Menu
I'm new to AWS and would like to deploy a microservice on Amazon Web Services. The function code shall be in AWS Lambda and this functions shall be triggered through AWS API Gateway.
My lambda functions itself are protected via authorization. Furthermore, the number of authorised requests are within the free tier.
Now my questions:
Thanks
426
Can unauthorized attacks to Amazon API Gateway let the costs explode?
Yes. This can happen.
Can I prevent my Amazon API Gateway from such attacks?
You can use a web application firewall to reduce these malicious attacks using AWS WAF.
Can I set a costs limit and shut the API off, in case of too high bills?
You can enable throttling so that very high peaks of traffic will be throttled for API Gateway reducing Cost Peaks (The negative side of this is that it affects the quality of service for real users). However, if you need to implement shutting down the API based on request rate, it's not directly supported with API Gateway. You need to do a custom implementation for this.
Are intentionally API attacks common?
I haven't seen much attacks for the APIs I deployed so far. Having said that it can be very subjective based on the nature of your business & etc. However, I have seen Bot based invocations more often. When you are using AWS WAF you can implement a Honey Pot easily to prevent these. Example code is available in AWS Labs in Github for Bad Bot Blocking to connect with WAF.
93
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
