Conclusion

Security is an ongoing effort. Protecting data in-transit and at-rest, implementing a strong identity foundation, minimizing attack surface area, mitigating DDoS attack impacts, implementing inspection and protection techniques, and automating security best practices all enable an in-depth defense strategy that every organization should implement. This effort is easier thanks to the AWS features and services discussed in this paper. Amazon API Gateway strives to help you build and operate architectures that protect information, systems, and assets, while delivering business value and pay-for-value pricing.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Security design principles

Contributors