You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Google Cloud API Gateway is a fully managed service that enables you to create, secure, monitor, and manage APIs for serverless backends. It acts as a front door for your Cloud Functions, Cloud Run services, and App Engine applications, providing authentication, rate limiting, and monitoring without any changes to your backend code.
API Gateway sits between your API consumers (mobile apps, web clients, partner integrations) and your backend services. It handles cross-cutting concerns — authentication, authorisation, rate limiting, request validation, and monitoring — so your backend code can focus on business logic.
| Feature | Description |
|---|---|
| OpenAPI specification | Define your API using OpenAPI 2.0 (Swagger) |
| Authentication | API keys, Firebase Auth, Google ID tokens, Auth0, Okta |
| Rate limiting | Throttle requests per consumer |
| Monitoring | Automatic Cloud Logging and Cloud Monitoring integration |
| Fully managed | No infrastructure to provision or manage |
| Multi-backend | Route to Cloud Functions, Cloud Run, App Engine, or any HTTP endpoint |
API Gateway uses three core resources:
| Resource | Description |
|---|---|
| API | A logical grouping representing your API |
| API Config | An immutable deployment of an OpenAPI specification |
| Gateway | A runtime instance that serves traffic using an API Config |
The flow is: define your API in an OpenAPI spec, create an API Config from the spec, and deploy a Gateway that uses the config.
You define your API's endpoints, methods, request/response schemas, and backend mappings in an OpenAPI 2.0 specification file.
# openapi.yaml
swagger: "2.0"
info:
title: "My API"
version: "1.0.0"
host: "my-api-gateway-abc123.ew.gateway.dev"
schemes:
- "https"
paths:
/users:
get:
summary: "List users"
operationId: "listUsers"
x-google-backend:
address: "https://my-users-service-xyz.run.app/users"
security:
- api_key: []
responses:
"200":
description: "Success"
/orders:
post:
summary: "Create order"
operationId: "createOrder"
x-google-backend:
address: "https://europe-west2-my-project.cloudfunctions.net/createOrder"
security:
- google_id_token: []
responses:
"201":
description: "Created"
securityDefinitions:
api_key:
type: "apiKey"
name: "x-api-key"
in: "header"
google_id_token:
authorizationUrl: ""
flow: "implicit"
type: "oauth2"
x-google-issuer: "https://accounts.google.com"
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v3/certs"
The x-google-backend extension tells API Gateway where to route requests. It maps each path/method combination to a specific backend service.
# Step 1: Create the API
gcloud api-gateway apis create my-api \
--project=my-project
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.