Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to open anonymous access to AWS API Gateway resource

Tags:

amazon-web-services

aws-api-gateway

amazon-iam

I have a number of lambda functions exposed via the AWS Gateway Service as such:

- /some-resource
    GET
    POST
    OPTIONS
- /some-other-resource
    GET
    POST
    OPTIONS
- /some-public-resource
    GET
    OPTIONS

The resources are secured with Access Tokens. However, I would like to allow anonymous access to the /some-public-resource resource, so that it can be accessed without requiring any authentication.

I have tried to create a policy in IAM for that resource's ARN (although I am not sure that I got the Gateway API Resource ARN correct as I couldn't find any documentation on how to set this value), however, I am still unable to access that end-point without an access token.

Does anyone have an idea of whether or not there is an additional step I need to take, or if there is something else I have done wrong?

like image 612
ralfe Avatar asked Jan 14 '18 14:01

ralfe

People also ask

How do I access private API gateway?

You can access your private API using endpoint-specific DNS hostnames. These are public DNS hostnames containing the VPC endpoint ID or API ID for your private API. To use the Amazon Web Services Documentation, Javascript must be enabled.

How do I access API API gateway?

Sign in to the API Gateway console at https://console.aws.amazon.com/apigateway . Choose your API. Note your API's invoke URL. Copy your API's invoke URL, and enter it in a web browser.

How can Amazon API gateway be accessed?

Amazon API Gateway provides security using access keys to control API access. It works with AWS Identity and Access Management and Amazon Cognito to authorize access to APIs. The service also supports AWS Signature Version 4 as another security option; creating access keys for each API call.

1 Answers

You could disable any authorization and API key requirement from the console as follow:

This step must be applied to the whole set of methods (POST, PATCH, DELETE, and so on) in your resource /some-public-resource.

Click on Method Request link (invokeworker2 = some-public-resource)

enter image description here

Then, disable Authorization and API key Required

enter image description here

Like I said, you need to do that for every method in your resource /some-public-resource.

Now, your resource /some-public-resource is open and clients won't need to pass any tokens for authorization.

like image 132
Ele Avatar answered Oct 03 '22 16:10

Ele
Sign in to Comment

Related questions

AWS / ECS - Namespace error when creating new service
Why doesn't my API Gateway WebSocket send responses with custom domain name configured?
AWS offerings + Kubernetes - is there some cross over?
Problems when writing parquet with timestamps prior to 1900 in AWS Glue 3.0
How can I configure Auto Scaling with boto using scaling policies and metrics?
How to check if SSH connection was established with AWS instance
Attach existing EC2 instance to elastic beanstalk
AWS IAM policy for SQS
npm global install on elastic beanstalk
Is it possible with AWS AutoScaling to never terminate instances until a billable hour boundary?
Insert data in AWS Redshift via AWS Lambda
Where to run the copy command for Amazon Redshift
AWS CloudFormation not creating initial instance in Auto Scaling group
Docker Build can't find pip
Add streaming step to MR job in boto3 running on AWS EMR 5.0
S3 link with longer expiration
Restricting request origin for AWS Cognito User Pools javascript api
How can integrate Cognito Identity Pool with API Gateway?
AWS Cognito missing functions
Stream a multi-GB file to AWS S3 from ASP.NET Core Web API

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!