Dec 10, 2020

2 min read

Secure AWS API Gateway Using API Key


There are multiple ways to secure the AWS API Gateway. I used the API Key to secure it. I integrated API Gateway with Lambda, so I will discuss things in Lambda’s context.

Pre Requisites

Go through this AWS API Gateway’s documentation to grasp the basic understanding.


Adding lambda trigger

2. Lambda will create an API Gateway instance, it can be seen in the API Gateway console:

API Gateway Console

3. Create a Usage Plan and associate API and its deployment stage with it. By default, a usage plan is created and attached to test-API.

Usage Plans Console

4. Create an API key and associate it with the usage plan:

API Keys Console

5. Deploy the API

API Gateway Resource Console

6. Get the API URL for API methods:


7. Access the API using the method given below:

curl -X POST --data '{"name": "irtiza"}' -H 'x-api-key: 'KeCZKoVY5Z9330Sq22qqh744IWr7oyjH9EBGOhLd'
Authorization Header
Request Body

Final Thoughts

Please share your feedback about anything that can be improved or I missed. Thank you