I have a use case where i am supposed to connect my client to apigateway using websockets. I have seen the API gateway can be configured with WAF rules in case of a REST api but i am not able to see the websockets API gateway under the list of resources that can be added to WAF protected resource in AWS console. Does it mean that websocket connections to API gateway cannot be protected using WAF ?
WAF Protection for api gateway using websockets
1.6k Views Asked by jayendra bhatt At
1
There are 1 best solutions below
Related Questions in AMAZON-WEB-SERVICES
- "Access Denied" - User's Permissions to S3 Bucket
- Cohort analysis with Amazon Redshift / PostgreSQL
- Using Amazon KMS service on Heroku
- can't ssh in after cloning an EC2 instance on Amazon AWS
- Using HDFS with Apache Spark on Amazon EC2
- How can I access Mule ESB Community edition via browser?
- AWS EC2: Migrating from Windows to Linux Server
- AWS ELB Load Balancer: is it possible to set multiple session cookies?
- AWS Flow Framework: Can we run activity worker and activity task on different EC2 instances
- Unable to access files from public s3 bucket with boto
- Cloudfront stream only part of the video
- s3cmd not working as cron-task when echos/dates are added
- How to deploy django 1.8 on Elastic Beanstalk using Docker
- InstanceProfile is required for creating cluster - create python function to install module
- How to fix WordPress HTTPS issues when behind an Amazon Load Balancer?
Related Questions in WEBSOCKET
- How to send raw data using socket.io
- HttpRequestContext vs HttpContext
- Websocket support on JBoss 6
- How to send/receive messages through a web socket on windows phone 8.1
- Stop receiving an event for some time in socket io
- Nginx not passing websocket upgrade response back to client?
- Jboss showing this error in eclipse
- Oauth in Tyrus WebSocket
- Meteor: Workaround for having websockets blocked in port 80?
- Python Server - Processing WebSocket.close()
- Multithread using Executor and WebSocket
- Start Rumpetroll on Debian
- What are the possible bugs that cause slow response (sometimes but not all the time) for a websocket connection?
- Ratchet websocket server not responding after some hour
- Angularjs data is not updated on call of $apply
Related Questions in AWS-API-GATEWAY
- AWS Custom Authorizer with request parameters
- How can i call AWS Step Functions by API Gateway?
- AJAX seems to be unable to GET AWS API Gateway even with CORS enabled
- AWS API Gateway - How do I get the date/timestamp/epoch in a body mapping template?
- Serverless CORS Error: Did not find method in CORS header ‘Access-Control-Allow-Methods'
- How do I use a Firebase Hosting SSL Certificate for AWS API Gateway?
- How do I call an AWS_IAM authorized API Gateway endpoint from AWS Lambda who's execution role has permission to do so?
- Specify the Headers for Office 365 Push Notifications
- Passing ARN reference from CloudFormation to Swagger
- Error message when calling Api Gateway with signature
- CORS defeats AWS LAMBDA :(
- AWS APIGatewayClient(Swift) doesn't work in Swift3?
- IAM user id from AWS signature?
- Why is the deployment zone is greyed out in AWS api gateway deployment?
- AWS API Gateway proxy endpoint
Related Questions in WEB-APPLICATION-FIREWALL
- UNION on dynamic SQL statements
- Azure ARM Templates - Appication Gateway Web Application Firewall Configuration SelectorMatchOperator Syntax
- cURL 35 Error from WordPress Site Health behind a CDN+WAF Firewall
- An error occurred while executing the "make" command while compiling and installing the "ModSecurity- Nginx" module
- AWS - WAF : log configuration for kinesis firehose in cloud formation
- How to integrate a Web Application firewall (ModSecurity) with Heroku?
- ELB WAF Sandwiching - AWS
- Problems with Cloudflare's WAF When Using AWS Elastic Beanstalk for a PHP Application
- HTTP_HOST Stripping via Firewalls and VPNs
- Apache logs shows us we are using HTTP1.1 instead of HTTP2 protocol even HTTP/2 is enabled (through WAF)
- aws waf regex pattern rule not working --rate limit
- Error deploying global resources into China with Terraform
- Dynamic route in NextJS cause security problem
- Whitelist EC2 instances in ASG to access AWS WAF
- Do I need a Web Application Firewall if my APIs are protected with OAuth?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
As of now, WAF cannot be used with a WebSocket API in Amazon API Gateway. However, by configuring authorizer and throttling, you can protect your API.
Reference: https://docs.aws.amazon.com/apigateway/latest/developerguide/websocket-api-protect.html