Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

API Gateway Attack Protection

1

A customer would like to know what protection he has from DDoS on regional API Gateway public endpoints? Would the customer be charged for those requests and additional caching?

Thank you

Temas
Sin servidorWeb y móvil front-endRedes y entrega de contenido
Etiquetas
Amazon API Gateway
Idioma
English
AWS
AWS-User-9539786
preguntada hace 5 años650 visualizaciones
1 Respuesta
1
Respuesta aceptada

If the API of your customer rely on IAM, Lambda Custom authorizer or Cognito authentication, your customer won't be charged for all unauthenticated requests (known at DDos layer 7 attack): https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-pricing.html

Calling methods with the authorization type of AWS_IAM, CUSTOM, and COGNITO_USER_POOLS are not charged for authorization and authentication failures.

So the answer is YES there is DDos protection cost coverage.

And this protection apply too to "low level" DDos attack like SYN floods (see FAQ section "How can I address or prevent API threats or abuse?")

MODERADOR
AWS-User-5642233
respondido hace 5 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante