Dear devs, I am creating an API using AWS CDK from a Swagger (or OpenApi) specification. The problem I am facing is that this specification contains resources/methods that reference a custom lambda authorizer (ie. needs to be an ARN), but I don't know the best way to: * create the authorizer * have a resource/method in the spec use this authorizer I can create the api and the lambda authorizer (tokenrequest), but how do I now link the authorizer to the resource/method? Is this even possible with the SpecRestApi class from the AWS CDK? or is the only way to construct the api using RestApi class and adding the authorizer by adding all resources from code? Thanks!

Add lambda authorizer to SpecRestApi using AWS CDK

Dear devs,

I am creating an API using AWS CDK from a Swagger (or OpenApi) specification. The problem I am facing is that this specification contains resources/methods that reference a custom lambda authorizer (ie. needs to be an ARN), but I don't know the best way to:

create the authorizer
have a resource/method in the spec use this authorizer

I can create the api and the lambda authorizer (tokenrequest), but how do I now link the authorizer to the resource/method? Is this even possible with the SpecRestApi class from the AWS CDK? or is the only way to construct the api using RestApi class and adding the authorizer by adding all resources from code?

Thanks!

Topics

Serverless Compute

Tags

AWS Lambda

Language

English

jordy_dam

asked 2 years ago2125 views

2 Answers

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Thanks Marco! However the swagger specification references an arn... of the authorizer. Do I need to create the authorizer first in cdk, then do a replace in the swagger/openapi and then create the api from the swagger spec?

jordy_dam

answered 2 years ago

Marco
2 years ago
Yes, this is one way to do it. The service team is aware of that issue but i have no date if and when this get´s fixed. Another option is to get all the methods from the api and overwrite the method options.

But in general I would challenge what are the benefits defining the API as OpenAPI definition and is it worth the additional overhead you have with your Stack. You can also define your API with CDK Constructs and then export the Swagger Definition from your Stage.

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-export-api.html
jordy_dam
2 years ago
Not sure what is happening with re:Post... account created but lost.. anyway:

Hi Marco!

Thanks for the reply, good to know I am not overlooking something ;-) I have managed to find a solution at the moment (create authorizer, replace placeholder, create api through spec ). The issue we are facing is that we have teams working in AWS and teams working in Interfaces/Integration. The latter are no coders and have no knowledge about AWS and therewith the CDK. They do know Swagger and OpenApi and want to be in control of that part. With this in mind we want to use those specs as leading assets for the API. The reason I said overlooking was because something similar is possible with a Resource Policy, where AWS resolves the resource with the correct ARN. Anyway for now I am good, so hopefully a fix will find its way into the spec for resolving it automatically.

When you define your API via OpenAPI you have to use the OPenAPI Extension to define the authorizer in your definition. https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-authtype.html

Marco

answered 2 years ago

jordy_dam
2 years ago
Thanks Marco! However the swagger specification references an arn... of the authorizer. Do I need to create the authorizer first in cdk, then do a replace in the swagger/openapi and then create the api from the swagger spec?

Relevant content

CDK SpecRestApi with CognitoUserPoolsAuthorizer with multiple User Pools for OpenAPI 3.0.x API
AWS-User-2848082
asked 5 months ago
Creating CfnDestination with specific region using CDK
rePost-User-6255903
asked a year ago
Using CDK to create an IoT CfnTopicRule that can invoke a lambda via 'aws_lambda' function
Dave Meehan
asked 9 months ago
How to create an container image and deploy it to an lambda function using CDK?
Accepted Answer
strange-folk-df787
asked 2 years ago
How do I create an AWS CodeCommit repository that uses a specified default branch name using AWS CloudFormation?
AWS OFFICIALUpdated 3 years ago
How to make an AWS SDK call from a CDK project using the interface AwsSdkCall?
AWS OFFICIALUpdated 10 months ago
Why am I getting API Gateway 401 Unauthorized errors after creating a Lambda authorizer?
AWS OFFICIALUpdated 2 years ago
Why am I getting “Execution failed due to configuration” errors from API Gateway after using a CloudFormation template or OpenAPI definition to create a REST API with a Lambda integration?
AWS OFFICIALUpdated 2 years ago
Implementing request parameters validation in Amazon API Gateway REST API with Cloud Development Kit (CDK)
EXPERT
Vihang Shah
published 5 months ago
Why am I seeing charges for 'Public IPv4 addresses' when I am under the AWS free tier?
EXPERT
dnyanesh-db
published 2 months ago