apigateway websocket using posttoconnection in client side


hello, I'm trying to use apigateway websocket in chat room. Is it okay to use following usecase?

  1. join room .
  2. get user's connectionids in chat room from lambda.
  3. send messages to users in chat room directly, using posttoconnection in client side.

I know I can do this, but I was curious about security perspective. Is it okay to give users(I'm using cognito identity role) IAM policy of execute-api:manageconnection directly?

2 Answers
Accepted Answer


I would actually avoid using api gateway for websocket purposes as it gets very tricky and manual to set itu p. You need lambda functions, dynamodb to store sessions etc..

I would suggest to take inspiration from serverlessspresso workshop: https://workshop.serverlesscoffee.com/0-introduction/1-overview.html which leverage IOT Core which may be more resilient and better as choice.

Hope it helps ;)

profile picture
answered a year ago

It does not seem like the right approach. You should send the message to the server and have a Lambda function to send it to the other participant.

profile pictureAWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions