How to create IP-protected endpoints with API Gateway and Lambda
▻https://hackernoon.com/how-to-create-ip-protected-endpoints-with-api-gateway-and-lambda-41db007
If you haven’t been paying close attention you might have missed the API Gateway announcement for resource policies. It later played a key role in supporting API Gateway private endpoints — a way to put your API inside a private VPC.To configure resource policies with the Serverless framework, you need to upgrade to v1.28.0 or later. If you want to restrict access to the GET /index.html endpoint to the IP 217.128.123.174, you need the following.provider: name: #aws runtime: nodejs8.10 resourcePolicy: - Effect: Allow Principal: "" Action: execute-api:Invoke Resource: - execute-api://GET/index.html Condition: IpAddress: aws:SourceIp: - 217.128.123.174Nice and easy!There are a couple of things to note:You can (...)