Webinar: Get Hands-On With ServerlessRegister now

Amazon API Gateway with Resource Policy

API Gateway REST API

Create a REST API Gateway with a Resource Policy for access control

This pattern deploys an Amazon API Gateway REST API endpoint that uses a Resource Policy for access control.
The Resource Policy explicitly blacklists a list of IP ranges and also explicitly whitelists another list of IP ranges.
If allowed by the Resource Policy, API Gateway will forward the request to a Lambda function which will output the received event object.

< Back to all patterns
Language:
Node.js
Framework:
AWS SAM

GitHub icon Download this pattern (.zip)

GitHub icon View this pattern on GitHub

Launch Stack

Clone repo

git clone https://github.com/aws-samples/serverless-patterns/cd serverless-patterns/apigw-resource-policy

Deploy

sam deploy --guided

Testing

See the GitHub repo for detailed testing instructions.

Cleanup

1. Delete the stack: sam delete --stack-name STACK_NAME.
2. Confirm the stack has been deleted: aws cloudformation list-stacks --query "StackSummaries[?contains(StackName,'STACK_NAME')].StackStatus"

Additional resources

Created by:

Albert Blaya

Albert Blaya

Albert is a Solutions Architect at Amazon Web Services based in Australia.

Follow on LinkedIn