AWS apigateway documentation change
Summary
Added guidance to update policies when attaching authorizers to new methods with caching
Security assessment
Warns about potential authorization inconsistencies when expanding API methods with cached policies, improving security documentation without referencing a specific vulnerability
Diff
diff --git a/apigateway/latest/developerguide/configure-api-gateway-lambda-authorization.md b/apigateway/latest/developerguide/configure-api-gateway-lambda-authorization.md index 700b720df..31a307f62 100644 --- a//apigateway/latest/developerguide/configure-api-gateway-lambda-authorization.md +++ b//apigateway/latest/developerguide/configure-api-gateway-lambda-authorization.md @@ -174 +174 @@ After your create your Lambda authorizer, you can test it. The following [test-i -After you configure your Lambda authorizer, you must attach it to a method for your API. +After you configure your Lambda authorizer, you must attach it to a method for your API. If your authorizer uses authorization caching, make sure you update the policy to control access for the additional method. @@ -199 +199 @@ After you configure your Lambda authorizer, you must attach it to a method for y -After you configure your Lambda authorizer, you must attach it to a method for your API. You can create a new method or use a patch operation to attach an authorizer to an existing method. +After you configure your Lambda authorizer, you must attach it to a method for your API. You can create a new method or use a patch operation to attach an authorizer to an existing method. If your authorizer uses authorization caching, make sure you update the policy to control access for the additional method.