Keys are used to provide access to specific locks. Before we can talk about keys, let's make sure we know how to create a lock using AWS API Gateway. My earlier tutorial will show you how to create a lock using CORS and Headers.

API Keys

API Keys are used to track usage by Group or Organization. They're great for accounting purposes –as a way of keeping record of who is using your service. It's not very hard to use but there is a 4 step process to get started.

Process

The steps to creating API access key include:

  1. Create a key from the API Dashboard
  • Create a usage plan using the API Dashboard
  • Link your API stage to a usage plan.
  • Link your API key to a usage plan.
  • Enter the IAM role that has access to write data to CloudWatch

Step 1 - Create an API Key

Using the process above, step one consists of creating an API key.

Create an API Key

Step 2 - Create a usage plan

Usage plans are designed to help you, the API administrator, understand which of your clients is using your API and how much of it. This is especially helpful if you are planning to sell your API service within the AWS Marketplace.

Create usage plan

Step 3 - Link your API key to the usage plan

This step is about associating an API stage to a usage plan.

Link API key to usage plan

Step 4 - Subscribe API key to usage plan

This step focuses on associating an API key to a usage plan for monitoring and account reconciliation.

Subscribe API key to usage plan

Step 5 - Associate an API key to an HTTP Method

There are a few good reason for this. For example, suppose you are an API administrator with 9 available methods. 3 methods are available to the open web, 3 are available to "bronze plan" subscribers and 3 more methods are available to "gold plan" subscribers. As an API administrator, one way to keep things organized is by associating specific API keys to specific methods.

Note: This probably isn't a scalable solution but you get the point.

You associated API keys to methods through the method request.

Click Method Request

Once you've clicked the Method Request of an HTTP verb, you can select Api Key Required to true.

Assign API Key to Method


Resources