2 個答案
- 最新
- 最多得票
- 最多評論
0
When you enable WAF for API Gateway, WAF is not located in front of the Gateway but rather on the side, i.e., the request is always received by API Gateway, if WAS is enabled, API Gateway sends the request to WAF and based on the result it decides if to continue processing the request and send it to the backend integration or send an error message back to the client.
It will look like this (forgive my drawing capabilities):
Client -> API Gateway -> Backend
| ^
V |
WAF
0
I'm not quite sure if there can be filtering enabled for logs with APIGW, but with WAF you can do filtering. In the sense that you can only logs BLOCK requests. You can also do redaction of HTTP Requests Headers that you may deem sensitive to be stored such as auth headers, etc.
已回答 2 年前
相關內容
- 已提問 6 個月前
- AWS 官方已更新 7 個月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前