Friday, 24 January 2025

AWS policy to restrict ips to AWS Gateway API

Here is a sample policy. Only ips in the list will allow to call that API

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Condition": {
                "IpAddress": {
                    "aws:SourceIp": [
                        "223.333.923.28/32",
                        "162.222.229.139/32"
                    ]
                }
            },
            "Action": [
                "execute-api:Invoke"
            ],
            "Resource": [
                "arn:aws:execute-api:us-west-1:112334444444:1wertttt/*/POST/v1/bill",
                "arn:aws:execute-api:us-west-1:112334444444:1wertttt/*/GET/vi/bill/*"
            ],
            "Effect": "Allow"
        }
    ]
}
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)