问题
I have a number of lambda functions exposed via the AWS Gateway Service as such:
- /some-resource
GET
POST
OPTIONS
- /some-other-resource
GET
POST
OPTIONS
- /some-public-resource
GET
OPTIONS
The resources are secured with Access Tokens. However, I would like to allow anonymous access to the /some-public-resource resource, so that it can be accessed without requiring any authentication.
I have tried to create a policy in IAM for that resource's ARN (although I am not sure that I got the Gateway API Resource ARN correct as I couldn't find any documentation on how to set this value), however, I am still unable to access that end-point without an access token.
Does anyone have an idea of whether or not there is an additional step I need to take, or if there is something else I have done wrong?
回答1:
You could disable any authorization and API key requirement from the console as follow:
This step must be applied to the whole set of methods (POST, PATCH, DELETE, and so on) in your resource /some-public-resource.
Click on Method Request link (invokeworker2 = some-public-resource)
Then, disable Authorization and API key Required
Like I said, you need to do that for every method in your resource /some-public-resource.
Now, your resource /some-public-resource is open and clients won't need to pass any tokens for authorization.
来源:https://stackoverflow.com/questions/48250369/how-to-open-anonymous-access-to-aws-api-gateway-resource