-
Book Overview & Buying
-
Table Of Contents
AWS Cloud Projects
By :
There is only so much a book chapter can cover. Your project works and covers the requirements. It identifies if a photo is professional-looking enough, but you can still improve it.
Currently, anyone can discover and call your API gateway to verify if their photo is professional-looking. A malicious actor can take advantage of this, and you will incur high costs.
In the previous chapter, you already implemented Cognito to manage authentication and authorization. You could do the same for this application, or if your client applications also run on AWS, you could change your REST API to a private API. In this case, your API gateway will only be reachable within the VPC and no longer be internet-reachable. You can read more about it in the AWS documentation at https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-apis.html.
You are way past the static websites...