By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

protect http API GW when CF has S3 as origin

0

Hi team,

Is it possible to prevent users to hit directly my HTTP API GW if my HTTP GW doesn't support WAF AND my CF distribution doesn't have a custom origin (that can support WAF), my CF origin is an S3 bucket.

so I don't have any way to prevent users hit directly HTTP API GW.

Topics
ComputeSecurity, Identity, & ComplianceServerlessFront-End Web & MobileNetworking & Content DeliveryMicroservices
Tags
Website ProvisioningAWS WAFAmazon API GatewayAmazon CloudFrontMicroservices
Language
English
Jess
asked 2 years ago231 views
1 Answer
-1

You can use Custom Headers with CloudFront and API Gateway to prevent hit the API directly.

https://wellarchitectedlabs.com/security/300_labs/300_multilayered_api_security_with_cognito_and_waf/3_prevent_requests_from_accessing_api_directly/

AWS
Marco
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content