如何开启对 AWS API Gateway 资源的匿名访问 [英] How to open anonymous access to AWS API Gateway resource

问题描述

我有许多通过 AWS 网关服务公开的 lambda 函数，例如:

I have a number of lambda functions exposed via the AWS Gateway Service as such:

- /some-resource
    GET
    POST
    OPTIONS
- /some-other-resource
    GET
    POST
    OPTIONS
- /some-public-resource
    GET
    OPTIONS

资源由访问令牌保护.但是，我希望允许匿名访问 /some-public-resource 资源，以便无需任何身份验证即可访问它.

The resources are secured with Access Tokens. However, I would like to allow anonymous access to the /some-public-resource resource, so that it can be accessed without requiring any authentication.

我已尝试在 IAM 中为该资源的 ARN 创建策略(尽管我不确定网关 API 资源 ARN 是否正确，因为我找不到有关如何设置此值的任何文档)，但是，我如果没有访问令牌，我仍然无法访问该端点.

I have tried to create a policy in IAM for that resource's ARN (although I am not sure that I got the Gateway API Resource ARN correct as I couldn't find any documentation on how to set this value), however, I am still unable to access that end-point without an access token.

有没有人知道我是否需要采取额外的步骤，或者我是否做错了什么?

Does anyone have an idea of whether or not there is an additional step I need to take, or if there is something else I have done wrong?

推荐答案

您可以从控制台禁用任何授权和 API 密钥要求，如下所示:

此步骤必须应用于您的资源 /some-public-resource 中的整套方法(POST、PATCH、DELETE 等).

This step must be applied to the whole set of methods (POST, PATCH, DELETE, and so on) in your resource /some-public-resource.

点击方法请求链接(invokeworker2 = some-public-resource)

然后，禁用授权和需要的API密钥

就像我说的，你需要为资源/some-public-resource中的每个方法都这样做.

Like I said, you need to do that for every method in your resource /some-public-resource.

现在，您的资源 /some-public-resource 是开放的，客户端无需传递任何令牌进行授权.

Now, your resource /some-public-resource is open and clients won't need to pass any tokens for authorization.

这篇关于如何开启对 AWS API Gateway 资源的匿名访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！