How API Gateways Enable Serverless Architecture

API7.ai

June 5, 2025

API Gateway Guide

Introduction

Serverless architecture has revolutionized the way developers build and deploy applications, eliminating server management overhead and allowing on-demand scalability. However, integrating serverless functions with external clients and legacy systems poses challenges in terms of routing, security, observability, and authentication.

This is where API gateways become essential.

In this article, we will explore how API gateways such as Apache APISIX, Kong, and AWS API Gateway support serverless architectures. We’ll focus on practical implementations, including native support for OpenWhisk and AWS Lambda, and provide configuration examples and architecture diagrams.

Why Use an API Gateway in Serverless Architectures?

Key Benefits:

  • Unified Entry Point: Standardizes HTTP access to serverless functions.
  • Security Layer: Adds authentication, rate limiting, and IP filtering.
  • Routing & Composition: Enables function composition and API orchestration.
  • Logging & Monitoring: Integrates with observability tools.
  • Versioning and Canary Deployments: Routes traffic to different versions of functions.

Serverless Integrations in API Gateways

1. Apache APISIX + OpenWhisk (Native Plugin)

Apache APISIX provides a built-in openwhisk plugin that integrates directly with OpenWhisk's REST API, allowing users to route HTTP requests to OpenWhisk functions.

🔧 Plugin Configuration Example

{
  "uri": "/invoke",
  "plugins": {
    "openwhisk": {
      "service_token": "demo:abc123xyz456",
      "host": "openwhisk.example.com",
      "action": "demo/hello",
      "api_path": "/api/v1",
      "https": true
    }
  },
  "upstream": {
    "type": "roundrobin",
    "nodes": {
      "127.0.0.1:1980": 1
    }
  }
}

This configuration allows APISIX to authenticate and invoke the demo/hello action hosted on the OpenWhisk platform.

✅ Advantages

  • Secure token-based invocation
  • Native REST compatibility
  • Works with other APISIX plugins (auth, rate-limit, etc.)

2. Apache APISIX + AWS Lambda (Native Plugin)

Apache APISIX also includes a native aws-lambda plugin that simplifies the invocation of AWS Lambda functions.

🔧 Plugin Configuration Example

{
  "uri": "/lambda",
  "plugins": {
    "aws-lambda": {
      "function_uri": "arn:aws:lambda:us-east-1:123456789012:function:helloWorld",
      "aws_region": "us-east-1",
      "access_key": "YOUR_AWS_ACCESS_KEY",
      "secret_key": "YOUR_AWS_SECRET_KEY",
      "invocation_type": "RequestResponse"
    }
  },
  "upstream": {
    "type": "roundrobin",
    "nodes": {
      "lambda.us-east-1.amazonaws.com:443": 1
    }
  }
}

🔒 Make sure to secure your access keys and rotate them regularly.

✅ Advantages

  • No need to implement SigV4 signing yourself
  • Supports sync and async invocation
  • Fully integrated with APISIX’s plugin ecosystem

3. Kong Gateway + AWS Lambda

Kong provides a serverless plugin to invoke AWS Lambda functions directly. It requires AWS credentials and a function name.

Kong Plugin Configuration (YAML):

- plugins:
name: aws-lambda
config:
  aws_key: YOUR_AWS_KEY
  aws_secret: YOUR_AWS_SECRET
  aws_region: us-east-1
  function_name: helloWorld
  invocation_type: RequestResponse

API Gateway with OpenWhisk

sequenceDiagram
    participant Client
    participant APISIX
    participant OpenWhisk
    Client->>APISIX: HTTP Request /invoke
    APISIX->>OpenWhisk: REST call with service_token
    OpenWhisk-->>APISIX: JSON response
    APISIX-->>Client: HTTP Response

API Gateway with AWS Lambda

sequenceDiagram
    participant Client
    participant APISIX
    participant AWS Lambda
    Client->>APISIX: HTTP Request /lambda
    APISIX->>AWS Lambda: Invoke Function (aws-lambda plugin)
    AWS Lambda-->>APISIX: Response
    APISIX-->>Client: HTTP 200 OK

Real-World Use Cases

  • IoT Backend: Devices send data to HTTP endpoints, routed to Lambda or OpenWhisk.
  • ML Inference Gateway: API gateway exposes functions running ML models.
  • API Aggregation Layer: Aggregate multiple serverless functions into one HTTP call.
  • Event Transformation: Process and transform incoming events before passing to cloud functions.

Best Practices

  • Use authentication plugins (e.g., key-auth, jwt) to protect your serverless functions.
  • Enable rate limiting to avoid excessive invocation costs.
  • Implement observability plugins (e.g., prometheus, skywalking) for monitoring.
  • Prefer native plugins (openwhisk, aws-lambda) over custom proxy setups for maintainability.
  • Separate routing logic from business logic for better modularity.

Conclusion

API gateways play a crucial role in enabling serverless architectures by acting as the secure, observable, and performant entry point to your serverless workloads. Apache APISIX offers native integration with both OpenWhisk and AWS Lambda, eliminating the need for custom upstream configurations.

Whether you're building microservices, APIs, or real-time systems, combining an API gateway with serverless functions provides scalability, efficiency, and rapid iteration capabilities.

For production-ready deployments, always include security, rate limiting, and observability in your gateway configuration.

Next Steps

Stay tuned for our upcoming column on the API gateway Guide, where you'll find the latest updates and insights!

Eager to deepen your knowledge about API gateways? Follow our Linkedin for valuable insights delivered straight to your inbox!

If you have any questions or need further assistance, feel free to contact API7 Experts.