CognitoUserPoolsAuthorizerProps

class aws_cdk.aws_apigateway.CognitoUserPoolsAuthorizerProps(*, cognito_user_pools, authorizer_name=None, identity_source=None, results_cache_ttl=None)

Bases: object

Properties for CognitoUserPoolsAuthorizer.

Parameters:
  • cognito_user_pools (Sequence[IUserPool]) – The user pools to associate with this authorizer.

  • authorizer_name (Optional[str]) – An optional human friendly name for the authorizer. Note that, this is not the primary identifier of the authorizer. Default: - the unique construct ID

  • identity_source (Optional[str]) – The request header mapping expression for the bearer token. This is typically passed as part of the header, in which case this should be method.request.header.Authorizer where Authorizer is the header containing the bearer token. Default: IdentitySource.header('Authorization')

  • results_cache_ttl (Optional[Duration]) – How long APIGateway should cache the results. Max 1 hour. Disable caching by setting this to 0. Default: Duration.minutes(5)

ExampleMetadata:

infused

Example:

# books: apigateway.Resource
user_pool = cognito.UserPool(self, "UserPool")

auth = apigateway.CognitoUserPoolsAuthorizer(self, "booksAuthorizer",
    cognito_user_pools=[user_pool]
)
books.add_method("GET", apigateway.HttpIntegration("http://amazon.com"),
    authorizer=auth,
    authorization_type=apigateway.AuthorizationType.COGNITO
)

Attributes

authorizer_name

An optional human friendly name for the authorizer.

Note that, this is not the primary identifier of the authorizer.

Default:
  • the unique construct ID

cognito_user_pools

The user pools to associate with this authorizer.

identity_source

The request header mapping expression for the bearer token.

This is typically passed as part of the header, in which case this should be method.request.header.Authorizer where Authorizer is the header containing the bearer token.

Default:

IdentitySource.header('Authorization')

See:

https://docs.aws.amazon.com/apigateway/latest/api/API_CreateAuthorizer.html#apigw-CreateAuthorizer-request-identitySource

results_cache_ttl

How long APIGateway should cache the results.

Max 1 hour. Disable caching by setting this to 0.

Default:

Duration.minutes(5)