Task Statement 2.1: Design scalable and loosely coupled architectures.
📘AWS Certified Solutions Architect – (SAA-C03)
1. What Is an API?
An API (Application Programming Interface) allows one software application to communicate with another.
In IT environments:
- A web application may call an API to get user data.
- A mobile app may call an API to upload files.
- A backend service may call another internal service using an API.
An API acts as a bridge between systems.
For the SAA-C03 exam, you must understand:
- What APIs are
- Why APIs are important for scalable systems
- How AWS manages APIs using Amazon API Gateway
2. What Is a REST API?
A REST API (Representational State Transfer API) is a common type of API that:
- Uses HTTP methods (GET, POST, PUT, DELETE)
- Uses URLs to access resources
- Is stateless (each request is independent)
Common HTTP Methods
| Method | Purpose |
|---|---|
| GET | Retrieve data |
| POST | Create new data |
| PUT | Update data |
| DELETE | Remove data |
Example (IT Environment)
A frontend web app calls:
GET /users
The backend returns a list of users in JSON format.
Each request contains everything needed (no session stored on server). That is called stateless design, which helps scalability.
3. Why APIs Are Important for Scalable and Loosely Coupled Architectures
Loose Coupling
Loose coupling means:
- Services work independently
- One service can change without breaking others
With APIs:
- Frontend does not need to know how backend is built
- Backend can change database without affecting frontend
- Services can scale independently
Scalability
APIs help scalability because:
- Multiple backend servers can handle requests
- API layer can throttle traffic
- API layer can cache responses
APIs allow horizontal scaling (adding more servers).
4. Amazon API Gateway
The main AWS service for API creation and management is:
Amazon API Gateway
It is a fully managed service that allows you to:
- Create APIs
- Secure APIs
- Monitor APIs
- Throttle requests
- Scale automatically
You do not manage servers.
5. Types of APIs in API Gateway (Important for Exam)
API Gateway supports three types:
1️⃣ REST API
- Most feature-rich
- Supports API keys
- Supports usage plans
- Supports request validation
- Supports caching
- Higher cost
Used for enterprise-grade APIs.
2️⃣ HTTP API
- Lower cost
- Simpler
- Lower latency
- Good for microservices
Limited features compared to REST API.
Exam Tip:
If question mentions:
- Cost-sensitive
- Simple microservices
- Low latency
→ Choose HTTP API
3️⃣ WebSocket API
- For real-time communication
- Two-way communication
- Used in chat apps or live updates
6. How API Gateway Works (Architecture Flow)
Typical Architecture:
Client → API Gateway → Backend Service
Backend can be:
- AWS Lambda
- Amazon EC2
- Amazon ECS
- AWS Fargate
- Any HTTP endpoint
API Gateway acts as a front door.
7. Integration Types (Very Important for Exam)
1️⃣ Lambda Integration
API directly invokes Lambda function.
Best for:
- Serverless architecture
- Event-driven systems
Common exam answer for scalable systems.
2️⃣ HTTP Integration
API calls:
- Internal HTTP service
- Application Load Balancer
- EC2 application
3️⃣ Mock Integration
Returns fixed response (used for testing).
8. Security in API Gateway
Security is heavily tested in SAA-C03.
1️⃣ IAM Authorization
Use AWS Identity and Access Management.
Used when:
- Internal services
- AWS users only
2️⃣ Cognito Authorizer
Uses:
Amazon Cognito
Provides:
- User authentication
- Token validation
Used for:
- Web/mobile app authentication
3️⃣ Lambda Authorizer
Custom authentication logic.
4️⃣ API Keys
- Identify clients
- Not for authentication
- Used with usage plans
5️⃣ Resource Policies
Control who can access API:
- By IP
- By VPC
- By AWS account
9. Throttling and Rate Limiting
Very important for scalability.
API Gateway can:
- Limit requests per second
- Prevent backend overload
You can configure:
- Account-level throttling
- Method-level throttling
- Usage plan throttling
Protects backend systems.
10. Caching
REST API supports caching.
Benefits:
- Reduces backend load
- Improves response time
- Reduces cost
If exam says:
- Improve performance
- Reduce backend calls
- Reduce latency
→ Enable API Gateway caching
11. Monitoring and Logging
Integrated with:
Amazon CloudWatch
Provides:
- Metrics (requests, errors, latency)
- Logs
- Alarms
You can:
- Monitor 4XX errors (client errors)
- Monitor 5XX errors (server errors)
12. API Deployment Concepts
Important terms:
API
The entire API configuration.
Resource
URL path (e.g., /users)
Method
GET, POST, etc.
Stage
Environment version (dev, test, prod)
Each stage can:
- Have different throttling
- Have different variables
- Have logging enabled
13. Custom Domain Names
You can use your own domain name instead of default AWS domain.
Requires:
AWS Certificate Manager
Used for:
- HTTPS certificates
- Secure communication
14. Private APIs
API Gateway can create:
- Public APIs (internet accessible)
- Private APIs (inside VPC)
Private APIs use:
- VPC endpoints
- Resource policies
Used for internal enterprise systems.
15. API Gateway + Microservices
Common scalable architecture for exam:
API Gateway
→ Lambda
→ DynamoDB
Or
API Gateway
→ ECS/Fargate
→ RDS
API Gateway helps:
- Route traffic
- Secure endpoints
- Scale automatically
16. Designing for Loose Coupling (Exam Focus)
To design loosely coupled systems:
- Use API Gateway in front of services
- Use Lambda for stateless execution
- Avoid direct service-to-service tight integration
- Use event-driven patterns when possible
Loose coupling benefits:
- Independent deployment
- Independent scaling
- Fault isolation
17. High Availability
API Gateway is:
- Fully managed
- Multi-AZ by default
- Automatically scales
No need to configure load balancer.
18. Cost Considerations (Exam Tips)
You are charged for:
- API calls
- Data transfer
- Caching (if enabled)
HTTP API is cheaper than REST API.
If exam question says:
- Low cost
- Basic API
- High request volume
→ Choose HTTP API
19. Common Exam Scenarios
Scenario 1:
Need serverless, auto-scaling backend.
→ API Gateway + Lambda
Scenario 2:
Need authentication for mobile users.
→ API Gateway + Cognito
Scenario 3:
Need to protect backend from overload.
→ Throttling + Caching
Scenario 4:
Need internal-only API.
→ Private API + VPC endpoint
Scenario 5:
Need custom authentication logic.
→ Lambda Authorizer
20. Important Differences to Remember
| Feature | REST API | HTTP API |
|---|---|---|
| Cost | Higher | Lower |
| Features | Full | Limited |
| Caching | Yes | No |
| Best for | Enterprise | Simple microservices |
Final Exam Checklist (Must Know)
You must understand:
- What REST APIs are
- Stateless communication
- Loose coupling benefits
- API Gateway types
- Lambda integration
- Security options (IAM, Cognito, Lambda Authorizer)
- Throttling and caching
- Private vs public APIs
- Monitoring with CloudWatch
- Cost differences (REST vs HTTP API)
Final Summary
APIs allow systems to communicate in a structured way.
Amazon API Gateway:
- Creates APIs
- Secures APIs
- Scales automatically
- Protects backend services
- Supports serverless architectures
For SAA-C03:
- API Gateway is a key service for scalable architectures
- Lambda integration is very common
- HTTP API is cost-effective
- Security and throttling are critical topics
If you understand these concepts clearly, you will be well prepared for this section of the exam.
