如何开启对 AWS API Gateway 资源的匿名访问 [英] How to open anonymous access to AWS API Gateway resource
问题描述
我有许多通过 AWS 网关服务公开的 lambda 函数,例如:
I have a number of lambda functions exposed via the AWS Gateway Service as such:
- /some-resource
GET
POST
OPTIONS
- /some-other-resource
GET
POST
OPTIONS
- /some-public-resource
GET
OPTIONS
资源由访问令牌保护.但是,我希望允许匿名访问 /some-public-resource
资源,以便无需任何身份验证即可访问它.
The resources are secured with Access Tokens. However, I would like to allow anonymous access to the /some-public-resource
resource, so that it can be accessed without requiring any authentication.
我已尝试在 IAM 中为该资源的 ARN 创建策略(尽管我不确定网关 API 资源 ARN 是否正确,因为我找不到有关如何设置此值的任何文档),但是,我如果没有访问令牌,我仍然无法访问该端点.
I have tried to create a policy in IAM for that resource's ARN (although I am not sure that I got the Gateway API Resource ARN correct as I couldn't find any documentation on how to set this value), however, I am still unable to access that end-point without an access token.
有没有人知道我是否需要采取额外的步骤,或者我是否做错了什么?
Does anyone have an idea of whether or not there is an additional step I need to take, or if there is something else I have done wrong?
推荐答案
您可以从控制台禁用任何授权和 API 密钥要求,如下所示:
此步骤必须应用于您的资源 /some-public-resource
中的整套方法(POST、PATCH、DELETE 等).
This step must be applied to the whole set of methods (POST, PATCH, DELETE, and so on) in your resource /some-public-resource
.
点击方法请求链接(invokeworker2
= some-public-resource
)
然后,禁用授权和需要的API密钥
就像我说的,你需要为资源/some-public-resource
中的每个方法都这样做.
Like I said, you need to do that for every method in your resource /some-public-resource
.
现在,您的资源 /some-public-resource
是开放的,客户端无需传递任何令牌进行授权.
Now, your resource /some-public-resource
is open and clients won't need to pass any tokens for authorization.
这篇关于如何开启对 AWS API Gateway 资源的匿名访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!