How does authentication/authoriation work with multi region api in a DNS fail-over scenario?

0

I want to set up a multi region api with DNS-fail over setting , by setting up health checks. I plan to set up api key for my api endpoint. say, if i create api gateway resource in two regions us-east-1 and us-west-1, with api key. i assume it will create different api keys for my api in each region. so if request comes into an api hosted in us-east-1 with a particular api key, and if us-east-1 fails and then request is routed to us-west , it should fail because the api key are different?

preguntada hace 2 años215 visualizaciones
1 Respuesta
1
Respuesta aceptada

You have the option to either have API Gateway generate API keys for you or you have the option to import API keys. If you use the import option, you can ensure that the same API Keys are used for a particular client for both your regional API Gateway end-points.

Look at the "Import API Keys" section in https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-setup-api-key-with-console.html#api-gateway-usage-pan-import-apikey

As a side note, you should not use API Keys for Authentication and Authorization. API Keys are only meant for implementing Usage Plans for clients.

You can use mechanisms such as Cognito User Pools, Cognito Identity Pools, Lambda Authorizers etc. for Authentication and Authorization in API Gateway

profile pictureAWS
EXPERTO
respondido hace 2 años
profile pictureAWS
EXPERTO
revisado hace 2 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas