By default, each route does not require any authorization. You can enable authorization application-wide with
Jets.application.configure do config.api.authorization_type = "AWS_IAM" end
This will require a caller to authenticate using IAM before being able to access the endpoint.
You can also enable authorization on a per-route basis with the
Jets.application.routes.draw do get "posts", to: "posts#index", authorization_type: "AWS_IAM" end
The complete list of authorization types is available in the AWS API Gateway docs.
Pro tip: Use the <- and -> arrow keys to move back and forward.