如何使用自定义域名映射来阻止HTTP并仅允许AWS API Gateway的HTTPS [英] How to block HTTP and allows only HTTPS for AWS API Gateway with custom domain name map

问题描述

我在AWS API网关中添加了具有自定义域名映射的证书，但是它会自动允许HTTP，如何阻止普通HTTP而仅允许HTTPS?

I've added certificate with custom domain name map in AWS API gateway but it allows HTTP automatically, how can I block normal HTTP and only allows HTTPS?

推荐答案

所有API网关API都带有CloudFront发行版.这些CloudFront发行版(无论是像您一样的自定义域还是默认的* .execute-api发行版)都配置为

All API Gateway APIs are fronted with a CloudFront distribution. Each of these CloudFront distributions (whether it's a Custom Domain like yours or the default *.execute-api distribution) is configured to redirect all HTTP requests to HTTPS. Although CloudFront has the option to strictly require HTTPS and return 403 on HTTP requests we currently don't expose this option for simplicity.

如果您觉得您有使用HTTPS的有效用例，而无需重定向，请打开支持通知单，团队可以评估您的请求.

If you feel you have valid use case for requiring HTTPS without a redirect please open a support ticket and the team can evaluate your request.

这篇关于如何使用自定义域名映射来阻止HTTP并仅允许AWS API Gateway的HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！