Class GatewayAuthorizer
java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.bedrockagentcore.GatewayAuthorizer
- All Implemented Interfaces:
software.amazon.jsii.JsiiSerializable
@Generated(value="jsii-pacmak/1.130.0 (build 048a5ee)",
date="2026-05-20T12:39:41.771Z")
@Stability(Stable)
public abstract class GatewayAuthorizer
extends software.amazon.jsii.JsiiObject
Factory class for creating Gateway Authorizers.
Example:
// Optional: Create custom claims (CustomClaimOperator and GatewayCustomClaim from agentcore)
GatewayCustomClaim[] customClaims = List.of(GatewayCustomClaim.withStringValue("department", "engineering"), GatewayCustomClaim.withStringArrayValue("roles", List.of("admin"), CustomClaimOperator.CONTAINS), GatewayCustomClaim.withStringArrayValue("permissions", List.of("read", "write"), CustomClaimOperator.CONTAINS_ANY));
Gateway gateway = Gateway.Builder.create(this, "MyGateway")
.gatewayName("my-gateway")
.authorizerConfiguration(GatewayAuthorizer.usingCustomJwt(CustomJwtConfiguration.builder()
.discoveryUrl("https://auth.example.com/.well-known/openid-configuration")
.allowedAudience(List.of("my-app"))
.allowedClients(List.of("my-client-id"))
.allowedScopes(List.of("read", "write"))
.customClaims(customClaims)
.build()))
.build();
-
Nested Class Summary
Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedprotectedGatewayAuthorizer(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protectedGatewayAuthorizer(software.amazon.jsii.JsiiObjectRef objRef) -
Method Summary
Modifier and TypeMethodDescriptionstatic IGatewayAuthorizerConfigAWS IAM authorizer instance.static IGatewayAuthorizerConfigCreate a JWT authorizer from Cognito User Pool.static IGatewayAuthorizerConfigusingCustomJwt(CustomJwtConfiguration configuration) Create a custom JWT authorizer.static IGatewayAuthorizerConfigNo authorization — the gateway will not perform any inbound authorization.Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Constructor Details
-
GatewayAuthorizer
protected GatewayAuthorizer(software.amazon.jsii.JsiiObjectRef objRef) -
GatewayAuthorizer
protected GatewayAuthorizer(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
GatewayAuthorizer
@Stability(Stable) protected GatewayAuthorizer()
-
-
Method Details
-
usingAwsIam
AWS IAM authorizer instance. -
usingCognito
@Stability(Stable) @NotNull public static IGatewayAuthorizerConfig usingCognito(@NotNull CognitoAuthorizerProps props) Create a JWT authorizer from Cognito User Pool.- Parameters:
props-- The Cognito configuration.
- Returns:
- CustomJwtAuthorizer configured for Cognito
-
usingCustomJwt
@Stability(Stable) @NotNull public static IGatewayAuthorizerConfig usingCustomJwt(@NotNull CustomJwtConfiguration configuration) Create a custom JWT authorizer.- Parameters:
configuration-- The JWT configuration.
- Returns:
- IGatewayAuthorizerConfig configured for custom JWT
-
withNoAuth
No authorization — the gateway will not perform any inbound authorization.The gateway endpoint will be publicly accessible without credentials. Use this for testing/development, or for production gateways where you have implemented compensating controls such as Gateway Interceptors.
- Returns:
- IGatewayAuthorizerConfig configured for no authorization
- See Also:
-