Which solution will meet these requirements?
Use the Amazon CloudWatch Synthetics canary functionality to call the API and check the responses and duration of the request.
Use a custom health check in the API that queries hosts to check the duration of the request.
Implement a custom AWS Lambda function with an Amazon EventBridge event to periodically call the API and check the responses and duration of the request.
Use the built-in API Gateway metrics to monitor the average duration of the API response.
Explanations:
Amazon CloudWatch Synthetics canaries are specifically designed to monitor the health of web applications, including APIs, by proactively testing responses and latencies. This is ideal for ensuring the API performs well and for detecting vulnerabilities or unauthorized changes.
A custom health check within the API would not be ideal for monitoring external services or unauthorized changes. It would only check for the internal health of the API, which doesn’t address security or vulnerabilities.
While a custom Lambda function could periodically call the API, it wouldn’t be as effective as CloudWatch Synthetics for proactive monitoring and doesn’t have the built-in capabilities for security checks or monitoring vulnerabilities in APIs and URLs.
API Gateway metrics focus on basic performance metrics, such as duration and request count. However, they do not provide proactive monitoring for vulnerabilities or unauthorized changes, nor do they perform regular health checks in the same way Synthetics does.