cloud-api "Restrict API access to signed-in users=No" does not reflect on API Getaway

[yuyokk]

Hi guys,

On my project I have one cloud-api component that requires authorization.

Whenever I'm trying to create a second cloud-api component with Restrict API access to signed-in users set to No

however on the API Getaway console it is still shown as 'Authorization AWS_IAM'

Can someone please help me figure out what I'm doing wrong here? Eventually I need two cloud-api components - one with protected endpoints, and the other one with no auth required.

Thank you for any tips on this!

[elorzafe]

Hi @yuyokk

Api restriction for signed-in users means that when you have sign-in enabled on your project you can restrict the api that only users that are logged-in can use that endpoint on the other case (not restricted) users that aren't logged-in (unauthenticated with guest credentials) can also use the api.

AWS_IAM authorization is used by authenticated and unauthenticated user (aws credentials)

Create a non protected endpoint (without aws credentials) currently is not possible using the cli (I can set that issue as a feature request), but meanwhile you can modify on API Gateway the Authorization method.

For this, select ANY method (under the path you want to modify e.g. /{proxy+}) then on right click on Method request and change Authorization to None. Finally click on Actions button, select Deploy API and on deployment stage choose "development" and click Deploy.

If you have any problems with this please let me know.

[yuyokk]

Create a non protected endpoint (without aws credentials) currently is not possible using the cli (I can set that issue as a feature request), but meanwhile you can modify on API Gateway the Authorization method.

@elorzafe thanks for clarifications!

[swaminator]

@yuyokk: We added the functionality in the Mobile Hub console to provide public endpoint access. Can you check to see if its working for you?

[yuyokk]

@swaminator I just tested on my project and it works for me. Thanks!