1 Answer
- Newest
- Most votes
- Most comments
2
If the API of your customer rely on IAM, Lambda Custom authorizer or Cognito authentication, your customer won't be charged for all unauthenticated requests (known at DDos layer 7 attack): https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-pricing.html
Calling methods with the authorization type of AWS_IAM, CUSTOM, and COGNITO_USER_POOLS are not charged for authorization and authentication failures.
So the answer is YES there is DDos protection cost coverage.
And this protection apply too to "low level" DDos attack like SYN floods (see FAQ section "How can I address or prevent API threats or abuse?")
Relevant content
- Accepted Answerasked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago