HttpAuthorizerProps

class aws_cdk.aws_apigatewayv2.HttpAuthorizerProps(*, http_api, identity_source, type, authorizer_name=None, authorizer_uri=None, enable_simple_responses=None, jwt_audience=None, jwt_issuer=None, payload_format_version=None, results_cache_ttl=None)

Bases: object

Properties to initialize an instance of HttpAuthorizer.

Parameters:
  • http_api (IHttpApi) – HTTP Api to attach the authorizer to.

  • identity_source (Sequence[str]) – The identity source for which authorization is requested.

  • type (HttpAuthorizerType) – The type of authorizer.

  • authorizer_name (Optional[str]) – Name of the authorizer. Default: - id of the HttpAuthorizer construct.

  • authorizer_uri (Optional[str]) – The authorizer’s Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda function URI. Default: - required for Request authorizer types

  • enable_simple_responses (Optional[bool]) – Specifies whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Default: - The lambda authorizer must return an IAM policy as its response

  • jwt_audience (Optional[Sequence[str]]) – A list of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list. Default: - required for JWT authorizer typess.

  • jwt_issuer (Optional[str]) – The base domain of the identity provider that issues JWT. Default: - required for JWT authorizer types.

  • payload_format_version (Optional[AuthorizerPayloadVersion]) – Specifies the format of the payload sent to an HTTP API Lambda authorizer. Default: AuthorizerPayloadVersion.VERSION_2_0 if the authorizer type is HttpAuthorizerType.LAMBDA

  • results_cache_ttl (Optional[Duration]) – How long APIGateway should cache the results. Max 1 hour. Default: - API Gateway will not cache authorizer responses

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk as cdk
from aws_cdk import aws_apigatewayv2 as apigatewayv2

# http_api: apigatewayv2.HttpApi

http_authorizer_props = apigatewayv2.HttpAuthorizerProps(
    http_api=http_api,
    identity_source=["identitySource"],
    type=apigatewayv2.HttpAuthorizerType.IAM,

    # the properties below are optional
    authorizer_name="authorizerName",
    authorizer_uri="authorizerUri",
    enable_simple_responses=False,
    jwt_audience=["jwtAudience"],
    jwt_issuer="jwtIssuer",
    payload_format_version=apigatewayv2.AuthorizerPayloadVersion.VERSION_1_0,
    results_cache_ttl=cdk.Duration.minutes(30)
)

Attributes

authorizer_name

Name of the authorizer.

Default:
  • id of the HttpAuthorizer construct.

authorizer_uri

The authorizer’s Uniform Resource Identifier (URI).

For REQUEST authorizers, this must be a well-formed Lambda function URI.

Default:
  • required for Request authorizer types

enable_simple_responses

Specifies whether a Lambda authorizer returns a response in a simple format.

If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy.

Default:
  • The lambda authorizer must return an IAM policy as its response

http_api

HTTP Api to attach the authorizer to.

identity_source

The identity source for which authorization is requested.

See:

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-authorizer.html#cfn-apigatewayv2-authorizer-identitysource

jwt_audience

A list of the intended recipients of the JWT.

A valid JWT must provide an aud that matches at least one entry in this list.

Default:
  • required for JWT authorizer typess.

jwt_issuer

The base domain of the identity provider that issues JWT.

Default:
  • required for JWT authorizer types.

payload_format_version

Specifies the format of the payload sent to an HTTP API Lambda authorizer.

Default:

AuthorizerPayloadVersion.VERSION_2_0 if the authorizer type is HttpAuthorizerType.LAMBDA

results_cache_ttl

How long APIGateway should cache the results.

Max 1 hour.

Default:
  • API Gateway will not cache authorizer responses

type

The type of authorizer.