I was following the user-authentication tutorial for the serverless framework. I stopped after making the “createUser” function.
This is the only function I have, and I deployed it with just the POST method.
I have called this function maybe 5 or 6 times total since deploying it 48 hours ago.
The dashboard shows over GET 85,000 requests over the last 48 hours (consistently around 1900 requests per hour).
Where are these requests come from? They are all GET requests to the / route that 403 missing authentication, are these something from AWS? Does the serverless framework somehow have a retry policy on some healthcheck or something that constantly runs? Is there some test failing and thus it keeps retrying? I find it hard to believe that these are organic requests actually from legit sources by how uniformly they are spaced out.
Lastly, are these going to start costing me money because they are hitting the API Gateway where i’m paying for requests?