@Generated(value="jsii-pacmak/1.60.0 (build ebcefe6)", date="2022-06-22T23:27:59.414Z") public class CfnAuthorizer extends CfnResource implements IInspectable
The AWS::ApiGateway::Authorizer
resource creates an authorization layer that API Gateway activates for methods that have authorization enabled. API Gateway activates the authorizer when a client calls those methods.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.apigateway.*; CfnAuthorizer cfnAuthorizer = CfnAuthorizer.Builder.create(this, "MyCfnAuthorizer") .name("name") .restApiId("restApiId") .type("type") // the properties below are optional .authorizerCredentials("authorizerCredentials") .authorizerResultTtlInSeconds(123) .authorizerUri("authorizerUri") .authType("authType") .identitySource("identitySource") .identityValidationExpression("identityValidationExpression") .providerArns(List.of("providerArns")) .build();
Modifier and Type | Class and Description |
---|---|
static class |
CfnAuthorizer.Builder
A fluent builder for
CfnAuthorizer . |
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
IConstruct.Jsii$Default
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
|
Modifier | Constructor and Description |
---|---|
|
CfnAuthorizer(Construct scope,
java.lang.String id,
CfnAuthorizerProps props)
Create a new `AWS::ApiGateway::Authorizer`.
|
protected |
CfnAuthorizer(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) |
protected |
CfnAuthorizer(software.amazon.jsii.JsiiObjectRef objRef) |
Modifier and Type | Method and Description |
---|---|
java.lang.String |
getAttrAuthorizerId()
The ID for the authorizer.
|
java.lang.String |
getAuthorizerCredentials()
The credentials that are required for the authorizer.
|
java.lang.Number |
getAuthorizerResultTtlInSeconds()
The time-to-live (TTL) period, in seconds, that specifies how long API Gateway caches authorizer results.
|
java.lang.String |
getAuthorizerUri()
The authorizer's Uniform Resource Identifier (URI).
|
java.lang.String |
getAuthType()
An optional customer-defined field that's used in OpenApi imports and exports without functional impact.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
getCfnProperties() |
java.lang.String |
getIdentitySource()
The source of the identity in an incoming request.
|
java.lang.String |
getIdentityValidationExpression()
A validation expression for the incoming identity.
|
java.lang.String |
getName()
The name of the authorizer.
|
java.util.List<java.lang.String> |
getProviderArns()
A list of the Amazon Cognito user pool Amazon Resource Names (ARNs) to associate with this authorizer.
|
java.lang.String |
getRestApiId()
The ID of the `RestApi` resource that API Gateway creates the authorizer in.
|
java.lang.String |
getType()
The type of authorizer.
|
void |
inspect(TreeInspector inspector)
Examines the CloudFormation resource and discloses attributes.
|
protected java.util.Map<java.lang.String,java.lang.Object> |
renderProperties(java.util.Map<java.lang.String,java.lang.Object> props) |
void |
setAuthorizerCredentials(java.lang.String value)
The credentials that are required for the authorizer.
|
void |
setAuthorizerResultTtlInSeconds(java.lang.Number value)
The time-to-live (TTL) period, in seconds, that specifies how long API Gateway caches authorizer results.
|
void |
setAuthorizerUri(java.lang.String value)
The authorizer's Uniform Resource Identifier (URI).
|
void |
setAuthType(java.lang.String value)
An optional customer-defined field that's used in OpenApi imports and exports without functional impact.
|
void |
setIdentitySource(java.lang.String value)
The source of the identity in an incoming request.
|
void |
setIdentityValidationExpression(java.lang.String value)
A validation expression for the incoming identity.
|
void |
setName(java.lang.String value)
The name of the authorizer.
|
void |
setProviderArns(java.util.List<java.lang.String> value)
A list of the Amazon Cognito user pool Amazon Resource Names (ARNs) to associate with this authorizer.
|
void |
setRestApiId(java.lang.String value)
The ID of the `RestApi` resource that API Gateway creates the authorizer in.
|
void |
setType(java.lang.String value)
The type of authorizer.
|
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties
getRef
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
public static final java.lang.String CFN_RESOURCE_TYPE_NAME
protected CfnAuthorizer(software.amazon.jsii.JsiiObjectRef objRef)
protected CfnAuthorizer(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
public CfnAuthorizer(Construct scope, java.lang.String id, CfnAuthorizerProps props)
scope
- - scope in which this resource is defined. This parameter is required.id
- - scoped id of the resource. This parameter is required.props
- - resource properties. This parameter is required.public void inspect(TreeInspector inspector)
inspect
in interface IInspectable
inspector
- - tree inspector to collect and process attributes. This parameter is required.protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
renderProperties
in class CfnResource
props
- This parameter is required.public java.lang.String getAttrAuthorizerId()
For example: abc123
.
protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()
getCfnProperties
in class CfnResource
public java.lang.String getName()
public void setName(java.lang.String value)
public java.lang.String getRestApiId()
public void setRestApiId(java.lang.String value)
public java.lang.String getType()
TOKEN
: A custom authorizer that uses a Lambda function.COGNITO_USER_POOLS
: An authorizer that uses Amazon Cognito user pools.REQUEST
: An authorizer that uses a Lambda function using incoming request parameters.public void setType(java.lang.String value)
TOKEN
: A custom authorizer that uses a Lambda function.COGNITO_USER_POOLS
: An authorizer that uses Amazon Cognito user pools.REQUEST
: An authorizer that uses a Lambda function using incoming request parameters.public java.lang.String getAuthorizerCredentials()
To specify an IAM role that API Gateway assumes, specify the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.
public void setAuthorizerCredentials(java.lang.String value)
To specify an IAM role that API Gateway assumes, specify the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.
public java.lang.Number getAuthorizerResultTtlInSeconds()
If you specify a value greater than 0, API Gateway caches the authorizer responses. By default, API Gateway sets this property to 300. The maximum value is 3600, or 1 hour.
public void setAuthorizerResultTtlInSeconds(java.lang.Number value)
If you specify a value greater than 0, API Gateway caches the authorizer responses. By default, API Gateway sets this property to 300. The maximum value is 3600, or 1 hour.
public java.lang.String getAuthorizerUri()
If you specify TOKEN
for the authorizer's Type
property, specify a Lambda function URI that has the form arn:aws:apigateway: *region* :lambda:path/ *path*
. The path usually has the form /2015-03-31/functions/ LambdaFunctionARN /invocations.
public void setAuthorizerUri(java.lang.String value)
If you specify TOKEN
for the authorizer's Type
property, specify a Lambda function URI that has the form arn:aws:apigateway: *region* :lambda:path/ *path*
. The path usually has the form /2015-03-31/functions/ LambdaFunctionARN /invocations.
public java.lang.String getAuthType()
public void setAuthType(java.lang.String value)
public java.lang.String getIdentitySource()
If you specify TOKEN
or COGNITO_USER_POOLS
for the Type
property, this property is required. Specify a header mapping expression using the form method.request.header. *name*
, where name is the name of a custom authorization header that clients submit as part of their requests.
If you specify REQUEST
for the Type
property, this property is required when authorization caching is enabled. Specify a comma-separated string of one or more mapping expressions of the specified request parameter using the form method.request.parameter. *name*
. For supported parameter types, see Configure Lambda Authorizer Using the API Gateway Console in the API Gateway Developer Guide .
public void setIdentitySource(java.lang.String value)
If you specify TOKEN
or COGNITO_USER_POOLS
for the Type
property, this property is required. Specify a header mapping expression using the form method.request.header. *name*
, where name is the name of a custom authorization header that clients submit as part of their requests.
If you specify REQUEST
for the Type
property, this property is required when authorization caching is enabled. Specify a comma-separated string of one or more mapping expressions of the specified request parameter using the form method.request.parameter. *name*
. For supported parameter types, see Configure Lambda Authorizer Using the API Gateway Console in the API Gateway Developer Guide .
public java.lang.String getIdentityValidationExpression()
If you specify TOKEN
for the authorizer's Type
property, specify a regular expression. API Gateway uses the expression to attempt to match the incoming client token, and proceeds if the token matches. If the token doesn't match, API Gateway responds with a 401 (unauthorized request) error code.
public void setIdentityValidationExpression(java.lang.String value)
If you specify TOKEN
for the authorizer's Type
property, specify a regular expression. API Gateway uses the expression to attempt to match the incoming client token, and proceeds if the token matches. If the token doesn't match, API Gateway responds with a 401 (unauthorized request) error code.
public java.util.List<java.lang.String> getProviderArns()
Required if you specify COGNITO_USER_POOLS
as the authorizer Type
. For more information, see Use Amazon Cognito User Pools in the API Gateway Developer Guide .
public void setProviderArns(java.util.List<java.lang.String> value)
Required if you specify COGNITO_USER_POOLS
as the authorizer Type
. For more information, see Use Amazon Cognito User Pools in the API Gateway Developer Guide .