Skip to content
hands-on lab

Secure API Gateway Endpoints with Custom Authorizers

Intermediate
1h 30m
7,443
4.4/5
Start lab
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.
Lab description

Lab Overview

Amazon API Gateway offers several native authorization mechanisms, such as managed API keys, IAM Roles, and custom authorizers. API Keys (with the help of Usage Plans) can help manage custom throttling and quotas for your API consumers. IAM is a good choice when your consumers require access to AWS resources and you need to manage permissions on a per-user basis. However, custom authorizers give you much more flexibility. With custom authorizers, you can implement any 3rd-party integration and generate very granular authorization policies.

In this Lab, we will learn how to implement a custom authorizer in AWS Lambda to secure your API Gateway Resources.

Lab Objectives

Upon completion of this Lab you will be able to:

  • Understand API Gateway request authorization
  • Explain the advantages of using custom authorizers in API Gateway
  • Create Lambda functions to implement custom authorizers using AWS Lambda blueprints
  • Test custom authorizers using methods appropriate at each stage of deployment

Lab Prerequisites

You should be familiar with:

  • AWS Lambda basics
  • API Gateway basics

The following content can be used to fulfill the prerequisites: 

Updates

January 25th, 2024 - Updated to latest Node.js version

October 25th, 2023 - Updated the instructions and screenshots to reflect the latest UI

December 1st, 2022 - Updated the instructions and screenshots to reflect the latest UI

May 12th, 2022 - Updated lab to utilize a Cloud Academy-hosted Linux command-line interface

November 17th, 2021 - Fixed the link to the lambda function complete code listing

January 22nd, 2021 - Updated AWS Lambda lab steps to reflect the latest user interface updates

January 10th, 2019 - Added a validation Lab Step to check the work you perform in the Lab

Nov. 15th, 2018 - Lab completely updated including easier-to-follow instructions, screenshots to match the latest experience, and removal of security warnings in the AWS Console.

Environment before
Environment after
About the author
Avatar
Alex Casalboni, opens in a new tab
Sr. Software Engineer
Students
14,522
Labs
4

Alex is an Italian Software Engineer with a great passion for web technologies and music.

He spent the last 5 years building web products and deepening his knowledge on full-stack web development and software design, with a main focus on frontend and UX.

Despite being a passionate coder, Alex worked hard on his software and sound engineering background, which provides him the tools to deal with multimedia, signal processing, machine learning, AI, and many interesting topics related to math and data science.

Indeed, he had the opportunity to study and live in a very young and motivating environment in Bologna and Milan, two of the biggest and oldest Italian Universities. These experiences lead him to work on several projects involving robotics, machine intelligence, music semantic analysis and modern web development.

Covered topics
Serverless
Identity and Access Management
Security
Compute
Amazon Web Services
Security for AWS
Compute for AWS
AWS Lambda
Lab steps
Logging In to the Amazon Web Services Console
Custom Authorizer Use Cases
Creating a Simple API Gateway Endpoint
Implementing Authorization Logic in Lambda
Creating a new Custom Authorizer
Enabling the API Gateway Custom Authorizer
Testing the Secured Endpoint