Links

AWS - API Gateway Persistence

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:

API Gateway

For more information go to:

Resource Policy

Modify the resource policy of the API gateway(s) to grant yourself access to them

Modify Lambda Authorizers

Modify the code of lambda authorizers to grant yourself access to all the endpoints. Or just remove the use of the authorizer.

IAM Permissions

If a resource is using IAM authorizer you could give yourself access to it modifying IAM permissions. Or just remove the use of the authorizer.

API Keys

If API keys are used, you could leak them to maintain persistence or even create new ones. Or just remove the use of API keys.
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks: