我在我的cloudformation模板中定义了一个自定义授权程序:
MyCustomAuthorizer:
Type: AWS::ApiGateway::Authorizer
Properties:
Name: "MyCustomAuthorizer"
Type: "TOKEN"
AuthorizerUri: "arn:my_lambda"
IdentitySource: "method.request.header.Auth"
RestApiId:
Ref: ApiGatewayApi
我有一个Api网关API:
ApiGatewayApi:
Type: AWS::ApiGateway::RestApi
Properties:
Name: "ApiGatewayApi"
Description: "Api gateway REST API"
Body:
basePath: "/prod"
schemes:
- "https"
paths:
/echo:
get:
consumes:
- "application/json"
produces:
- "application/json"
responses:
"200":
description: "200 response"
schema:
$ref: "#/definitions/schema"
security:
- sigv4: []
如何专门使用/echo路径使用MyCustomAuthorizer?
我可以使用说明here
在控制台上执行此操作答案 0 :(得分:0)
文档有example。您需要在方法
中的' 属性中添加自定义授权程序 "securityDefinitions" : {
"test-authorizer" : {
"type" : "apiKey", // Required and the value must be "apiKey" for an API Gateway API.
"name" : "Authorization", // The source header name identifying this authorizer.
"in" : "header", // Required and the value must be "header" for an AAPI Gateway API.
"x-amazon-apigateway-authtype" : "oauth2", // Specifies the authorization mechanism for the client.
"x-amazon-apigateway-authorizer" : { // An API Gateway custom authorizer definition
"type" : "token", // Required property and the value must "token"
"authorizerUri" : "arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:account-id:function:function-name/invocations",
"authorizerCredentials" : "arn:aws:iam::account-id:role",
"identityValidationExpression" : "^x-[a-z]+",
"authorizerResultTtlInSeconds" : 60
}
}
}
"/http" : {
"get" : {
"responses" : { },
"security" : [ {
"test-authorizer" : [ ]
} ],
"x-amazon-apigateway-integration" : {
"type" : "http",
"responses" : {
"default" : {
"statusCode" : "200"
}
},
"httpMethod" : "GET",
"uri" : "http://api.example.com"
}
}
}