1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
Hi.
Sounds like this is a classic case of an unauthenticated API. I wouldn't bother using an Identity Pool, as you say anyone could extract the information from you webpage and submit a massive amount of responses anyway. I would make sure to setup a rate limit and throttling to avoid an easy flooding. Make sure to use AWS WAF to block the most common attacks and set a rate limit. Make sure you setup CloudWatch alarms to detect a flood of responses, basically detecting a flooding attack. Create automation to "shut down" the API in case of the alarm going off. That is how I would solve it.
Hope that helps!
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Jahren