Make use of authenfication in API Gateway #269
Comments
|
I think we have no choices but using Lambda auth in API gatweay to do this |
|
api gateway should use a lambda to check the auth before running (so only quezel_x user can launch a quelzal_x lambda function) |
|
Lambda auth for cognito cannot work as only the header in passed. As we want to check that the request body match the Auth. we connot use that. My solution is a Auth step in each Step function. Calling a lambda function that get pass the Auth token and the payload. and check that the token has the correct access for the S3 bucket for this given model. This auth lambda function should be added as the first step of each Step function definition. |
|
could pass the header to the step function (instead of providing it in the body). but this would make the auth step necessary as the event object would have body and head keys https://kennbrodhagen.net/2015/12/02/how-to-access-http-headers-using-aws-api-gateway-and-lambda/ |
Use cognito auth to interact with api gateway.
The text was updated successfully, but these errors were encountered: