[英]How can I protect an AWS API Gateway endpoint that will be called by a Java application?
Here is what I've got: 这是我所拥有的:
Here is my question: 这是我的问题:
How can I protect the endpoint so that only my Java application can be authorized to call the AWS API Gateway endpoint? 如何保护终端节点,以便仅授权我的Java应用程序调用AWS API Gateway终端节点?
You can protect your API from unauthorized access by Turning on the API authentication in your API Gateway & Granting the user access for your API to you IAM users. 通过在API网关中打开API身份验证并向您的IAM用户授予对 API 的用户访问权限 ,可以保护API免受未经授权的访问。
There are a number of ways to protect the API from unauthorized access, eg AWS Cognito, IAM roles, custom authorizers, resource policies. 有多种方法可以保护API免受未经授权的访问,例如AWS Cognito,IAM角色,自定义授权者,资源策略。 But they may appear an overkill for a simple use case (when just one application is authorized to access).
但是对于一个简单的用例(仅授权一个应用程序访问),它们可能显得有些矫kill过正。
Consider API Keys granting access to your API endpoint - a simple way to control access to your API. 考虑使用API密钥来授予对API端点的访问权限-一种控制对API的访问的简单方法。 Here is how to set it up.
这是设置方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.