protect http API GW when CF has S3 as origin

Hi team,

Is it possible to prevent users to hit directly my HTTP API GW if my HTTP GW doesn't support WAF AND my CF distribution doesn't have a custom origin (that can support WAF), my CF origin is an S3 bucket.

so I don't have any way to prevent users hit directly HTTP API GW.

主题

计算安全、身份和合规性无服务器前端 Web 和移动网络和内容交付微服务

标签

网站配置 AWS WAF 亚马逊 API 网关 Amazon CloudFront 微服务

语言

English

Jess

已提问 2 年前237 查看次数

1 回答

最新
投票最多
评论最多

You can use Custom Headers with CloudFront and API Gateway to prevent hit the API directly.

https://wellarchitectedlabs.com/security/300_labs/300_multilayered_api_security_with_cognito_and_waf/3_prevent_requests_from_accessing_api_directly/

Marco

已回答 2 年前

protect http API GW when CF has S3 as origin

相关内容