apigateway websocket using posttoconnection in client side


hello, I'm trying to use apigateway websocket in chat room. Is it okay to use following usecase?

  1. join room .
  2. get user's connectionids in chat room from lambda.
  3. send messages to users in chat room directly, using posttoconnection in client side.

I know I can do this, but I was curious about security perspective. Is it okay to give users(I'm using cognito identity role) IAM policy of execute-api:manageconnection directly?

I would actually avoid using api gateway for websocket purposes as it gets very tricky and manual to set itu p. You need lambda functions, dynamodb to store sessions etc..

I would suggest to take inspiration from serverlessspresso workshop: https://workshop.serverlesscoffee.com/0-introduction/1-overview.html which leverage IOT Core which may be more resilient and better as choice.

Hope it helps ;)

beantwortet vor 2 Jahren

It does not seem like the right approach. You should send the message to the server and have a Lambda function to send it to the other participant.

beantwortet vor 2 Jahren

