By using AWS re:Post, you agree to the Terms of Use

AWS SAM: set the authorization cache TTL in the resource template (AWS::Serverless::Api)


Hi all, I am using SAM in order to deploy my serverless application which consist of a REST API and a lambda authorizer. The REST API is not triggering a Lambda. It integrates other public services.

When declaring the AWS::Serverless::Api and its auth attribte, I cannot find a way to configure the authorization-cache's TTL as in the AWS::ApiGateway::Authorizer resource. Am I missing something? If not, is there any reason the authorization-cache's TTL configuration is not made available in the AWS::Serverless::Api element?

This potentially missing feature is something minor for us, and does not block us in our project. It is more a nice-to-have, as I would prefer to not have to copy/paste the whole OpenAPI specification directly in the template file, but rather use the SAM feature to specify the API via the AWS::Serverless::Api 's DefinitionUri attribute. This makes it possible to not have an API definition in the template, but to embbed this definition in a local file which will be automatically uploaded to S3 during the SAM deploy step.


1 Answer

Looking deeper, I realized that it may be possible to reference a AWS::ApiGateway::Authorizer as the DefaultAuthorizer in the ApiAuth attribute.

Trying to do so leads me to another problem when deploying the stack using SAM deploy:

Auth works only with inline Swagger specified in 'DefinitionBody' property.

I guess features like "Authentication" or "Cors enable" requires CloudFormation's transform macro to access the OpenAPI/Swagger configuration in order to modify it. Hence this OpenAPI/Swagger declaration must be part of the template given to CloudFormation and cannot be provided as a separated file from S3 anyway.

answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions