Hello there,
I want to know more information about billing when using Authorizers both JWT and Lambda.
For example :
If we have 2 lambda functions :
CoreLogicLambda : runs for average 100 ms for 1G of ram and does the core logic function.
AuthLambda : runs for 1 ms each time to verify auth for 1G of ram and is used as a Lambda Authorizer for CoreLogicLambda.
now let's say we had 2 million HTTP API invocations and only half passed the authorizer.
Which billing is true :
Case 1 :
2 Million API Gateway HTTP API requests : 1$ * 2 = 2$
2 Million requests for AuthLambda : 0.2$ * 2 = 0.4$
1 Million requests for CoreLogicLambda: 0.2$ * 1 = 0.2$
2,000 GB*S runtime for AuthLambda : ....
100,000 GB*S runtime for CoreLogicLambda : ....
Case 2 :
2 Million API Gateway HTTP API requests : 1$ * 2 = 2$
1 Million requests for CoreLogicLambda: 0.2$ * 1 = 0.2$
2,000 GB*S runtime for AuthLambda : ....
100,000 GB*S runtime for CoreLogicLambda : ....
Case 3 :
2 Million API Gateway HTTP API requests : 1$ * 2 = 2$
2 Million requests for CoreLogicLambda: 0.2$ * 2 = 0.4$
2,000 GB*S runtime for AuthLambda : ....
100,000 GB*S runtime for CoreLogicLambda : ....
Case 4 :
2 Million API Gateway HTTP API requests : 1$ * 2 = 2$
1 Million requests for CoreLogicLambda: 0.2$ * 1 = 0.2$
100,000 GB*S runtime for CoreLogicLambda : ....
Thanks for the clarifications.
AWS公式更新しました 2年前
thanks for the answer. This means that it is cheaper to have middleware in the code for auth. This way, the lambda CoreLogicLambda with the middleware will run for 1ms when not authenticated and 101ms for authenticated users; meaning we will pay :
2 Million API Gateway HTTP API requests : 1$ * 2 = 2$ 2 Million requests for CoreLogicLambda: 0.2$ * 2 = 0.4$ 102,000 GB*S runtime for CoreLogicLambda : ....
what do you think about this ? is what I am saying sound logical to you or is this simply not a good practice?
It is probably logical but not a good practice. You are mixing your business logic code with the auth code.
Furthermore, API Gateway doesn't charge for API calls that failed authorization. So in option #1 above the charge for API GW will only be $1, bringing the invocations cost to $1.6, compared to $2 if you move auth to the backend.
Yeah, the API calls not charged definitly impact greatly the result. Thank you very much for all the answers!