API Gateway (Endpoints)

API management & gateways — Azure · AWS · GCP

Concept

API Gateways provide authentication, rate limiting, request transformation, and monitoring for backend services. Each cloud offers managed API management platforms.

API Gateway
Azure API Management (APIM)
Amazon API Gateway
API Gateway (Apigee / Cloud Endpoints)
Tiers
Developer / Basic / Standard / Premium
HTTP / REST / WebSocket
Cloud Endpoints (lightweight) / Apigee (enterprise)
Auth
OAuth2, JWT, API Keys, Certificates
IAM, Cognito, Lambda Authorizer, API Keys
API Keys, Firebase Auth, IAP, JWT
Rate Limiting
Per-key / per-IP / per-product
Usage Plans + API Keys per method
Quotas per consumer
Request Transform
Policies (XML-based)
Mapping Templates (VTL)
OpenAPI spec transformation
Monitoring
Azure Monitor + Application Insights
CloudWatch + X-Ray
Cloud Monitoring + Cloud Trace

GCP Cloud Endpoints (OpenAPI)

# openapi.yaml
swagger: "2.0"
info:
  title: Payments API
  version: 1.0.0
host: payments-api.endpoints.PROJECT.cloud.goog
x-google-endpoints:
- name: payments-api.endpoints.PROJECT.cloud.goog
  target: "35.227.xxx.xxx"
paths:
  /v1/payments:
    get:
      summary: List payments
      operationId: listPayments
      security:
      - api_key: []
      x-google-quota:
        metric: read-requests
        limit: 1000/minute

○ Azure — Azure APIM

Policies: XML-based inbound/outbound/on-error. OAuth2, rate limiting, caching, request/response transformation.

CLI: az apim create -g prod-rg -n my-apim --publisher-email admin@me.com --publisher-name MyOrg

○ AWS — AWS API Gateway

Stages: dev/staging/prod. Usage plans, API keys, VTL mapping templates, Lambda/HTTP integrations.

CLI: aws apigateway create-rest-api --name PaymentsAPI

○ GCP — GCP Cloud Endpoints

Spec: OpenAPI 2.0 YAML. Deployed to Cloud Run / GKE. API keys, JWT validation, quotas, and monitoring.