What is the best way to have multiple authorizer on a single endpoint?

0

For our use case, we want to implement multiple authorizers on an API endpoint irrespective of the method. So if the method is GET /test-api, it could have JWT authorizer as well as Lambda authorizer. We want to add JWT authorizer for maintaining RBAC on endpoints via CDK but the problem is if there are multiple apps, in CDK json we will end up having a large segment dedicated to maintaining the endpoints along with their RBAC rules. So is there a better way to solve for this?

1개 답변
1

Hi, i believe there are two parts to your query which i have addressed below:

  1. how to have multiple authorizer for HTTP API endpoint (i assumed HTTP API since you mentioned you want JWT authorizer).

You can only have a single authorizer on every endpoint. If you need more than one, you will need to use a Lambda authorizer to verify both. for example, you can code to authorize JWT token using Lambda along with custom logic to authorize using Lambda

  1. Is there a better way to implement RBAC control with JWT token using CDK without having a large segment dedicated to maintaining the endpoints

Unfortunately, you would need to mention it for all the routes & method that you would be attaching the authorizer to. I am cutting a feature request on your behalf to allow inheriting Authorizer to all the methods and sub-routes under a parent route.

profile pictureAWS
지원 엔지니어
Bharat
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠