← Back to all products
$39
API Gateway Patterns
Kong, AWS API Gateway, and custom gateway configs with rate limiting, auth, transformation, and monitoring.
JSONMarkdownYAMLPythonDockerAWSRedis
📄 Product Preview
Try the interactive reader and demo tools below, or get the full product with all content unlocked.
📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample📁 File Structure 26 files
api-gateway-patterns/
├── LICENSE
├── README.md
├── aws/
│ ├── api-gateway-openapi.yaml
│ ├── lambda-authorizer.py
│ └── usage-plans.json
├── configs/
│ ├── gateway-dev.json
│ └── gateway-prod.json
├── free-sample.zip
├── guide/
│ ├── auth-patterns.md
│ ├── gateway-comparison.md
│ └── rate-limiting-strategies.md
├── guides/
│ ├── auth-patterns.md
│ ├── gateway-comparison.md
│ └── rate-limiting-strategies.md
├── index.html
├── kong/
│ ├── jwt-auth.yaml
│ ├── kong.yaml
│ ├── rate-limiting.yaml
│ └── request-transformer.yaml
├── src/
│ ├── __init__.py
│ ├── __main__.py
│ ├── auth_middleware.py
│ ├── gateway.py
│ ├── rate_limiter.py
│ └── transform_middleware.py
└── tests/
└── test_rate_limiter.py
📖 Documentation Preview README excerpt
API Gateway Patterns
Production-ready API gateway configurations for Kong, AWS API Gateway, and a custom Python gateway implementation. Includes rate limiting, authentication, request transformation, and monitoring -- with complete guides explaining when and why to use each approach.
What's Inside
| Directory | Description |
|---|---|
kong/ | Declarative Kong configs: services, routes, plugins, consumers, upstreams |
aws/ | OpenAPI spec with API Gateway extensions, usage plans, Lambda authorizer |
src/ | Custom Python reverse proxy gateway with pluggable middleware pipeline |
configs/ | Dev and production gateway configurations |
guides/ | Deep-dive guides on rate limiting, auth patterns, and gateway comparison |
tests/ | Unit tests for the rate limiter implementation |
Features
- Kong declarative configs for DB-less mode: services, routes, JWT auth, rate limiting, request/response transformation, health checks, CORS
- AWS API Gateway OpenAPI spec with
x-amazon-apigateway-*extensions, Lambda authorizer (stdlib Python), and tiered usage plans - Custom Python gateway built on
http.serverwith token bucket rate limiting, API key auth, request/response transforms -- zero external dependencies - 3 rate limiting strategies: per-IP, per-consumer, and tiered plans with route-specific overrides
- JWT authentication: HMAC-SHA256 token creation, verification, and RBAC (role-based access control)
- Comparison guide: Kong vs AWS API Gateway vs custom, with cost estimates, feature matrix, and migration paths
Quick Start
Custom Python Gateway
The custom gateway requires only Python 3.10+ (no pip packages).
# Start with demo configuration (proxies to public test API)
cd api-gateway-patterns
python -m src
# Or with a config file
python -m src --config configs/gateway-dev.json
# Test it
curl http://127.0.0.1:8080/api/posts
curl http://127.0.0.1:8080/api/posts/1
Run the Rate Limiter Demo
python src/rate_limiter.py
# Shows token bucket behavior: burst, depletion, refill
Run the Lambda Authorizer Locally
python aws/lambda-authorizer.py
# Creates test JWTs and validates them through the authorizer
Run Tests
*... continues with setup instructions, usage examples, and more.*
📄 Code Sample .py preview
src/__main__.py
"""
Entry point for the custom API gateway.
Usage:
python -m src
python -m src --host 0.0.0.0 --port 8080
python -m src --config configs/gateway-dev.yaml
"""
from __future__ import annotations
import argparse
import json
import logging
import sys
from pathlib import Path
from .gateway import GatewayServer, GatewayConfig, Route
logging.basicConfig(
level=logging.INFO,
format="%(asctime)s [%(levelname)s] %(name)s: %(message)s",
datefmt="%Y-%m-%d %H:%M:%S",
)
logger = logging.getLogger("gateway.main")
def _load_yaml_ish_config(path: str) -> dict:
"""Load a simplified YAML-like config file.
Since we're stdlib-only, this parses our gateway config files which
use a JSON-compatible subset. For real YAML support, install PyYAML.
The config files in configs/ are designed to be valid JSON with
comments stripped.
Args:
path: Path to the config file.
Returns:
Parsed configuration dictionary.
"""
config_path = Path(path)
if not config_path.exists():
logger.error("Config file not found: %s", path)
sys.exit(1)
text = config_path.read_text(encoding="utf-8")
# Strip single-line comments (lines starting with # or //)
# ... 185 more lines ...