LambdaAuthorizerProps

class aws_cdk.aws_apigateway.LambdaAuthorizerProps(*, handler, assume_role=None, authorizer_name=None, results_cache_ttl=None)

Bases: object

Base properties for all lambda authorizers.

Parameters:

  • handler (IFunction) – The handler for the authorizer lambda function. The handler must follow a very specific protocol on the input it receives and the output it needs to produce. API Gateway has documented the handler’s input specification and output specification.

  • assume_role (Optional[IRole]) – An optional IAM role for APIGateway to assume before calling the Lambda-based authorizer. The IAM role must be assumable by ‘apigateway.amazonaws.com’. Default: - A resource policy is added to the Lambda function allowing apigateway.amazonaws.com to invoke the function.

  • authorizer_name (Optional[str]) – An optional human friendly name for the authorizer. Note that, this is not the primary identifier of the authorizer. Default: - the unique construct ID

  • results_cache_ttl (Optional[Duration]) – How long APIGateway should cache the results. Max 1 hour. Disable caching by setting this to 0. Default: - Duration.minutes(5)

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk as cdk
from aws_cdk import aws_apigateway as apigateway
from aws_cdk import aws_iam as iam
from aws_cdk import aws_lambda as lambda_

# function_: lambda.Function
# role: iam.Role

lambda_authorizer_props = apigateway.LambdaAuthorizerProps(
    handler=function_,

    # the properties below are optional
    assume_role=role,
    authorizer_name="authorizerName",
    results_cache_ttl=cdk.Duration.minutes(30)
)

Attributes

assume_role

An optional IAM role for APIGateway to assume before calling the Lambda-based authorizer.

The IAM role must be assumable by ‘apigateway.amazonaws.com’.

Default:

  • A resource policy is added to the Lambda function allowing apigateway.amazonaws.com to invoke the function.

authorizer_name

An optional human friendly name for the authorizer.

Note that, this is not the primary identifier of the authorizer.

Default:

  • the unique construct ID

handler

The handler for the authorizer lambda function.

The handler must follow a very specific protocol on the input it receives and the output it needs to produce. API Gateway has documented the handler’s input specification and output specification.

results_cache_ttl

How long APIGateway should cache the results.

Max 1 hour. Disable caching by setting this to 0.

Default:

  • Duration.minutes(5)