Menu
Recently I have been working with AWS API gateway where I created an API and protected it with API key and Cognito (OAuth).
One day I found that my API has been accessed 10K times which failed because of attacker didn't had the access to it.
My question is : Does Amazon charge for such api calls which are unauthorized? If they charge then how to protect it. As I understand even if I put WAF in front it my API url will still be exposed ....
Any help is appreciated...
815
You can protect your API using strategies like generating SSL certificates, configuring a web application firewall, setting throttling targets, and only allowing access to your API from a Virtual Private Cloud (VPC).
Using an access control framework, such as OAuth, you control the list of APIs that each specific API key can access. To prevent a massive amount of API requests that can cause a DDoS attack or other misuse of the API service, apply a limit to the number of requests in a given time interval for each API.
AWS Shield and AWS Shield Advanced.
If you protect your endpoint with the following authorization types: AWS_IAM, CUSTOM, and COGNITO_USER_POOLS, API Gateway will not be charged for failed requests. Please reference the Pricing Documentation. Also reference Secure AWS API Gateway with Lambda Integration
54
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
