class HttpAuthorizer (construct)
Language | Type name |
---|---|
.NET | Amazon.CDK.AWS.Apigatewayv2.HttpAuthorizer |
Go | github.com/aws/aws-cdk-go/awscdk/v2/awsapigatewayv2#HttpAuthorizer |
Java | software.amazon.awscdk.services.apigatewayv2.HttpAuthorizer |
Python | aws_cdk.aws_apigatewayv2.HttpAuthorizer |
TypeScript (source) | aws-cdk-lib » aws_apigatewayv2 » HttpAuthorizer |
Implements
IConstruct
, IDependable
, IResource
, IHttp
, IAuthorizer
An authorizer for Http Apis.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as cdk from 'aws-cdk-lib';
import { aws_apigatewayv2 as apigatewayv2 } from 'aws-cdk-lib';
declare const httpApi: apigatewayv2.HttpApi;
const httpAuthorizer = new apigatewayv2.HttpAuthorizer(this, 'MyHttpAuthorizer', {
httpApi: httpApi,
identitySource: ['identitySource'],
type: apigatewayv2.HttpAuthorizerType.IAM,
// the properties below are optional
authorizerName: 'authorizerName',
authorizerUri: 'authorizerUri',
enableSimpleResponses: false,
jwtAudience: ['jwtAudience'],
jwtIssuer: 'jwtIssuer',
payloadFormatVersion: apigatewayv2.AuthorizerPayloadVersion.VERSION_1_0,
resultsCacheTtl: cdk.Duration.minutes(30),
});
Initializer
new HttpAuthorizer(scope: Construct, id: string, props: HttpAuthorizerProps)
Parameters
- scope
Construct
- id
string
- props
Http
Authorizer Props
Construct Props
Name | Type | Description |
---|---|---|
http | IHttp | HTTP Api to attach the authorizer to. |
identity | string[] | The identity source for which authorization is requested. |
type | Http | The type of authorizer. |
authorizer | string | Name of the authorizer. |
authorizer | string | The authorizer's Uniform Resource Identifier (URI). |
enable | boolean | Specifies whether a Lambda authorizer returns a response in a simple format. |
jwt | string[] | A list of the intended recipients of the JWT. |
jwt | string | The base domain of the identity provider that issues JWT. |
payload | Authorizer | Specifies the format of the payload sent to an HTTP API Lambda authorizer. |
results | Duration | How long APIGateway should cache the results. |
httpApi
Type:
IHttp
HTTP Api to attach the authorizer to.
identitySource
Type:
string[]
The identity source for which authorization is requested.
type
Type:
Http
The type of authorizer.
authorizerName?
Type:
string
(optional, default: id of the HttpAuthorizer construct.)
Name of the authorizer.
authorizerUri?
Type:
string
(optional, default: required for Request authorizer types)
The authorizer's Uniform Resource Identifier (URI).
For REQUEST authorizers, this must be a well-formed Lambda function URI.
enableSimpleResponses?
Type:
boolean
(optional, default: The lambda authorizer must return an IAM policy as its response)
Specifies whether a Lambda authorizer returns a response in a simple format.
If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy.
jwtAudience?
Type:
string[]
(optional, default: required for JWT authorizer typess.)
A list of the intended recipients of the JWT.
A valid JWT must provide an aud that matches at least one entry in this list.
jwtIssuer?
Type:
string
(optional, default: required for JWT authorizer types.)
The base domain of the identity provider that issues JWT.
payloadFormatVersion?
Type:
Authorizer
(optional, default: AuthorizerPayloadVersion.VERSION_2_0 if the authorizer type is HttpAuthorizerType.LAMBDA)
Specifies the format of the payload sent to an HTTP API Lambda authorizer.
resultsCacheTtl?
Type:
Duration
(optional, default: API Gateway will not cache authorizer responses)
How long APIGateway should cache the results.
Max 1 hour.
Properties
Name | Type | Description |
---|---|---|
authorizer | string | Id of the Authorizer. |
env | Resource | The environment this resource belongs to. |
node | Node | The tree node. |
stack | Stack | The stack in which this resource is defined. |
authorizerId
Type:
string
Id of the Authorizer.
env
Type:
Resource
The environment this resource belongs to.
For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
node
Type:
Node
The tree node.
stack
Type:
Stack
The stack in which this resource is defined.
Methods
Name | Description |
---|---|
apply | Apply the given removal policy to this resource. |
to | Returns a string representation of this construct. |
static from | Import an existing HTTP Authorizer into this CDK app. |
applyRemovalPolicy(policy)
public applyRemovalPolicy(policy: RemovalPolicy): void
Parameters
- policy
Removal
Policy
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY
), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN
).
toString()
public toString(): string
Returns
string
Returns a string representation of this construct.
static fromHttpAuthorizerAttributes(scope, id, attrs)
public static fromHttpAuthorizerAttributes(scope: Construct, id: string, attrs: HttpAuthorizerAttributes): IHttpRouteAuthorizer
Parameters
- scope
Construct
- id
string
- attrs
Http
Authorizer Attributes
Returns
Import an existing HTTP Authorizer into this CDK app.