Hello,
I’ve created an API Gateway with a GET method that requires IAM_AUTH to authenticate. My request is not signed, and I was expecting it fail with an authentication error, but it still passes.
Am I missing something? Maybe misconfiguration my side?
I can see in the resource explorer that the API was indeed created with AWS_IAM as the authorization type.
This is the code I’m using to create the api gateway -
async function createApiGateway(endpoint: string): Promise<string> {
// Create API
const createApiResponse = await apiGatewayClient.send(
new CreateRestApiCommand({
name: 'MyIAMAuthenticatedAPI',
})
);
const apiId = createApiResponse.id;
const resources = await apiGatewayClient.send(
new GetResourcesCommand({
restApiId: apiId,
})
);
const rootResourceId = resources.items![0].id;
const createResourceResponse = await apiGatewayClient.send(
new CreateResourceCommand({
restApiId: apiId,
parentId: rootResourceId,
pathPart: endpoint,
})
);
const resourceId = createResourceResponse.id;
await apiGatewayClient.send(
new PutMethodCommand({
restApiId: apiId,
resourceId: resourceId,
httpMethod: 'GET',
authorizationType: 'AWS_IAM',
})
);
await apiGatewayClient.send(
new PutIntegrationCommand({
restApiId: apiId,
resourceId: resourceId,
httpMethod: 'GET',
type: 'MOCK',
requestTemplates: {
'application/json': '{"statusCode": 200}',
},
})
);
await apiGatewayClient.send(
new PutMethodResponseCommand({
restApiId: apiId,
resourceId: resourceId,
httpMethod: 'GET',
statusCode: '200',
responseModels: {
'application/json': 'Empty',
},
})
);
await apiGatewayClient.send(
new PutIntegrationResponseCommand({
restApiId: apiId,
resourceId: resourceId,
httpMethod: 'GET',
statusCode: '200',
responseTemplates: {
'application/json': '{"message": "Success"}',
},
})
);
await apiGatewayClient.send(
new CreateDeploymentCommand({
restApiId: apiId,
stageName: 'prod',
})
);
return `https://${apiId}.execute-api.localhost.localstack.cloud:4566/prod`;
}
Thank you