Reputation: 1634
Ip whitelisting in AWS proxy API gateway using SAM template
Im trying to create a ip whitelist to allow access to the APi gateway. I need to do it using the sam template. Could not find any documentation regarding this. Can anyone please point me out to anything related ?
Thanks
Upvotes: 2
Views: 2238
Answers (2)
Reputation: 471
The real problem isn't about white listing using AWS SAM template, but rather how do you do it all. Once you finalise a method in general, it can be generalised into a template. I personally think creating a separate VPC for your API gateway should be a good solution. Or you could block traffic from within your application logic or AWS WAF.
EDIT : Therefore, No I don't think it could be done just via a SAM template for API gateway resource.
Upvotes: 2
Reputation: 16037
You can use AWS_IAM as your Authorization for your endpoint.
You can then create an IAM Policy like this which allows you to specify the IP Address.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"execute-api:Invoke"
],
"Condition": {
"IpAddress": {
"aws:SourceIp": "xxx.xx.xx.xx/32"
}
},
"Resource": "arn:aws:execute-api:*:*:*"
}
]
}
Article: http://benfoster.io/blog/aws-api-gateway-ip-restrictions
Upvotes: 3
Related Questions
- Serverless Whitelist IP in AWS Gateway using existing policy
- How to whitelist IP addresses in Amazon HTTP API Gateway (v2)?
- Adding IP whitelisting security to API gateway
- AWS Lambda: How do I connect to a service that uses IP whitelisting from AWS Lambda?
- Using serverless deployment, how do I restrict access to one AWS Lambda to a subset of IP addresses
- AWS: how to allow Lambda to call IP whitelisted API Gateway?
- AWS SAM Template: Create proxy via AWS::Serverless::Api
- Serverless whitelist different IPs to different functions
- API Gateway whitelist certain IP
- Create an API Gateway Proxy Resource using SAM