API GateWayにAPIKey認証とIP制限を実装してみました。
SkyLightApi:
Properties:
ApiKeySourceType: HEADER
StageName: !Ref EnvName
Auth:
ApiKeyRequired: true
ResourcePolicy:
CustomStatements: [
{
"Effect": "Allow",
"Principal": "*",
},
{
"Effect": "Deny",
"Principal": "*",
"Condition": {
"NotIpAddress": {
}
}
}
]
SkyLightUsagePlan:
DependsOn:
- SkyLightApi
- SkyLightApiStage
Properties:
Description: Example usage plan to specify a monthly quota of 1000 requests and a rate of 100 requests per second.
ApiStages:
- ApiId: !Ref SkyLightApi
Stage: !Sub '${EnvName}'
UsagePlanName: "My Usage Plan"
SkyLightApiKey:
DependsOn:
- SkyLightApi
- SkyLightApiStage
Properties:
Enabled: true
StageKeys:
- RestApiId: !Ref SkyLightApi
StageName: !Ref EnvName
SkyLightUsagePlanKey:
DependsOn:
- SkyLightApiKey
- SkyLightUsagePlan
Properties:
KeyId: !Ref SkyLightApiKey
UsagePlanId: !Ref SkyLightUsagePlan