1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
Hi.
Sounds like this is a classic case of an unauthenticated API. I wouldn't bother using an Identity Pool, as you say anyone could extract the information from you webpage and submit a massive amount of responses anyway. I would make sure to setup a rate limit and throttling to avoid an easy flooding. Make sure to use AWS WAF to block the most common attacks and set a rate limit. Make sure you setup CloudWatch alarms to detect a flood of responses, basically detecting a flooding attack. Create automation to "shut down" the API in case of the alarm going off. That is how I would solve it.
Hope that helps!
Contenus pertinents
- demandé il y a un an
- demandé il y a 2 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an