I'm using AWS API gateway for an API I'm setting up, and I want to be able to use an existing AWS Directory Services Directory (Microsoft AD Enterprise) for authentication.
I'm not sure where to start.
Would I need to use a custom lambda function for authentication, and then write my own ldap authentication code?
I can't find any references to this scenario, of authenticating an API against AWS AD.
Any pointers would be greatly appreciated.
perhaps worth checking how configure AWS Directory Service as Federated Identity Provider in IAM, then how to retrieve access tokens from STS and ultimately configure API Gateway to use Authorization Method: AWS_IAM
for authentication - perhaps worth studying how configure federated identity in cognito
have a look at these slides https://www.slideshare.net/AmazonWebServices/aws-may-webinar-series-48671841