Enable API Gateway Authorization

In addition to using JSON Web Tokens (JWTs) for authentication, API Gateway can leverage AWS request signing and parse the request signature to determine the requesting user. In this step, you’ll update your authorization type to IAM for your API which will then use AWS’s Identity and Access Management (IAM) capabilities to authorize requests via IAM policies.

High-Level Instructions

In the Amazon API Gateway console, update the authorization type to AWS_IAM for the POST method on the /ride resource. Next, re-deploy the API to make your change take effect.

Step-by-step instructions (expand for details)

If your API now invokes correctly and application functions as expected summoning unicorns again, you can proceed to the next module, IAM-based Authorization.