Protect your REST APIs in API Gateway
API Gateway provides a number of ways to protect your API from certain threats, like malicious users or spikes in traffic. You can protect your API using strategies like generating SSL certificates, configuring a web application firewall, setting throttling targets, and only allowing access to your API from a Virtual Private Cloud (VPC). In this section you can learn how to enable these capabilities using API Gateway.
Topics
- How to turn on mutual TLS authentication for your REST APIs in API Gateway
- Generate and configure an SSL certificate for backend authentication in API Gateway
- Use AWS WAF to protect your REST APIs in API Gateway
- Throttle requests to your REST APIs for better throughput in API Gateway
- Private REST APIs in API Gateway