- Newest
- Most votes
- Most comments
There's a lot to unpack here and this answer won't do it justice - I strongly recommend that you reach out to your local AWS Solutions Architect who can have a conversation with you in depth about this. If they can't, they can find a networking expert who can. That said:
I would always use an API Gateway instead of a firewall for API Gateway "type tasks" for many reasons. First, API Gateway is scalable and you only pay for what you use. You also get very find-grained controls down to the method level. You can modify requests and check for specific attributes - all without scaling your back end.
But: If you're dealing with other types of traffic (non HTTP) then a firewall might be the best choice.
You're right, API Gateway won't do everything for you. But neither will a firewall.
Relevant content
- asked 2 years ago
- Accepted Answer
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 10 months ago