By using AWS re:Post, you agree to the Terms of Use

How to disable default endpoint in AWS appsync


I have created a custom domain for appsync api and now I want to disable the default endpoint. Is there any work around to disable it?

1 Answers
Accepted Answer

Hi, @sgupta07

Unfortunately, AppSync doesn't have the ability to disable the default endpoint like API Gateway does.

I came up with an alternative. (But not perfect)

You can assign AWS WAF ACLs to AppSync.
Using this mechanism, you can block access by directly specifying the default domain by blocking if the "host" header is not a custom domain in the WAF rule.

profile picture
answered 3 months ago
  • Thank you @iwasa. This solution seems to to block the default endpoint. Why do you think it's not perfect?

  • Cases controlled by the host header can also be called by requesting the default endpoint by sending a custom domain in the host header at the time of request.

  • @iwasa. I'm sorry for asking again. Is there any way we can make the host header secure? So that default endpoint can't be accessed.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions