如何为Api方法启用ApiKeyRequired?

时间:2018-05-15 07:36:49

标签: aws-api-gateway serverless aws-sam-cli

我想使用API​​网关的标准API密钥功能。如果我使用标准的cloudformation,可以通过将方法的属性ApiKeyRequired设置为true来实现。我怎样才能用SAM做到这一点?

我尝试使用招摇,但这似乎不起作用:

    swagger: "2.0"
    info:
      title: !Ref AWS::StackName

    paths:
      "/machines/{resourceid}":
        get:
          parameters: 
            - name: resourceid 
              in: path 
              type: string 
              required: true 
          x-amazon-apigateway-integration:
            httpMethod: POST
            type: aws_proxy
            uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MyLambda.Arn}/invocations
            responses: {}
          security:
            - authorizer: []

    securityDefinitions:
      authorizer:
        type: apiKey
        name: Authorization
        in: header

有什么建议吗?

1 个答案:

答案 0 :(得分:1)

以下招摇定义有效:

  DefinitionBody:
    swagger: "2.0"
    info:
      title: !Ref AWS::StackName
    x-amazon-apigateway-api-key-source : "HEADER"
    paths:
      "/machines/{resourceId}":
        get:
          parameters: 
            - name: resourceId 
              in: path 
              type: string 
              required: true 
          x-amazon-apigateway-integration:
            httpMethod: POST
            type: aws_proxy
            uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MessagingServiceTestHandler.Arn}/invocations
            responses: {}
          security:
            - api_key: []                      
    securityDefinitions:
      api_key:
        type: "apiKey"
        name: "x-api-key"
        in: "header"

api密钥头的名称必须是 x-api-key ,而不是标准的Authorization标头。

相关问题
最新问题