Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

two way SSL using AWS API Gateway

Tags:

aws-api-gateway

api-gateway

Can we use Two Way SSL feature using AWS API Gateway ? We want to use API Gateway as proxy for kinesis in our real-time streaming application.

Below is my requirement

The client make request to apigateway and apigateway needs to put the data in kinesis streams.

The only way to authenticate the clients is using two way SSL. our clients doesnt support other options.

Currently on-premise F5 loadbalancer does this work for us and we have tomcats running behind F5 placing data into kinesis.

Will i be able to achieve the same using API Gateway ? looks like even aws ELB seems to be not supporting this option.

I have taken a look at below link but this to authenticate API Gateway at server not apigateway authenticating the client.

https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html

Regards Kalyan

like image 738
kalyan chakravarthy Avatar asked Jun 01 '18 19:06

kalyan chakravarthy

People also ask

Does AWS API gateway use HTTPS?

In Amazon API Gateway, you can proxy requests to backend HTTP/HTTPS resources running in your Amazon VPC by setting up Private Integrations using VPC Links.

Does AWS API gateway terminate TLS?

If you mean specifically AWS API Gateway, TLS termination will always happen at the gateway, since it only provides a TLS endpoint. It works as an proxy that only handles incoming HTTPS connections. You don't have the option to pass the incoming HTTPS call directly across the proxy.

Which types of AWS certificate can be attached to API gateway?

You can now configure custom domains for your APIs on Amazon API Gateway using SSL/TLS certificates provisioned and managed by AWS Certificate Manager (ACM).

Does API gateway do SSL termination?

SSL terminationSecure Socket Layer (SSL) connections can be terminated at the load balancer or API Gateway level. These options are described as follows: SSL connection is terminated at load balancer: The SSL certificate and associated private key are deployed on the load balancer, and not on the API Gateway.

1 Answers

API Gateway can authenticate itself to your back-end with TLS, as you have found, but it does not work in the opposite direction -- it does not support authenticating clients with TLS.

like image 152
Michael - sqlbot Avatar answered Dec 31 '22 15:12

Michael - sqlbot
Sign in to Comment

Related questions

API gateway and DynamoDB integration - SerializationException
API gateway in front of application load balancer?
AWS Lambda Dev Workflow
API Gateway HTTP Proxy integration with aws-sam (NOT Lambda Proxy)
How to add a request validator in a AWS SAM template for AWS::Serverless::Api?
Acces variable in JSONPath API Gateway Body Mapping
How to create a stage in API Gateway with enabled cloudwatch metrics using terraform?
How to fetch GET and POST params inside a AWS Lambda Function
Asynchronous HTTP request in AWS Lambda
aws cloudfront api endpoint responding with Forbidden(403)
Trace full-request / response bodies in AWS ApiGateway (not truncated)
AWS API Gateway: API Key Limit
How to manage client certificates for mutual TLS to be used within AWS Lambda
AWS api gateway setting custom domain
AJAX POST with CORS to API Gateway does not work, although can POST with CURL
Disabling security for one method resource endpoint in API Gateway via AWS SAM template
Associate AWS WAFv2 web acl to ApiGatewayV2
AWS API Gateway: How to aggregate results?
AWS CloudFormation/API Gateway gives 'Invalid Resource identifier specified'
What should be service api for aws_api_gateway_integration with firehose in terraform

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!