Open azindg opened 4 years ago
lukehoban
commented
4 years ago The currently supported authorization methods for API Gateway are documented here: https://www.pulumi.com/docs/guides/crosswalk/aws/api-gateway/#controlling-and-managing-access-to-apis
Is there an authorization mode on the underlying api gateway that you do not see supported there yet?
azindg
commented
4 years ago I want to have an IAM authorization/permissions but couldn't find how to do that in documentation or code. Found this article describing what I'm trying to achieve for Serverless framework: https://dev.to/eoinsha/how-to-create-secure-internal-apis-on-aws-without-vpcs-5e08
Hello,
I need to host a web site that is accessible only by my lambda function. That function uses a headless chromium to render specific HTML+JS templates, so I need to have a real web server for those templates, not just a read permission to S3 objects.
It seems that a good general way to do private API (not limited to s3) is to use AuthorizationType "AWS_IAM" in an ApiGateway Method. As far as I understand there is currently no way to specify authorization in awsx.apigateway.API routes. Is that is true? Would it be a good idea to add it?
Is there any way to deny public static s3 website access and left it only for lambda?
Thank you.