HttpAuthorizerProps

class aws_cdk.aws_apigatewayv2.HttpAuthorizerProps(*, authorizer_name=None, authorizer_uri=None, enable_simple_responses=None, http_api, identity_source, jwt_audience=None, jwt_issuer=None, payload_format_version=None, results_cache_ttl=None, type)

Bases: object

(experimental) Properties to initialize an instance of HttpAuthorizer.

Parameters
  • authorizer_name (Optional[str]) – (experimental) Name of the authorizer. Default: - id of the HttpAuthorizer construct.

  • authorizer_uri (Optional[str]) – (experimental) The authorizer’s Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda function URI. Default: - required for Request authorizer types

  • enable_simple_responses (Optional[bool]) – (experimental) Specifies whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Default: - The lambda authorizer must return an IAM policy as its response

  • http_api (IHttpApi) – (experimental) HTTP Api to attach the authorizer to.

  • identity_source (Sequence[str]) – (experimental) The identity source for which authorization is requested.

  • jwt_audience (Optional[Sequence[str]]) – (experimental) A list of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list. Default: - required for JWT authorizer typess.

  • jwt_issuer (Optional[str]) – (experimental) The base domain of the identity provider that issues JWT. Default: - required for JWT authorizer types.

  • payload_format_version (Optional[AuthorizerPayloadVersion]) – (experimental) Specifies the format of the payload sent to an HTTP API Lambda authorizer. Default: AuthorizerPayloadVersion.VERSION_2_0 if the authorizer type is HttpAuthorizerType.LAMBDA

  • results_cache_ttl (Optional[Duration]) – (experimental) How long APIGateway should cache the results. Max 1 hour. Default: - API Gateway will not cache authorizer responses

  • type (HttpAuthorizerType) – (experimental) The type of authorizer.

Stability

experimental

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_apigatewayv2 as apigatewayv2
import aws_cdk.core as cdk

# http_api is of type HttpApi

http_authorizer_props = apigatewayv2.HttpAuthorizerProps(
    http_api=http_api,
    identity_source=["identitySource"],
    type=apigatewayv2.HttpAuthorizerType.JWT,

    # the properties below are optional
    authorizer_name="authorizerName",
    authorizer_uri="authorizerUri",
    enable_simple_responses=False,
    jwt_audience=["jwtAudience"],
    jwt_issuer="jwtIssuer",
    payload_format_version=apigatewayv2.AuthorizerPayloadVersion.VERSION_1_0,
    results_cache_ttl=cdk.Duration.minutes(30)
)

Attributes

authorizer_name

(experimental) Name of the authorizer.

Default
  • id of the HttpAuthorizer construct.

Stability

experimental

Return type

Optional[str]

authorizer_uri

(experimental) The authorizer’s Uniform Resource Identifier (URI).

For REQUEST authorizers, this must be a well-formed Lambda function URI.

Default
  • required for Request authorizer types

Stability

experimental

Return type

Optional[str]

enable_simple_responses

(experimental) Specifies whether a Lambda authorizer returns a response in a simple format.

If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy.

Default
  • The lambda authorizer must return an IAM policy as its response

Stability

experimental

Return type

Optional[bool]

http_api

(experimental) HTTP Api to attach the authorizer to.

Stability

experimental

Return type

IHttpApi

identity_source

(experimental) The identity source for which authorization is requested.

See

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-authorizer.html#cfn-apigatewayv2-authorizer-identitysource

Stability

experimental

Return type

List[str]

jwt_audience

(experimental) A list of the intended recipients of the JWT.

A valid JWT must provide an aud that matches at least one entry in this list.

Default
  • required for JWT authorizer typess.

Stability

experimental

Return type

Optional[List[str]]

jwt_issuer

(experimental) The base domain of the identity provider that issues JWT.

Default
  • required for JWT authorizer types.

Stability

experimental

Return type

Optional[str]

payload_format_version

(experimental) Specifies the format of the payload sent to an HTTP API Lambda authorizer.

Default

AuthorizerPayloadVersion.VERSION_2_0 if the authorizer type is HttpAuthorizerType.LAMBDA

Stability

experimental

Return type

Optional[AuthorizerPayloadVersion]

results_cache_ttl

(experimental) How long APIGateway should cache the results.

Max 1 hour.

Default
  • API Gateway will not cache authorizer responses

Stability

experimental

Return type

Optional[Duration]

type

(experimental) The type of authorizer.

Stability

experimental

Return type

HttpAuthorizerType