Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

attach authorizer to api gateway V2 route in aws cloudformation

0

How to attach authorizer to api gateway V2 route in aws cloudformation?

I am using Api Gateway v2 and cloudformation.

I am using stages "prod" and "stg" I would like to work on separate lambda stg and prod.

In AWS console it is just one click of one button "Attach Authorization" in "Routes" section

I am using simple authorizer:

My cloudformation looks like this:

  Authorizer:
    Type: 'AWS::ApiGatewayV2::Authorizer'
    Properties:
      ApiId: !Ref ApiGateway
      AuthorizerPayloadFormatVersion: 2.0
      AuthorizerResultTtlInSeconds: 5
      AuthorizerType: REQUEST
      AuthorizerUri: !Join 
        - ''
        - - 'arn:'
          - !Ref 'AWS::Partition'
          - ':apigateway:'
          - !Ref 'AWS::Region'
          - ':lambda:path/2015-03-31/functions/'
          - 'arn:aws:lambda:'
          - !Ref 'AWS::Region'
          - ':'
          - !Ref 'AWS::AccountId'
          - :function:${stageVariables.AuthorizerFunctionName}
          - /invocations
      EnableSimpleResponses: true
      IdentitySource:
        - '$request.header.Authorization'
      Name: !Sub ${ProjectName}-gateway-authorizer

  MyRoute:
    Type: AWS::ApiGatewayV2::Route
    Properties:
      ApiId: !Ref ApiGateway
      AuthorizationType: CUSTOM
      AuthorizerId: !Ref Authorizer
      RouteKey: 'POST /posts/all'
      Target: !Join
        - /
        - - integrations
          - !Ref PostsLambdaIntegrationGet

Authorizer lambda body:

import json
# import jwt

def lambda_handler(event, context):
    print('*********** The event is: ***************')
    print(event)
    
    print('headers is:')
    print(event['headers'])
    
    print('headers Authorization is:')
    # !!!!! DONWCASE by postam or api !!!!! "A" -> "a"
    print(event['headers']['authorization'])
    
    
    if event['headers']['authorization'] == 'abc123':
        response = {
            "isAuthorized": True,
            "context": {
                "anyotherparam": "values"
            }
        }
    else:
        response = {
            "isAuthorized": False,
            "context": {
                "anyotherparam": "values"
            }
        }
    
    print('response is:')
    print(response)
    
    return response

BTW I do not see this option in cli apigatewayv2 cli documentation too.

BTW I asked this question on attach authorizer to api gateway V2 route in aws cloudformation too.

  1. I attached authorizer.
  2. I deployed api.
  3. I checked authorizer with hardcoded lambda name (it works), it verifies my lambda and permissions are correct.
Argomenti
ServerlessComputazionaliFront-end web e dispositivi mobiliNetworking e distribuzione di contenutiGestione e amministrazioneMicroservizi
Tag
ServerlessAWS LambdaGateway API di AmazonAWS CloudFormationMicroservizi
Lingua
English
rePost-User-2167407
posta un anno fa61 visualizzazioni
Nessuna risposta

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente