Reputation: 881
How can I protect an AWS API Gateway endpoint that will be called by a Java application?
Here is what I've got:
- A Java application that lives outside of AWS.
- An AWS API Gateway endpoint that triggers a Node.js Lambda function.
Here is my question:
How can I protect the endpoint so that only my Java application can be authorized to call the AWS API Gateway endpoint?
Upvotes: 0
Views: 145
Answers (2)
Reputation: 1767
There are a number of ways to protect the API from unauthorized access, e.g. AWS Cognito, IAM roles, custom authorizers, resource policies. But they may appear an overkill for a simple use case (when just one application is authorized to access).
Consider API Keys granting access to your API endpoint - a simple way to control access to your API. Here is how to set it up.
Upvotes: 0
Reputation: 1923
You can protect your API from unauthorized access by Turning on the API authentication in your API Gateway & Granting the user access for your API to you IAM users.
AWS API GATEWAY RESOURCE EXPLAINING THE SAME
Upvotes: 2
Related Questions
- How to secure an HTTP based API Gateway in AWS
- How to authenticate requests in AWS API Gateway securely with a web app
- AWS Lambda, AWS API Gateway and Securing REST endpoints
- Secure Amazon Gateway API to only be accessable from content in S3 bucket
- How to protect AWS API gateway URL from unauthorized access?
- How to protect AWS API gateway endpoint from DDos attack?
- How to protect non-production API Gateway endpoints?
- How to secure the APIGateway generated URL?
- Secure AWS API Gateway with Lambda Integration
- AWS API Gateway security