I have a Lambda function exposed as an API via API Gateway. How can I make sure that the Lambda function is called only by the API Gateway and it cannot be called by any other means i.e. bypassing the API gateway. In my scenario the API gateway and the Lambda function are sitting in the default system managed VPC. The Lambda function is configured to internally accesses the resources from some of the private subnets of my VPC.
How do I make sure that the Lambda function cannot be called by bypassing the API gateway. Please help...
Abhijit
You need to only allow API Gateway to Invoke the Lambda. This can be done via IAM permissions. This link has info about configuring IAM for API Gateway to invoke your Lambda. Only allow this permission and nothing else will be able to invoke the Lambda.