Lambda Authorizers to the Rescue
A typical story: You want to build on AWS API Gateway so that your applications have highly scalable and managed REST APIs. You need a front door for your users or other applications to interact with your application. You need to authenticate your API, so you go with the default “out of the box” option: AWS_IAM. Everything is quickly set up and the POC works fine. You are ready to onboard your first user/service. But wait…
AWS API Gateway is a super simple and intuitive managed service by AWS that can super charge your entire serverless ecosystem. It is the microservice front door. It has it all. REST, Websocket, authentication, validation, the works. However, always using the default authentication method for your api gateway methods/resources could possibly create more issues for your teams and applications than solutions. It might be simpler out of the box, but it can end up tightly coupling all of your microservices and increasing unnecessary toil for your entire environment. There must be a better way!
Whether your gamut of applications are same-account, cross-account, external to your company, etc., if you use the default way to secure your API’s on API Gateway each and every time, then…
