1

I have been following advice on this post I've created an API key on AWS and set my POST method to require an API key.

I have also setup a usage plan and linked that API key to it.

My API key is enabled

When I have been testing requests with postman, my request still goes through without any additional headers.

I was expecting no requests to go through unless I had included a header in my request like this "x-api-key":"my_api_key"

Do I need to change the endpoint I send requests to in postman for them to go through API Gateway?

2 Answers2

0

If you need to enable API key for each method then needs to be enabled API key required true for each method.

Go to resources--> select your resource and method, go to Method Request and set "API Key Required" to true.

enter image description here

enter image description here

enter image description here

vaquar khan
  • 10,864
  • 5
  • 72
  • 96
  • 1
    You make some good points, I don't find AWS docs very friendly, but I had already done that, I had to deploy my endpoint and use the `"invoke url"` instead –  Mar 29 '19 at 16:21
0

If you want, I've made the following script to enable the API key on every method for certain API. It requires the jq tool for advanced JSON parsing.

You can find the script to enable the API key for all methods of an API Gateway API on this gist.

#!/bin/bash

api_gateway_method_enable_api_key() {
  local api_id=$1
  local method_id=$2
  local method=$3
  aws --profile "$profile" --region "$region" \
    apigateway update-method \
    --rest-api-id "$api_id" \
    --resource-id "$method_id" \
    --http-method "$method" \
    --patch-operations op="replace",path="/apiKeyRequired",value="true"
}

# change this to 1 in order to execute the update
do_update=0

profile=your_profile
region=us-east-1
id=your_api_id
tmp_file="/tmp/list_of_endpoint_and_methods.json"

aws --profile $profile --region $region \
  apigateway get-resources \
  --rest-api-id $id \
  --query 'items[?resourceMethods].{p:path,id:id,m:resourceMethods}' >"$tmp_file"

while read -r line; do
  path=$(jq -r '.p' <<<"$line")
  method_id=$(jq -r '.id' <<<"$line")
  echo "$path"

  # do not update OPTIONS method
  for method in GET POST PUT DELETE; do
    has_method=$(jq -r ".m.$method" <<<"$line")
    if [ "$has_method" != "null" ]; then
      if [ $do_update -eq 1 ]; then
        api_gateway_method_enable_api_key "$id" "$method_id" "$method"
        echo "  $method method changed"
      else
        echo "  $method method will be changed"
      fi
    fi
  done

done <<<"$(jq -c '.[]' "$tmp_file")"
lmiguelmh
  • 3,074
  • 1
  • 37
  • 53