1 Answer
- Newest
- Most votes
- Most comments
0
There's some very good information in this blog post about controlling access to API Gateway.
In this case, I'd look at a Lambda Authorizer for your API - something that can check the identity of the caller and whether they are authorized to use the API which in this case would be whether they are a valid subscriber or not. Note that you want the authorizer to be as low-latency as possible so it might be valuable to store a valid list of current subscribers in a key-value store like DynamoDB.
Relevant content
- asked 8 months ago
- Accepted Answerasked a year ago
- Accepted Answerasked 9 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago