Secure API Gateway endpoints with Custom Authorizers


238 students completed the lab in ~54m

Total available time: 1h:30m

120 students rated this lab!

How to secure API Gateway Resources with custom authorization logic

Amazon API Gateway offers several native authorization mechanisms, such as managed API keys, IAM Roles, and custom authorizers.

API Keys (with the help of Usage Plans) can help manage custom throttling and quota for your API consumers. IAM is a good choice when your consumers require access to AWS resources and you need to manage permissions on a per-user basis. However, Custom Authorizers give you much more flexibility. With Custom Authorizers you can implement any 3rd-party integration and generate very granular authorization policies.

In this Lab, we will learn how to implement a Custom Authorizer in AWS Lambda to secure your API Gateway Resources.


Do you have questions about this Lab? Contact our cloud experts by sending an email to

Follow these steps to learn by building helpful cloud resources

Logging in to the Amazon Web Services Console

Your first step to start the Lab experience

Custom Authorizer Use Cases

When do you need custom authorizers for your API endpoints?

Create a simple API Gateway endpoint

Sample API Gateway resources backed by AWS Lambda.

Implement authorization logic in Lambda

AWS Lambda implementation of a custom authorization policy.

Create a new Custom Authorizer

Create a new authorizer and configure API Gateway resources to use it.

Test the secured endpoint

Verify that your endpoint is now secured and the auth policy is correct.