AWS::Events::Connection
Creates a connection. A connection defines the authorization type and credentials to use for authorization with an API destination HTTP endpoint.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::Events::Connection", "Properties" : { "AuthorizationType" :
String
, "AuthParameters" :AuthParameters
, "Description" :String
, "Name" :String
} }
YAML
Type: AWS::Events::Connection Properties: AuthorizationType:
String
AuthParameters:AuthParameters
Description:String
Name:String
Properties
AuthorizationType
-
The type of authorization to use for the connection.
Note
OAUTH tokens are refreshed when a 401 or 407 response is returned.
Required: Yes
Type: String
Allowed values:
API_KEY | BASIC | OAUTH_CLIENT_CREDENTIALS
Update requires: No interruption
AuthParameters
-
A
CreateConnectionAuthRequestParameters
object that contains the authorization parameters to use to authorize with the endpoint.Required: Yes
Type: AuthParameters
Update requires: No interruption
Description
-
A description for the connection to create.
Required: No
Type: String
Maximum:
512
Pattern:
.*
Update requires: No interruption
Name
-
The name for the connection to create.
Required: No
Type: String
Minimum:
1
Maximum:
64
Pattern:
[\.\-_A-Za-z0-9]+
Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the name of the connection that was created by the
request.
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see Fn::GetAtt.
Examples
Create a connection with ApiKey authorization parameters
The following example creates a connection named pagerduty-connection using ApiKey authorization and stores a secret from Secrets Manager.
JSON
{ "PagerDutyConection": "Type" : "AWS::Events::Connection", "Properties" : { "Name" : "pagerduty-connection", "AuthorizationType" : "API_KEY", "AuthParameters" : { "ApiKeyAuthParameters" : { "ApiKeyName" : "Authorization", "ApiKeyValue" : "{{resolve:secretsmanager:arn:aws:secretsmanager:us-west-2:123456789012:secret:pagerdutyApiToken-S9SoDa}}"}, "AdditionalParameters" : { "BodyParameters" : { "routing_key" : "my-pagerduty-integration-key", }, }, }, } }
YAML
PagerDutyConection: Type: AWS::Events::Connection Properties: Name: 'pagerduty-connection' AuthorizationType: API_KEY AuthParameters: ApiKeyAuthParameters: ApiKeyName: Authorization ApiKeyValue: '{{resolve:secretsmanager:arn:aws:secretsmanager:us-west-2:123456789012:secret:pagerdutyApiToken-S9SoDa}}' AdditionalParameters: BodyParameters: routing_key: 'my-pagerduty-integration-key'
Create a connection with OAuth authorization parameters
The following example creates a connection named auth0-connection using OAuth authorization and stores a secret from Secrets Manager.
JSON
{ "Auth0Connection": "Type" : "AWS::Events::Connection", "Properties": { "Name" : "auth0-connection", "AuthorizationType" : "OAUTH_CLIENT_CREDENTIALS", "AuthParameters" : { "OAuthParameters": { "ClientParameters" : { "ClientId": "{{resolve:secretsmanager:arn:aws:secretsmanager:us-west-2:123456789012:secret:auth0ClientId}}", "ClientSecret": "{{resolve:secretsmanager:arn:aws:secretsmanager:us-west-2:123456789012:secret:auth0ClientSecret}}", }, "AuthorizationEndpoint" : "https://yourUserName.us.auth0.com/oauth/token", "HttpMethod" : "POST", "AdditionalParameters" : { "BodyParameters: { "audience" : "my-auth0-identifier", }, }, }, }, } }
YAML
Auth0Connection: Type: AWS::Events::Connection Properties: Name: 'auth0-connection' AuthorizationType: OAUTH_CLIENT_CREDENTIALS AuthParameters: OAuthParameters: ClientParameters: ClientId: '{{resolve:secretsmanager:arn:aws:secretsmanager:us-west-2:123456789012:secret:auth0ClientId}}' ClientSecret: '{{resolve:secretsmanager:arn:aws:secretsmanager:us-west-2:123456789012:secret:auth0ClientSecret}}' AuthorizationEndpoint: 'https://yourUserName.us.auth0.com/oauth/token' HttpMethod: POST AdditionalParameters: BodyParameters: audience: 'my-auth0-identifier' #Note: This AdditionalParameters field is a child of OAuthParameters entry, meaning it's only sent with the token exchange