I'm curious about using API Gateway resource policies to only allow a subset of IPs to access it. I am wondering, if someone outside of this IP range would spam the endpoint, would that still incur costs or do you only pay for "non-rejected" requests?
Thanks
CodePudding user response:
would that still incur costs or do you only pay for "non-rejected" requests?
Yes. You still pay for that, as the requests access the endpoint. It does not matter if they get rejected or not. In either case, AWS has to process them for you.