Home > other >  How to secure Front-End message pushing into AWS SQS
How to secure Front-End message pushing into AWS SQS

Time:09-09

An ajax call can be made to push message to SQS from front end browser facing app directly without any interaction of server based backend. example using below API call

https://sqs.us-east-2.amazonaws.com/123456789012/TestQueue/?Action=SendMessage&MessageBody=This is a test message

How to secure this API call, because even if the user is authenticated on the Front End app, this End point(SQS API) can be grabbed and used for false messaging by anyone who has this end point. Is there a way to secure it or there need to be a server based backend between Browser and SQS where an authentication mechanism can be accomplished.??

CodePudding user response:

Often you would use AWS HTTP API in-front of your SQS. HTTP API has build in support for SQS integration. For more versitle solution you would put AWS REST API (not HTTP API) in front of your SQS. This gives you much more options, such as throttling support for excessive requests.

  • Related