Skip to content

Conclusions

Congratulations! You've made it through the workshop. Let's look back through what you accomplished...

You created a RESTful backend with Amazon API Gateway

Our backend includes a Java Springboot application with a MySQL database running on an EC2 instance in a private subnet. This is exposed via a private integration with an API hosted on Amazon API Gateway. Restful API

You used the following to enhance the security posture of your API:

  • A resource policy to control which principals can invoke your API.
  • A private integration to expose a private resource via your API.
  • Input validation to ensure only valid inputs get passed along to our backend through your API.
  • A web application firewall to help protect against common web exploits like SQL injection and cross-site scripting.
  • A usage plan and API key to set limits on the request rate for consumers of your API.
  • Authentication via Amazon Cognito to ensure that only authenticated and authorized users may invoke your API.
  • X-Ray to trace requests through your API.

Want to explore more? Check out these other useful resources: