我对AWS SAM很陌生。我已经使用AWS Web控制台实现了API网关,并在API方法请求中指定了主体验证,但我想使用SAM模板实现相同的目的。我对如何在API Gateway SAM模板中指定“方法请求”的搜索没有任何与此相关的信息。有什么帮助吗?
答案 0 :(得分:0)
如果您要配置“授权”,则为SAM模板。
MyApi:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
Auth:
DefaultAuthorizer: AWS_IAM
MyFunction:
Type: AWS::Serverless::Function
Properties:
FunctionName: MyFunction
...
Events:
Post:
Type: Api
Properties:
Path: /compute
Method: POST
RestApiId: !Ref MyApi
Auth:
Authorizer: AWS_IAM
您必须在AWS::Serverless::Api定义中定义授权者,并在函数中使用它。
参考文献:
答案 1 :(得分:0)
在API网关here上添加验证的完整指南。
下面是SAM template.yaml的代码片段,用于在示例API上添加主体验证。在此,在API的/ ping路径上定义了PingInput API模型。该模型包含一个必需参数和一个可选参数。不带必需参数的API调用将失败。
AuthApiGateway:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
DefinitionBody:
swagger: '2.0'
info:
version: '1.0'
title: 'AwsRestServiceTemplate'
paths:
/ping:
x-amazon-apigateway-any-method:
responses: {}
post:
x-amazon-apigateway-request-validator: 'Validate body' # To specify that the Http Post body needs to be validated
parameters:
- in: 'body'
name: 'PingInput'
required: true
schema:
$ref: '#/definitions/PingInput'
x-amazon-apigateway-integration:
httpMethod: post
type: aws_proxy
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${PingFunction.Arn}/invocations
x-amazon-apigateway-request-validators:
Validate body:
validateRequestParameters: true
validateRequestBody: true
definitions:
PingInput:
type: 'object'
required:
- 'requiredKey'
properties:
requiredKey:
type: 'string'
optionalKey:
type: 'string'