AWS Compute Blog
Category: Security
Protecting your API using Amazon API Gateway and AWS WAF — Part 2
This post courtesy of Heitor Lessa, AWS Specialist Solutions Architect – Serverless In Part 1 of this blog, we described how to protect your API provided by Amazon API Gateway using AWS WAF. In this blog, we show how to use API keys between an Amazon CloudFront distribution and API Gateway to secure access to […]
Centralizing security with Amazon API Gateway and cross-account AWS Lambda authorizers
This post courtesy of Diego Natali, AWS Solutions Architect Customers often have multiple teams working on APIs. They might have separate teams working on individual API functionality, and another handling secure access control. You can now use an AWS Lambda function from a different AWS account as your API integration backend. Cross-account Lambda authorizers allow […]
Control access to your APIs using Amazon API Gateway resource policies
This post courtesy of Tapodipta Ghosh, AWS Solutions Architect Amazon API Gateway provides you with a simple, flexible, secure, and fully managed service that lets you focus on building core business services. API Gateway supports multiple mechanisms of access control using AWS Identity and Access Management (IAM), AWS Lambda authorizers, and Amazon Cognito. You may […]
Extending Amazon Linux 2 with EPEL and Let’s Encrypt
This post courtesy of Jeff Levine Solutions Architect for Amazon Web Services Amazon Linux 2 is the next generation of Amazon Linux, a Linux server operating system from Amazon Web Services (AWS). Amazon Linux 2 offers a high-performance Linux environment suitable for organizations of all sizes. It supports applications ranging from small websites to enterprise-class, […]
Sharing Secrets with AWS Lambda Using AWS Systems Manager Parameter Store
This post courtesy of Roberto Iturralde, Sr. Application Developer- AWS Professional Services Application architects are faced with key decisions throughout the process of designing and implementing their systems. One decision common to nearly all solutions is how to manage the storage and access rights of application configuration. Shared configuration should be stored centrally and securely with […]