To make the most of this tutorial series, create a Serverless Framework PRO account for free
Combining API Gateway with Lambda is perhaps the most common and useful pairing of event and code that you can get. API Gateway is in essence, a way for you to create a publicly available endpoints that can handle a fair number of requests per second, 10,000 per second per endpoint, by default.
If you have already built web applications yourself using some of the more popular MVC style frameworks, you will be familiar with the concept of having to manage routes. Routes in an application is the configuration of URL paths to actual code that has to execute that path. Well, that is what API Gateway does for you, but API Gateway is more than just a glorified HTTP router. It offers a lot of other very useful features.
For one, you can either have your endpoints be standard HTTP endpoints for a REST API, or you can create a WebSocket endpoint so that you can send data back and forth between the front-end and back-end.
You may also need some way to authenticate users and then authorize their API calls from that point on to make sure that you just can only do what they're allowed to. API Gateway allows you to configure ways of handling these authorizations. Once a user has some form of authentication token by passing the request to an authorizer Lambda and waiting for an alarm response before sending the request to the actual Lambda. Very convenient.
And there are a lot more we will see as well, such as being able to specify the expected schema for POST requests, API keys, throttling of requests, and more.
Validating user JWTs