问题描述

我有一个python微服务，很想连接到AWS API Gateway。 -问题是我已经研究了使两者安全的方法，但并未真正得出结论。

I have a python microservice which I would love to connect to AWS API Gateway. - The problem is that I have researched ways to make both secure, but not really came to a conclusion.

我碰到一个网站，说我应该使用SSL认证来 only 启用来自API网关的请求。

I came across a site saying I should use SSL Certifications to only enable requests from API Gateway.

有人可以启发我介绍客户端与API网关和API本身之间进行身份验证的最佳做法是什么吗？

Can someone enlighten me on what's the best practice for authentication between the client and API Gateway and the API itself?

推荐答案

有很多方法可以在客户端和API网关之间进行身份验证。没有最佳方法。

There are a very large number of ways to authenticate between the client and API Gateway. There is no "best" way.

要在API网关和后端服务器之间进行身份验证，请使用SSL身份验证，如下所述：

To authenticate between API gateway and the back-end servers, you would use SSL authentication as described here: http://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html

这篇关于Amazon（AWS）API网关-身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！