How to create internal APIs without VPC #32
Labels
kind/question
Questions about existing features
Comments
|
The currently supported authorization methods for API Gateway are documented here: https://www.pulumi.com/docs/guides/crosswalk/aws/api-gateway/#controlling-and-managing-access-to-apis Is there an authorization mode on the underlying api gateway that you do not see supported there yet? |
|
I want to have an IAM authorization/permissions but couldn't find how to do that in documentation or code. Found this article describing what I'm trying to achieve for Serverless framework: https://dev.to/eoinsha/how-to-create-secure-internal-apis-on-aws-without-vpcs-5e08 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
I need to host a web site that is accessible only by my lambda function. That function uses a headless chromium to render specific HTML+JS templates, so I need to have a real web server for those templates, not just a read permission to S3 objects.
It seems that a good general way to do private API (not limited to s3) is to use AuthorizationType "AWS_IAM" in an ApiGateway Method. As far as I understand there is currently no way to specify authorization in awsx.apigateway.API routes. Is that is true? Would it be a good idea to add it?
Is there any way to deny public static s3 website access and left it only for lambda?
Thank you.
The text was updated successfully, but these errors were encountered: