API Authentication and Authorization

Explore the key concepts of API authentication and authorization within AWS API Gateway. Understand how to validate client identity with Lambda authorizers and AWS Cognito to secure API requests. This lesson covers security best practices, the AWS shared responsibility model, and practical implementation examples to help you control access effectively.

We'll cover the following...

Security in AWS
Shared responsibility model
Security in API Gateway
- AWS Lambda authorizer
- Example
AWS console
AWS Cognito

Security in AWS

Security is the primary requirement for any meaningful application, especially for applications deployed in the cloud. Amazon’s API Gateway provides a range of features to help secure the APIs hosted in the AWS cloud.

Security consists of two components, namely authentication and authorization.

Authentication involves ensuring that the API client is indeed what it claims to be. Once we ascertain this, authorization ensures that the client should be allowed to do what they’re trying to do. Both are equally important when we work with API gateway. First, we must ensure that the client is genuine. The task doesn’t end there. We should also ensure that the client is authorized to do what they’re trying to do.

Consider an airport as an example. When someone wants to use the airport, security checks for the person's identity based on a national identity card and the tickets. The identity card ...

1.Introduction to API Gateway

2.API Gateway: High Level View

Cloud Lab

3.API Gateway: Basic Configurations

4.Data Mapping Deep Dive

Cloud Lab

5.Websocket Deep Dive

6.AWS Service Integration Deep Dive

Cloud Lab

7.Appendix

Assessment

Mini Project

Cloud Lab

API Authentication and Authorization

Security in AWS