Secure API Gateway endpoints with Custom Authorizers

The hands-on lab is part of these learning paths

Developer – Associate Certification Preparation for AWS - June 2018

course-steps 25 certification 4 lab-steps 22 description 2

Serverless Computing on AWS for Developers

course-steps 11 certification 1 lab-steps 8

Getting Started with Serverless Computing on AWS

course-steps 7 certification 1 lab-steps 9

Lab Steps

Logging in to the Amazon Web Services Console
Custom Authorizer Use Cases
Create a simple API Gateway endpoint
Implement authorization logic in Lambda
Create a new Custom Authorizer
Test the secured endpoint

Ready for the real environment experience?

Duration1h 30m


How to secure API Gateway Resources with custom authorization logic

Amazon API Gateway offers several native authorization mechanisms, such as managed API keys, IAM Roles, and custom authorizers.

API Keys (with the help of Usage Plans) can help manage custom throttling and quota for your API consumers. IAM is a good choice when your consumers require access to AWS resources and you need to manage permissions on a per-user basis. However, Custom Authorizers give you much more flexibility. With Custom Authorizers you can implement any 3rd-party integration and generate very granular authorization policies.

In this Lab, we will learn how to implement a Custom Authorizer in AWS Lambda to secure your API Gateway Resources.


Do you have questions about this Lab? Contact our cloud experts by sending an email to

About the Author

Alex is an Italian Software Engineer with a great passion for web technologies and music.

He spent the last 5 years building web products and deepening his knowledge on full stack web development and software design, with a main focus on frontend and UX.

Despite being a passionate coder, Alex worked hard on his software and sound engineering background, which provides him the tools to deal with multimedia, signal processing, machine learning, AI and many interesting topics related to math and data science.

Indeed, he had the opportunity to study and live in a very young and motivating environment in Bologna and Milan, two of the biggest and oldest Italian Universities. These experiences lead him to work on several projects involving robotics, machine intelligence, music semantic analysis and modern web development.

Alex is currently a Senior Software Engineer at Cloud Academy, a position that gave him the possibility to discover the Cloud world and exploit its potential as a web developer and data scientist.