best way to secure public api-gateway?

0

Weird questing I know. Im new to AWS so please bear with me.

I am currently looking after a static website not hosted on AWS. I have made a api-gateway and lambda function to work as a token-hider for the cms api.

I only want the website to have access to the api-gateway not anyone else. The website does not have users or authentication which is why i though setting a authorizor on the gateway would be overkill.

I have currently set a resource policy to only allow certain a IP is this the best way to do it?

Edited by: enddev on Apr 29, 2020 8:41 AM
removed characters

1개 답변
1

I set resource policy to whitelist an IP and added API key.

enddev
답변함 4년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠