Amazon API security with API Keys about api-gateway-secure-pet-store HOT 6 OPEN

I am using javascript sdk in mobile app development.

from api-gateway-secure-pet-store.

We do not recommend using API keys for security. API keys are used primarily to meter API access. You should rely on some form of stronger authentication such as Sigv4 or an Oauth flow with custom authorizers. The pet store example uses Sigv4.

from api-gateway-secure-pet-store.

Hi
I have api gateway /auth endpoint which talks to my lamda function written in java which generates temporary credentials .

My question is that during Developement i use profile credential provider, so if depolyed what credential provider lamda function will use?how do i set env variable / property file or .aws file to provide credentials?
Thanks in advance
sirfak

from api-gateway-secure-pet-store.

The "profile" for the Lambda function is based on the execution role you've configured for the function itself. From the Lambda console you can see the name of the execution role, use the IAM console to modify the access policy for the role and configure which services the Lambda function is allowed to communicate with

from api-gateway-secure-pet-store.

If my java lamda function has code for eg
AWSSecurityTokenServiceClient sts_client = new AWSSecurityTokenServiceClient();
Which is suppose to read credendtials from profile/environment/property as required in the credential provider chain during local developement(sirfak profile user for eg)

If i have understood your point, the api key and access key during lamda execution will be read from the execution role defined in lambda console and not for sirak user profile (the dev user) ?

from api-gateway-secure-pet-store.

correct

from api-gateway-secure-pet-store.