1 Answer
- Newest
- Most votes
- Most comments
2
You can only have a single authorizer on every endpoint. If you need more than one, you will need to use a Lambda authorizer to verify both.
In addition to the authorizer you can specify a resource policy, include WAF and use mutual TLS. All pf these apply to all endpoints and they are evaluated in addition to the authorizer.
answered a year ago
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 2 years ago
All true, expect HTTP APIs do not support WAF nor resource policies.