Please share with the community what you think needs improvement with Amazon API Gateway.
What are its weaknesses? What would you like to see changed in a future version?
One of the problems with using this solution is that you have to know a lot about the Amazon ecosystem, in terms of services, to be able to use it. For example, if you use it without the Web Application Firewall then you're going to get some attacks. You have to read the documentation and learn how to use it. This is a very large product, which means that there is a lot to learn and a lot of documentation to read. It is not clear to us how you create a direct connection between your on-premises network and the API gateway. In the documentation, it tells you to create a VPN, but I find this troubling at the application level. You should be able to use MTLS. This is what you want rather than direct connect because of security issues. I don't think that this is a documentation issue. Rather, I think that it is a feature that can be improved.
The way they manage the headers could be improved and made easier. There are some certificates that they will not let us use. I would like to see the web console improved. There should be more videos and documentation about the new features that are released every month.
The pricing could be better. Also, possibly better technical support services or possibly just more documentation to assist users.
You can code anything and hook it on to it but it doesn't give you stuff out of the box like the other gateways give you. You can do anything with it because you just attach a LAN to it and it will do anything, but that's to the custodian. You know you're not using the power of the gateway. It's hard to configure. There's a lot of options but it's very hard, it's very confusing. In the future, I'd like to see Amazon develop a portal and monetization that is not only for the Amazon Marketplace.