Reputation: 176
Is it possible to mix IAM authorization and an API key with AWS API Gateway?
I've got an AWS Lambda function that I want to expose in two ways:
- to end users signed up to my webapp (using AWS Cognito User Pool)
- to external business customers, via an API key
I'm wondering if I can use an API Gateway with two different auth methods, potentially using different resources (=paths) for the two cases, with a schema like this:
API Gateway
|
| --- /getResponse
| | --- Method: GET // authorize with IAM
| --- /getResponseExternal
| | --- Method: GET // authorize with API Key
Is this possible at all? Or would I be better off just implementing two different API Gateways that both integrate the same Lambda function?
Upvotes: 0
Views: 745
Answers (1)
Reputation: 609
Yes, this is possible. Each resource in API Gateway has two separate configurations: "Authorization" (via Lambda or Cognito) and "API Key Required"
You could ask for both in a single request, if you wanted to. My only suggestion to your layout would be to have two separate APIs, although this is not necessary, I find it easier to logically separate APIs by their end consumer (users vs business), but thats just my two cents!
Upvotes: 1
Related Questions
- Is IAM Authentication to API Gateway via Cloudfront possible?
- Authorize AWS API Gateway with either API Key or Authorizer
- Authenticate AWS API gateway with AWS_IAM and API key from REST client Postman
- API gateway how to pass AWS IAM authorization from rest client
- Provide AWS account ids access to API Gateway
- Use API key pairs for users for API gateway
- Using Api keys with AWS API Gateway
- How to control access of resources in amazon api gateway through API Keys
- Accessing AWS API Gateway from an EC2 using IAM authorization (NodeJS)
- aws api gateway enable api_key for authentication