如何打开对AWS API Gateway资源的匿名访问 [英] How to open anonymous access to AWS API Gateway resource

问题描述

我通过AWS Gateway Service公开了许多lambda函数，例如:

I have a number of lambda functions exposed via the AWS Gateway Service as such:

- /some-resource
    GET
    POST
    OPTIONS
- /some-other-resource
    GET
    POST
    OPTIONS
- /some-public-resource
    GET
    OPTIONS

资源由访问令牌保护.但是，我想允许匿名访问/some-public-resource资源，以便可以在不需要任何身份验证的情况下对其进行访问.

The resources are secured with Access Tokens. However, I would like to allow anonymous access to the /some-public-resource resource, so that it can be accessed without requiring any authentication.

我试图在IAM中为该资源的ARN创建策略(尽管我不确定我是否正确设置了网关API资源ARN，因为我找不到有关如何设置该值的任何文档)，但是，我如果没有访问令牌，仍然无法访问该端点.

I have tried to create a policy in IAM for that resource's ARN (although I am not sure that I got the Gateway API Resource ARN correct as I couldn't find any documentation on how to set this value), however, I am still unable to access that end-point without an access token.

有人知道我是否需要采取额外的步骤，或者我做错了什么?

Does anyone have an idea of whether or not there is an additional step I need to take, or if there is something else I have done wrong?

推荐答案

您可以按照以下步骤从控制台禁用任何授权和API密钥要求:

此步骤必须应用于资源/some-public-resource中的整个方法集(POST，PATCH，DELETE等).

This step must be applied to the whole set of methods (POST, PATCH, DELETE, and so on) in your resource /some-public-resource.

点击方法请求链接(invokeworker2 = some-public-resource)

然后，禁用授权和必需的API密钥

就像我说的那样，您需要为资源/some-public-resource中的每种方法执行此操作.

Like I said, you need to do that for every method in your resource /some-public-resource.

现在，您的资源/some-public-resource已打开，并且客户端无需传递任何令牌即可进行授权.

Now, your resource /some-public-resource is open and clients won't need to pass any tokens for authorization.

这篇关于如何打开对AWS API Gateway资源的匿名访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！