How to open anonymous access to AWS API Gateway resource

9
votes

I have a number of lambda functions exposed via the AWS Gateway Service as such:

- /some-resource
    GET
    POST
    OPTIONS
- /some-other-resource
    GET
    POST
    OPTIONS
- /some-public-resource
    GET
    OPTIONS

The resources are secured with Access Tokens. However, I would like to allow anonymous access to the /some-public-resource resource, so that it can be accessed without requiring any authentication.

I have tried to create a policy in IAM for that resource's ARN (although I am not sure that I got the Gateway API Resource ARN correct as I couldn't find any documentation on how to set this value), however, I am still unable to access that end-point without an access token.

Does anyone have an idea of whether or not there is an additional step I need to take, or if there is something else I have done wrong?

1
amazon-web-servicesaws-api-gatewayamazon-iam

1 Answers

7
votes

You could disable any authorization and API key requirement from the console as follow:

This step must be applied to the whole set of methods (POST, PATCH, DELETE, and so on) in your resource /some-public-resource.

Click on Method Request link (invokeworker2 = some-public-resource)

enter image description here

Then, disable Authorization and API key Required

enter image description here

Like I said, you need to do that for every method in your resource /some-public-resource.

Now, your resource /some-public-resource is open and clients won't need to pass any tokens for authorization.