iolalog (10) [Avatar] Offline
#1
Hi Yan

Great course so far! (still early for me) Just went through the "How to secure APIs in API Gateway" section, and I notice you do not mention private endpoints. Is this because it was just released, or is there some other reason you did not mention it?

https://aws.amazon.com/blogs/compute/introducing-amazon-api-gateway-private-endpoints/

Regards,
Olav
Yan Cui (68) [Avatar] Offline
#2
Hi Olav,

Yes, that feature is just announced last month, and that particular unit was recorded many months ago. I plan to go back and update it at some point but we still have quite a lot of videos to finish before I can do that.

On a side note, I find the private endpoints feature rather clumsy to work with at the moment, and I still need to understand the performance and scalability impacts at scale, and how it affects the regional ENI limits and so far, before I feel comfortable in offering advice that I would follow myself. If you know anyone who is using it at scale (in throughput and/or complexity), please point me in their direction, I have many questions I want to ask!
iolalog (10) [Avatar] Offline
#3
We are looking into private endpoints, but I don't know anyone using them extensively yet. They sound like a good idea for internal API's (as one would have to do less for security), but we'll see what testing reveals. Odd that AWS doesn't have some reference customers to show for with the launch, but I guess we'll hear some stories about private endpoints at the next re:Invent.