在CloudFormation yaml文件中将IAM授权添加到API网关端点

时间:2017-09-26 12:54:54

标签: amazon-web-services yaml amazon-cloudformation serverless

我在AWS SAM git项目中查看此问题中的此示例:https://github.com/awslabs/serverless-application-model/issues/25

swagger: "2.0"
basePath: "/Prod"
schemes:
  - "https"
paths:
  /report:
    get:
      responses: {}
      security:
        - sigv4: []
      x-amazon-apigateway-integration:
        type: "aws_proxy"
        uri: "arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:<< account id >>:function:${stageVariables.LambdaFunctionName}/invocations"
        passthroughBehavior: "when_no_match"
        httpMethod: "POST"
info:
  version: "1.0"
  title: "dev-reporting-test"
securityDefinitions:
  sigv4:
    type: "apiKey"
    name: "Authorization"
    in: "header"
    x-amazon-apigateway-authtype: "awsSigv4"

我试图遵循相同的模式,但我不清楚它是如何与我的SAM yaml文件(CloudFormation模板)的其余部分集成的。我没有通过CloudFormation模板SAM yaml文件看到有关如何执行此操作的任何文档。

任何帮助都将不胜感激。

0 个答案:

没有答案