Comments (6)
I am using javascript sdk in mobile app development.
from api-gateway-secure-pet-store.
We do not recommend using API keys for security. API keys are used primarily to meter API access. You should rely on some form of stronger authentication such as Sigv4 or an Oauth flow with custom authorizers. The pet store example uses Sigv4.
from api-gateway-secure-pet-store.
Hi
I have api gateway /auth endpoint which talks to my lamda function written in java which generates temporary credentials .
My question is that during Developement i use profile credential provider, so if depolyed what credential provider lamda function will use?how do i set env variable / property file or .aws file to provide credentials?
Thanks in advance
sirfak
from api-gateway-secure-pet-store.
The "profile" for the Lambda function is based on the execution role you've configured for the function itself. From the Lambda console you can see the name of the execution role, use the IAM console to modify the access policy for the role and configure which services the Lambda function is allowed to communicate with
from api-gateway-secure-pet-store.
If my java lamda function has code for eg
AWSSecurityTokenServiceClient sts_client = new AWSSecurityTokenServiceClient();
Which is suppose to read credendtials from profile/environment/property as required in the credential provider chain during local developement(sirfak profile user for eg)
If i have understood your point, the api key and access key during lamda execution will be read from the execution role defined in lambda console and not for sirak user profile (the dev user) ?
from api-gateway-secure-pet-store.
correct
from api-gateway-secure-pet-store.
Related Issues (20)
- Swagger on windows HOT 1
- Generated SDKs contains duplicate models which refers the same object in the API definition HOT 2
- What is the meaning "Copy and paste the same access policy we generated for the invocation role" HOT 2
- "errorMessage": "null (Service: AmazonDynamoDBv2; Status Code: 400; Error Code: AccessDeniedException; Request ID: HOT 4
- The request signature we calculated does not match the signature you provided ? HOT 3
- Web UI
- Podfile format has changed
- Trying to build ios_sample in Xcode fails
- Documentation needs to be updated to use direct swagger entry rather than deprecated "swagger import tool".
- Custom Authorizer HOT 1
- Unable to get response from aws api gateway HOT 1
- Can you post the mapping template used in integration request? HOT 1
- Cognito Auth_Role must include lambda:InvokeFunction
- iOS Sample App - unrecognized selector - AWSSignatureV4Signer
- Testing Secured endpoints with API-Gateway / Postman is not clear HOT 3
- Problem with Trust Policy file HOT 1
- API Gateway and HTML Web pages
- How to make an API only be accessed by an android app?
- PetTest iOS App: After logging in, screen hangs showing spinning "Loading pet list". HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api-gateway-secure-pet-store.