API Gateways (AWS API Gateway, Azure API Management) Questions and Answers for Viva

Answer-1: Subscriptions provide users with keys that they can use to access APIs, and help monitor and control usage.

Answer-2: Modifying the request before it reaches the backend, such as changing headers, query strings, or body content.

Answer-3: You can define different versions of the same API using paths, headers, or query strings.

Answer-4: Yes, AWS API Gateway can directly invoke Lambda functions as a backend integration.

Answer-5: It can expose Azure Functions as RESTful APIs and manage them with policies and access control.

Answer-6: A mock integration allows you to simulate API responses without connecting to a backend.

Answer-7: Policies enforce rules like transformation, validation, authentication, and caching on requests and responses.

Answer-8: Rate limiting restricts the number of API calls a client can make in a specified period to prevent overloading.

Answer-9: Yes, using CloudWatch metrics and logging.

Answer-10: Using Azure Monitor, analytics dashboards, and log queries in Application Insights.

Answer-11: An API key is a unique identifier that a client must provide to access a protected API.

Answer-12: It is the public endpoint that clients use to access APIs published through Azure API Management.

Answer-13: Yes, AWS WAF can be integrated with CloudFront distributions used by API Gateway.

Answer-14: Yes, quotas can be applied per subscription to control the number of calls per time interval.

Answer-15: Charges are based on the number of API calls, data transfer, and caching if enabled.

Answer-16: It uses a tiered pricing model (Developer, Basic, Standard, Premium) based on throughput units and features.

Answer-17: It allows the API gateway to access internal backend services securely via VNet.

Answer-18: Yes, AWS API Gateway supports WebSocket APIs for real-time, two-way communication.

Answer-19: Yes, it can expose SOAP services and convert them into REST if needed.

Answer-20: Security, rate limiting, monitoring, analytics, transformation, and central management of APIs.

Answer-21: Stage variables are key-value pairs associated with a stage that can be used to pass configuration settings to integrations.

Answer-22: Policy chaining allows executing multiple policies in sequence to handle complex API logic.

Answer-23: Yes, both AWS and Azure provide built-in tools to test APIs via their console or developer portal.

Answer-24: You can enable CloudWatch logs and detailed execution tracing.

Answer-25: It provides usage statistics, health reports, and custom dashboards via Azure Monitor and Application Insights.

Answer-26: Yes, both AWS and Azure support API deployments through CI/CD pipelines using tools like CodePipeline, GitHub Actions, and Azure DevOps.

Answer-27: An API Gateway is a server that acts as an API front-end, receiving API requests, enforcing throttling and security policies, passing requests to backend services, and returning the responses.

Answer-28: AWS API Gateway is a fully managed service that enables developers to create, publish, maintain, monitor, and secure APIs at any scale.

Answer-29: Azure API Management is a service that allows organizations to publish, secure, transform, and monitor APIs across internal and external consumers.

Answer-30: AWS API Gateway supports RESTful APIs, WebSocket APIs, and HTTP APIs.

Answer-31: Azure API Management supports REST APIs, SOAP APIs, and GraphQL APIs.

Answer-32: Throttling is a process of limiting the number of requests a client can make to an API within a given time frame to prevent abuse or overuse.

Answer-33: It supports authentication through IAM, Cognito user pools, Lambda authorizers, and custom JWT validation.

Answer-34: It supports OAuth 2.0, JWT validation, client certificates, and Azure Active Directory integration.

Answer-35: A usage plan defines who can access one or more deployed API stages and methods ? and also defines throttling and quota limits.

Answer-36: Policies are a collection of statements that are executed sequentially on the request or response of an API, enabling transformation, validation, routing, etc.

Answer-37: Yes, AWS API Gateway supports response caching to reduce latency and backend load.

Answer-38: The developer portal is a customizable website where developers can discover, test, and subscribe to APIs.

Answer-39: Stages are versions of an API deployment (e.g., dev, test, prod) with unique endpoints and settings.

Answer-40: Products are containers for one or more APIs, and they help manage access and subscriptions.

Answer-41: Using authorization mechanisms, throttling, API keys, WAF, and SSL/TLS encryption.

Answer-42: Using authentication policies, IP restrictions, rate limits, and SSL certificates.

Answer-43: A custom domain allows you to expose your API using your own domain name rather than the default AWS or Azure domain.

Answer-44: A policy expression is a piece of C# code used within policies to manipulate the API request or response.

Answer-45: An integration is the backend endpoint that receives the request from the API Gateway and returns a response.

Answer-46: Azure Functions, Logic Apps, App Services, and any external HTTP/HTTPS endpoints.

Answer-47: Yes, AWS API Gateway allows importing Swagger/OpenAPI definitions to define API structure.

Answer-48: Yes, Azure API Management supports importing APIs using OpenAPI, WSDL, and WADL specifications.

Answer-49: Lambda authorizers are custom authorization functions written in AWS Lambda that control access to your APIs.

Answer-50: HTTP APIs are simpler, faster, and cheaper than REST APIs, but REST APIs offer more features like API keys and usage plans.