5/25/2023 0 Comments Aws waf api gatewayIf I could assign an IAM User (or role?) to the Cloudfront distro, I could use APIG IAM feature, but I don't see how this can be done.I was hoping to be able to use the 'Origin Access Identities' similar as for S3, but don't see how to do that.Now to make the solution secure rather than just obscure, I want to enforce that the APIs can only be accessed through the Cloudfront distro. It's a bit of a shame, especially since APIG now supports custom domains natively, but it should work. I want to put WAF in front of API Gateway, and with the (little) info I find that is only possible by manually putting an extra Cloudfront distribution with WAF enabled, in front of APIG.
0 Comments
Leave a Reply. |