堆栈内存溢出
  简体   繁体   English

AWS API 网关方法使用 AWS_IAM 进行身份验证

[英]AWS API Gateway Method Authentication using AWS_IAM

 原文  2021-01-28 08:31:09       amazon-web-services/ api/ aws-api-gateway/ amazon-iam

问题描述

I've created an API Gateway and added AWS_IAM for Authorization.我创建了一个 API 网关并添加了 AWS_IAM 进行授权。 I've launched an EC2 instance with the below role attached,我已经启动了一个附有以下角色的 EC2 实例,

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "execute-api:Invoke"
            ],
            "Resource": [
                "arn:aws:execute-api:ap-south-1:123456789123:abcd12345/*/*/myresource"
            ]
        }
    ]
}

When I tried to do CURL to my API gateway endpoint, the request failed with 403 and message "Missing Authentication Token".当我尝试对我的 API 网关端点执行 CURL 时,请求失败并显示 403 和消息“缺少身份验证令牌”。

Is it not possible to use role with IAM authorization in API Gateway?不能在 API 网关中使用具有 IAM 授权的角色吗?

1 个解决方案

解决方案1
 0  2021-01-28 08:37:39

It is possible, but regular curl does not create a signed request with AWS credentials .这是可能的,但常规curl不会使用 AWS 凭证创建签名请求 You need to contract such signature and call your API endpoint with that signature.您需要签订此类签名并使用该签名调用您的 API 端点。

If you work with python you can do this using aws-requests-auth on your instance.如果您使用 python,您可以在您的实例上使用aws-requests-auth来执行此操作。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用 AWS_IAM 向 AWS WebSocket API 网关授权请求 - Authorise Request to AWS WebSocket API Gateway using AWS_IAM AWS Amplify API 网关 cors 使用授权方后出现错误:aws_iam - AWS Amplify API Gateway cors error after using authorizer: aws_iam AWS_IAM安全API网关Lambda代理上的InvalidQueryStringException - InvalidQueryStringException on AWS_IAM secured API Gateway Lambda Proxy 将SNS消息发布到AWS_IAM认证的Api网关端点 - Posting SNS messages to AWS_IAM authenticated Api Gateway endpoint 使用来自 REST 客户端 Postman 的 AWS_IAM 和 API 密钥验证 AWS API 网关 - Authenticate AWS API gateway with AWS_IAM and API key from REST client Postman 使用AWS_IAM身份验证(AWS API GATEWAY)将查询字符串传递到http端点 - Passing querystring to http endpoint with AWS_IAM auth (AWS API GATEWAY) 如何通过HTTP代理将AWS_IAM凭据映射到AWS的API网关中的实际HTTP端点? - How to MAP AWS_IAM Credentials via HTTP Proxy to Actual HTTP EndPoint in API Gateway of AWS? API_CONFIGURATION_ERROR 为 AWS::Serverless::Api 使用 AWS_IAM 授权器时 - API_CONFIGURATION_ERROR when using AWS_IAM authorizer for AWS::Serverless::Api 对AWS_IAM Secured API端点的首次调用始终是未经授权的 - First call to AWS_IAM Secured API endpoint is always unauthorized 如何从执行角色有权这样做的 AWS Lambda 调用 AWS_IAM 授权的 API 网关终端节点? - How do I call an AWS_IAM authorized API Gateway endpoint from AWS Lambda who's execution role has permission to do so?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM