWS::Serverless::HttpApi
    Properties:
      StageName: prod

  MyFunction:
    Type: AWS::Serverless::Function
    Properties:
      Handler: app.handler
      Runtime: python3.12
      Events:
        ApiEvent:
          Type: HttpApi
          Properties:
            ApiId: !Ref MyApi
            Path: /items
            Method: GET

Create REST API with Lambda Proxy

# Create REST API
aws apigateway create-rest-api \
  --name my-rest-api \
  --endpoint-configuration types=REGIONAL

API_ID=abc123

# Get root resource ID
ROOT_ID=$(aws apigateway get-resources --rest-api-id $API_ID --query 'items[0].id' --output text)

# Create resource
aws apigateway create-resource \
  --rest-api-id $API_ID \
  --parent-id $ROOT_ID \
  --path-part items

RESOURCE_ID=xyz789

# Create method
aws apigateway put-method \
  --rest-api-id $API_ID \
  --resource-id $RESOURCE_ID \
  --http-method GET \
  --authorization-type NONE

# Create Lambda integration
aws apigateway put-integration \
  --rest-api-id $API_ID \
  --resource-id $RESOURCE_ID \
  --http-method GET \
  --type AWS_PROXY \
  --integration-http-method POST \
  --uri arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:123456789012:function:MyFunction/invocations

# Deploy to stage
aws apigateway create-deployment \
  --rest-api-id $API_ID \
  --stage-name prod

Lambda Handler for API Gateway

import json

def handler(event, context):
    http_method = event.get('requestContext', {}).get('http', {}).get('method')
    path = event.get('rawPath', '')
    query_params = event.get('queryStringParameters', {})
    body = event.get('body', '')

    if body and event.get('isBase64Encoded'):
        import base64
        body = base64.b64decode(body).decode('utf-8')

    response_body = {'message': 'Success', 'path': path}

    return {
        'statusCode': 200,
        'headers': {
            'Content-Type': 'application/json'
        },
        'body': json.dumps(response_body)
    }

Configure CORS

HTTP API:

aws apigatewayv2 update-api \
  --api-id abc123 \
  --cors-configuration '{
    "AllowOrigins": ["https://example.com"],
    "AllowMethods": ["GET", "POST", "PUT", "DELETE"],
    "AllowHeaders": ["Content-Type", "Authorization"],
    "MaxAge": 86400
  }'

JWT Authorization (HTTP API)

aws apigatewayv2 create-authorizer \
  --api-id abc123 \
  --name jwt-authorizer \
  --authorizer-type JWT \
  --identity-source '$request.header.Authorization' \
  --jwt-configuration '{
    "Issuer": "https://cognito-idp.us-east-1.amazonaws.com/us-east-1_abc123",
    "Audience": ["client-id"]
  }'

CLI Reference

HTTP API (apigatewayv2)

Command	Description
`aws apigatewayv2 create-api`	Create API
`aws apigatewayv2 get-apis`	List APIs
`aws apigatewayv2 create-route`	Create route
`aws apigatewayv2 create-integration`	Create integration
`aws apigatewayv2 create-stage`	Create stage
`aws apigatewayv2 create-authorizer`	Create authorizer

REST API (apigateway)

Command	Description
`aws apigateway create-rest-api`	Create API
`aws apigateway get-rest-apis`	List APIs
`aws apigateway create-resource`	Create resource
`aws apigateway put-method`	Create method
`aws apigateway put-integration`	Create integration
`aws apigateway create-deployment`	Deploy API

Best Practices

Performance

Use HTTP APIs for simple use cases (70% cheaper, lower latency)
Enable caching for REST APIs
Use regional endpoints unless global distribution needed

Security

Use authorization on all endpoints
Enable WAF for REST APIs
Enable access logging
Use HTTPS only

Reliability

Set up throttling to protect backends
Configure timeout appropriately
Monitor with CloudWatch

Troubleshooting

403 Forbidden

Causes:

Missing authorization
Invalid API key
WAF blocking
Resource policy denying

502 Bad Gateway

Causes:

Lambda error
Integration timeout
Invalid response format

Lambda response format:

# Correct format
return {
    'statusCode': 200,
    'headers': {'Content-Type': 'application/json'},
    'body': json.dumps({'message': 'success'})
}

# Wrong - missing statusCode
return {'message': 'success'}

504 Gateway Timeout

Causes:

Backend timeout (Lambda max 29 seconds for REST API)
Integration timeout too short

Solutions:

Increase Lambda timeout
Use async processing for long operations

CORS Errors

Debug:

Check OPTIONS method exists
Verify headers in response
Check origin matches allowed origins

title: "Aws Api Gateway" sidebar_label: "Aws Api Gateway" description: "AWS API Gateway for REST and HTTP API management. Use when creating APIs, configuring integrations, setting up authorization, managing stages, implementing rate limiting, or troubleshooting API issues."​

Aws Api Gateway

Details​

Documentation​

AWS API Gateway

Table of Contents​

Core Concepts​

API Types​

Key Components​

Integration Types​

Common Patterns​

Create HTTP API with Lambda​

Create REST API with Lambda Proxy​

Lambda Handler for API Gateway​

Configure CORS​

JWT Authorization (HTTP API)​

CLI Reference​

HTTP API (apigatewayv2)​

REST API (apigateway)​

Best Practices​

Performance​

Security​

Reliability​

Troubleshooting​

403 Forbidden​

502 Bad Gateway​

504 Gateway Timeout​

CORS Errors​

References​

title: "Aws Api Gateway" sidebar_label: "Aws Api Gateway" description: "AWS API Gateway for REST and HTTP API management. Use when creating APIs, configuring integrations, setting up authorization, managing stages, implementing rate limiting, or troubleshooting API issues."

Details

Documentation

Table of Contents

Core Concepts

API Types

Key Components

Integration Types

Common Patterns

Create HTTP API with Lambda

Create REST API with Lambda Proxy

Lambda Handler for API Gateway

Configure CORS

JWT Authorization (HTTP API)

CLI Reference

HTTP API (apigatewayv2)

REST API (apigateway)

Best Practices

Performance

Security

Reliability

Troubleshooting

403 Forbidden

502 Bad Gateway

504 Gateway Timeout

CORS Errors

References