How can I secure my Amazon API Gateway WebSocket API?
1 minute read
0
I want to secure my Amazon API Gateway WebSocket API.
Short description
Use Amazon API Gateway to control and manage access to WebSocket APIs through AWS Identity and Access Management (IAM) authorization or the AWS Lambda REQUEST authorizer function.
Resolution
IAM authorization
For WebSocket APIs, make sure that your routes use an ARN in the following format:
You can't use path variables (event.pathParameters) with Lambda authorizer functions for WebSocket APIs because the path is fixed. Make sure that the methodArn ends with "$connect" in the following format: