Reputation: 103
How to whitelist IP addresses in Amazon HTTP API Gateway (v2)?
I am using Amazon HTTP API gateway (v2- which is announced in Dec 2019). Is there any way I can whitelist certain set of IP address which can access this? I know we can achieve this using resource policies in case of REST API Gateway, but can't find any way to do this for HTTP API gateway. There is no "resource policy" option available for HTTP APIs.
Upvotes: 7
Views: 7125
Answers (2)
Reputation: 1926
Unfortunately, you cannot directly do it in the API gateway (for HTTP APIs), unfortunately. However, you can put an elastic load balancer(EBL) in between and do your filtering in EBL. Or like @Jaakkonen suggested you can use lambda authorizers. Of course, there are also trade-offs for both cases. If you use lambda authorizers, it will consume your lambda concurrency for example. So, choose wisely :)
You can also check the following link for comparisons between HTTP and REST API. https://aws.amazon.com/blogs/compute/building-better-apis-http-apis-now-generally-available/
Upvotes: 0
Reputation: 651
As you said for Amazon REST API Gateway there are resource policies that can have whitelisting/blacklisting rules based on client IP addresses, example.
HTTP API Gateway does not have a concept of resource policies and it is not possible to whitelist IP addresses with those. However there are Lambda authorizers for that you can use to implement such logic yourself.
Upvotes: 5
Related Questions
- AWS API Gateway: limit requests from a single IP
- IP Whitelisting
- Whitelist IP of AWS API Gateway API endpoint in company's firewall
- Adding IP whitelisting security to API gateway
- How to whitelist certain IP addresses to grant access to EC2 instances?
- Deny response from API Gateway when IP address is not whitelisted
- AWS: how to allow Lambda to call IP whitelisted API Gateway?
- API Gateway whitelist certain IP
- Reject request in AWS API Gateway for certain IP
- Limiting public api gateway to specific IP