With 65% of companies accelerating their digital transformation in 2021, the desire to find an API portal solution that lets businesses monetize their APIs is on the rise.
Whether you're just starting out or have years of experience behind you, choosing between a DIY dev portal or a pre-built API portal is challenging.
If you're curious about the AWS API Portal and wonder what you can do with it? This post will give you a comprehensive overview of the AWS API Portal, including an explanation of what it is and how to use it.
What is AWS API Portal?
The AWS API Portal, or Serverless Developer Portal, is a cloud-based web application nested within Amazon's API Gateway service that makes it easy for developers to create, publish, maintain, and monitor APIs.
This self-service portal lets developers explore and create applications using your Amazon API Gateway managed APIs or non-API Gateway managed APIs (OpenAPIs).
This regularly updated (via AWS Serverless Application Repository) portal features out-of-the-box functionality and a customizable, React-written front-end.
The Serverless Developer Portal provides:
A site where consumers can browse and test out your published APIs
Documentation on all the available resources
API keys for registered users
Basic API monitoring capabilities
Why Use Serverless Portal Architecture?
With serverless architecture, you don't have to worry about managing servers and provisioning them—the cloud provider does.
This approach has many benefits, including reduced cost of ownership for IT teams and improved flexibility because it's easy to scale on-demand depending upon the needs within an organization.
Amazon API Gateway, Amazon Cognito User Pools, AWS Lambda, Amazon DynamoDB, and Amazon S3 are all incorporated into the developer portal application, making it a complex, modular system designed for specific purposes.
Each of these modular systems is divided into microservices. Here are the specific microservices offered in the serverless dev portal:
Login/Registration: Amazon Cognito and Lambda features handle identity management, while Amazon Cognito User Pool lets users register and log in.
AWS Cloud: The front-end React app handles all requests and uses Amazon S3 to store static content before communicating with the back-end via AWS API Gateway.
Catalog Update: S3 buckets and Lambda functions are used to update the API catalog when files are added or removed from the S3 storage bucket.
API Key Creation: API Key Creation Services manage API key creations and deletions. They store all updates in DynamoDB tables and notify AWS API Gateway about any modifications.
Deployment Options
Now that you understand how the AWS API portal is structured, you should know that no matter how you choose to deploy your portal, it requires some configuration before use—even if you choose their out-of-the-box option.
These deployment options are important as they will dictate how applications will be built with your APIs, how you'll expose your APIs to consumers, and the amount of maintenance you'll need.
There are three ways to deploy the AWS API portal:
AWS Serverless Application Repository (SAR)
This out-of-the-box option is easy to deploy and use. For this option, you need to launch the API Gateway Serverless Developer Portal AWS CloudFormation stack before entering parameters into the Lambda console.
AWS provides detailed documentation on how to deploy using this method.
Some benefits of using AWS SAR include:
Simple application management: With pre-built applications, you can deploy your serverless application with just a few clicks. You no longer need to clone and build the source code before uploading it onto AWS.
Accelerate workflows: Use the power of serverless applications to your advantage and reduce duplication. Create and publish apps once, then store them for use by teams as well as broader communities who also need these services.
AWS Serverless Application Model (SAM)
If you're looking to make any customizations to templates or deploy the AWS portal through your existing infrastructure, you'll need to use the SAM CLI deployment guide.
Configuring your serverless developer portal using SAM can be lengthy. You'll need to make sure you have the most recent versions of AWS CLI and AWS SAM CLI before you begin.
Some benefits of using AWS SAM include:
Single stack configuration: One of the best features of using AWS SAM is the ability to easily configure and operate on a single stack. You can even share configuration (such as memory or timeouts) between resources, making deploying all related components together in one versioned entity extremely convenient.
Integrated development tools: Use the complete suite of AWS tools to discover new applications (AWS SAR), test (AWS Cloud9 IDE), and build a deployment pipeline.
Development Scripts
Even though AWS doesn't specifically mention this deployment model, you do have the ability to make modifications to the developer portal assets or design advanced specifications yourself.
This option requires advanced configurations and installing several tools you'll need to deploy successfully. For detailed instructions, refer to this development guide.
The main benefit of this deployment model is that you'll be able to make some improvements to the AWS API Portal; however, you'll have to build it to your specifications, which means you'll be responsible for maintaining it.
What Are the Benefits of AWS API Portal?
Serverless developer portals offer a number of features that make it easy for API providers and consumers to utilize.
API providers can:
Publish APIs to AWS Marketplace
Monitor API usage
Build their own AWS Developer Portal or use the Serverless Developer Portal to add functionality to their site
API consumers can:
Discover APIs
See API resources and documentation
Register for API keys immediately
What You Can't Do With AWS API Portal
While the AWS API Portal lets you create a dev site that integrates AWS's full suite of tools, there are some things it simply can't or struggles to do.
1. Multiple Usage Plans
When you use AWS API Gateway to create usage plans for your product offerings, you'll find some rather inconvenient limitations.
Any API published to the developer portal is subscribable, even if they aren't visible to the customer.
Valid API keys can access every API in a usage plan, even if the key is only for a single API within that plan.
Clients can exceed their quotas within a usage plan. You'll need to implement additional methods to prevent this.
The AWS API Gateway does not differentiate between API keys with the same value, even if they have different names.
For more information, AWS has more details about creating usage plans. However, if you plan on creating multiple usage plans, you'd be better off considering another option like a pre-built API portal.
2. Easy SSO Integration
While AWS did build in the ability to add SSO, it requires additional applications and complex configurations to set up. Here are some problems with its implementation:
SSO credentials must have permissions to access AWS resources; otherwise, this function will not work.
To grant SSO permissions for certain accounts, you'll need to add additional restrictions to IAMFullAccess policies.
AWS SSO is not integrated into Okta, Ping, or IAM (without advanced configuration).
For more information about AWS SSO, you'll have to filter through numerous resources. If you're looking for complete access controls, you'll need a solution, like Apiboost, that has those features ready to use out of the box.
3. Built-In CI/CD
AWS does have the ability to create your own CI/CD pipelines. However, like the other issues already mentioned, this requires advanced configurations, access to additional AWS resources, and is left to the individual business to determine the system and rules.
To set up CI/CD pipelines, AWS recommends that you have at least intermediate experience with AWS and all its resources.
Advanced IAM permissions are needed and will be given to any user in the assigned group.
The cost to run CI/CD pipelines varies depending on how many AWS services you integrate into it and how you configure them.
AWS has various documentation for building an AWS CI/CD pipeline, but building it will be difficult if you're not familiar with all of AWS's services.
Even though AWS offers a wide range of tools that make it easy to create and publish APIs to a Serverless Developer Portal, you may find yourself asking:
Is it enough?
Are you able to do everything you need with it?
Will this help me get ROI from my digital transformation or cloud-based services?
The answer might be simpler than you think. The AWS API Portal is nothing more than a developer portal, meaning it won't provide the flexibility and functionality that an API portal gives you.
Developer Portal vs. API Portal
Portals designed to serve developers (almost exclusively), such as the AWS API Portal, provide access to APIs and their management.
However, as citizen development has gained popularity, a new focus has emerged on user interface (UI) features and ease of use.
API portals are designed with this audience in mind, they give access to giving basic information as well as more advanced options that aren't provided by your typical developer website or app store listing, such as:
Additional documentation for API products
Self-service administrative environment
The ability for innovation and collaboration for internal and external teams within the portal
Working with a portal specialist such as Achieve, who understands the complexities and best practices behind truly automated systems, is a better choice.
Your Next Steps…
Whether you want to build your own API portal using AWS Serverless Developer Portal or use a pre-built one, you'll need to assess your business resources.
If you opt for the AWS DIY option, do you have:
The experience to build in advanced access controls?
The resources needed to perform continuous maintenance?
The knowledge to understand the complexities involved in true automation?
If you find this option daunting, you're not alone. Why not use a product that has true enterprise capabilities, like Apiboost.
Apiboost has everything you need to leverage the power of API portals:
Built-in SSO and CI/CD: Apiboost makes it easy to connect with the most common SSO and CI/CD solutions. This way, you can automate your documentation management or user identity features through the portal.
Admin dashboards: With Apiboost, you can manage your site with an intuitive admin area and dashboards to keep you informed. It is equipped with multiple roles customized for controlling secure documentation, community activity logs, as well as reports that will help grow adoption rates.
Product optimization: The Product Optimizer is a revolutionary tool for API managers to make the most of their product success. Empower your team with analytics and take action on any insights and ensure that every program achieves its full potential.
Collaborate with ease: Working in teams just got easier with Apiboost. Whether you want groups innovating or using the platform for partners and customers to work together, this solution can help your company achieve success.
Having created over 100 API portals with advanced integrations and a deep understanding of best practices to build true automation, Achieve helps you build an API ecosystem that seamlessly connects with other technologies.
Apiboost, our premier portal solution, is a proven API portal platform that is used worldwide by large enterprises.
Want to learn more? Schedule a demo.
