- Newest
- Most votes
- Most comments
Yes, it's possible to use IAM authorization with a custom domain in AWS API Gateway. You can set up a custom domain name for your API using API Gateway and then configure IAM authorization for your HTTP API routes. The custom domain will act as a front-end to your API Gateway endpoint, and the IAM authorization will still be enforced before requests reach the underlying API.
To activate AWS Identity and Access Management (IAM) authentication for access to my Amazon API Gateway (API Gateway) REST API, Turn on IAM authentication for an API method in the API Gateway console. Then, use IAM policies and resource policies to designate permissions for your API's users. Please refer to this link for more details on how to set it up.
To know how to setup custom domain names for REST APIs, refer to this link.
Now, when a request hits your custom domain, API Gateway will first check IAM permissions before allowing access to the underlying API. It will use custom domain name as host for signing the request. This setup ensures secure access to your HTTP API with IAM authentication through the custom domain.
Relevant content
- asked a year ago
- asked a year ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- How do I use an interface VPC endpoint to access an API Gateway private REST API in another account?AWS OFFICIALUpdated a year ago