Weird questing I know. Im new to AWS so please bear with me.
I am currently looking after a static website not hosted on AWS. I have made a api-gateway and lambda function to work as a token-hider for the cms api.
I only want the website to have access to the api-gateway not anyone else. The website does not have users or authentication which is why i though setting a authorizor on the gateway would be overkill.
I have currently set a resource policy to only allow certain a IP is this the best way to do it?
Edited by: enddev on Apr 29, 2020 8:41 AM
removed characters