Hi, i believe there are two parts to your query which i have addressed below:
- how to have multiple authorizer for HTTP API endpoint (i assumed HTTP API since you mentioned you want JWT authorizer).
You can only have a single authorizer on every endpoint. If you need more than one, you will need to use a Lambda authorizer to verify both. for example, you can code to authorize JWT token using Lambda along with custom logic to authorize using Lambda
- Is there a better way to implement RBAC control with JWT token using CDK without having a large segment dedicated to maintaining the endpoints
Unfortunately, you would need to mention it for all the routes & method that you would be attaching the authorizer to. I am cutting a feature request on your behalf to allow inheriting Authorizer to all the methods and sub-routes under a parent route.
Is it a good idea to have single security group for multiple apps?asked 3 months ago
API Gateway User Authentication Best Practicesasked a year ago
What is the best way to have multiple authorizer on a single endpoint?asked 17 days ago
Find best method to determine the source IP address in Lambdaasked 14 days ago
How do I encrypt the payload from an API Gateway endpoint?asked 2 months ago
what is the best practice for custom authorizer in case of an exeptionsasked 10 months ago
Use multiple API Gateway authorizersAccepted Answerasked 4 months ago
Is it a good way to implement custom authorization logic(like an API call to validate header parameters) in Lambda Authorizers?asked 7 months ago
AWS CDK: What is the best way to implement multiple Stacks/NestedStacks & share resources?asked a month ago
Is there an API call I can make to multiple VPCs that will return the network firewalls associated with it?asked a month ago