Skip to content

Further Development

When creating the production API based off this PoC, we will need to implement the following changes:

  1. Authentication Improvements: Cognito integration with our existing services creates security concerns that need to be addressed. We should consider moving to IAM authentication for better control and security.
  2. Route 53 and Domain Management: We need to implement Route 53 and a domain name for our API.
  3. API Gateway Auto Deployment: We need to remember to tweak the terraform configuration to enable auto deployment of the API Gateway. This can be done using the triggers block in the API Gateway resource definition.
  4. WAF IP Set Management: We need to implement a process for managing the WAF IP set, including adding and removing developer IPs as needed. This should include an automated periodic flush.
  5. Monitoring and Logging: We need to set up proper monitoring and logging for our API Gateway and Lambda functions to ensure we can track usage and troubleshoot issues effectively.
  6. Testing and Validation: We need to implement testing and validation for our API endpoints to ensure they function as expected and handle errors gracefully. This includes unit tests for code changes and integration tests for the API endpoints.