Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

attach authorizer to api gateway V2 route in aws cloudformation

0

How to attach authorizer to api gateway V2 route in aws cloudformation?

I am using Api Gateway v2 and cloudformation.

I am using stages "prod" and "stg" I would like to work on separate lambda stg and prod.

In AWS console it is just one click of one button "Attach Authorization" in "Routes" section

I am using simple authorizer:

My cloudformation looks like this:

  Authorizer:
    Type: 'AWS::ApiGatewayV2::Authorizer'
    Properties:
      ApiId: !Ref ApiGateway
      AuthorizerPayloadFormatVersion: 2.0
      AuthorizerResultTtlInSeconds: 5
      AuthorizerType: REQUEST
      AuthorizerUri: !Join 
        - ''
        - - 'arn:'
          - !Ref 'AWS::Partition'
          - ':apigateway:'
          - !Ref 'AWS::Region'
          - ':lambda:path/2015-03-31/functions/'
          - 'arn:aws:lambda:'
          - !Ref 'AWS::Region'
          - ':'
          - !Ref 'AWS::AccountId'
          - :function:${stageVariables.AuthorizerFunctionName}
          - /invocations
      EnableSimpleResponses: true
      IdentitySource:
        - '$request.header.Authorization'
      Name: !Sub ${ProjectName}-gateway-authorizer

  MyRoute:
    Type: AWS::ApiGatewayV2::Route
    Properties:
      ApiId: !Ref ApiGateway
      AuthorizationType: CUSTOM
      AuthorizerId: !Ref Authorizer
      RouteKey: 'POST /posts/all'
      Target: !Join
        - /
        - - integrations
          - !Ref PostsLambdaIntegrationGet

Authorizer lambda body:

import json
# import jwt

def lambda_handler(event, context):
    print('*********** The event is: ***************')
    print(event)
    
    print('headers is:')
    print(event['headers'])
    
    print('headers Authorization is:')
    # !!!!! DONWCASE by postam or api !!!!! "A" -> "a"
    print(event['headers']['authorization'])
    
    
    if event['headers']['authorization'] == 'abc123':
        response = {
            "isAuthorized": True,
            "context": {
                "anyotherparam": "values"
            }
        }
    else:
        response = {
            "isAuthorized": False,
            "context": {
                "anyotherparam": "values"
            }
        }
    
    print('response is:')
    print(response)
    
    return response

BTW I do not see this option in cli apigatewayv2 cli documentation too.

BTW I asked this question on attach authorizer to api gateway V2 route in aws cloudformation too.

  1. I attached authorizer.
  2. I deployed api.
  3. I checked authorizer with hardcoded lambda name (it works), it verifies my lambda and permissions are correct.
Themen
ServerlosKalkulationFrontend-Web & MobileVernetzung & Bereitstellung von InhaltenManagement & UnternehmensführungMicroservices
Tags
ServerlosAWS LambdaAmazon API-GatewayAWS CloudFormationMicroservices
Sprache
English
rePost-User-2167407
gefragt vor einem Jahr61 Aufrufe
Keine Antworten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt