Table Of Contents

Feedback

User Guide

First time using the AWS CLI? See the User Guide for help getting started.

[ aws . iot ]

create-authorizer

Description

Creates an authorizer.

See also: AWS API Documentation

See 'aws help' for descriptions of global parameters.

Synopsis

  create-authorizer
--authorizer-name <value>
--authorizer-function-arn <value>
[--token-key-name <value>]
[--token-signing-public-keys <value>]
[--status <value>]
[--signing-disabled | --no-signing-disabled]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]

Options

--authorizer-name (string)

The authorizer name.

--authorizer-function-arn (string)

The ARN of the authorizer's Lambda function.

--token-key-name (string)

The name of the token key used to extract the token from the HTTP headers.

--token-signing-public-keys (map)

The public keys used to verify the digital signature returned by your custom authentication service.

Shorthand Syntax:

KeyName1=string,KeyName2=string

JSON Syntax:

{"string": "string"
  ...}

--status (string)

The status of the create authorizer request.

Possible values:

  • ACTIVE
  • INACTIVE

--signing-disabled | --no-signing-disabled (boolean)

Specifies whether AWS IoT validates the token signature in an authorization request.

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See 'aws help' for descriptions of global parameters.

Examples

To create a custom authorizer

The following create-authorizer example creates a custom authorizer that uses the specified Lambda function as part of a custom authentication service.

   aws iot create-authorizer \
       --authorizer-name "CustomAuthorizer" \
       --authorizer-function-arn "arn:aws:lambda:us-west-2:123456789012:function:CustomAuthorizerFunction" \
       --token-key-name "MyAuthToken" \
       --status ACTIVE \
       --token-signing-public-keys FIRST_KEY="-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uJOB4lQPgG/lM6ZfIwo
Z+7ENxAio9q6QD4FFqjGZsvjtYwjoe1RKK0U8Eq9xb5O3kRSmyIwTzwzm/f4Gf0Y
ZUloJ+t3PUUwHrmbYTAgTrCUgRFygjfgVwGCPs5ZAX4Eyqt5cr+AIHIiUDbxSa7p
zwOBKPeic0asNJpqT8PkBbRaKyleJh5oo81NDHHmVtbBm5A5YiJjqYXLaVAowKzZ
+GqsNvAQ9Jy1wI2VrEa1OfL8flDB/BJLm7zjpfPOHDJQgID0XnZwAlNnZcOhCwIx
50g2LW2Oy9R/dmqtDmJiVP97Z4GykxPvwlYHrUXY0iW1R3AR/Ac1NhCTGZMwVDB1
lQIDAQAB
-----END PUBLIC KEY-----"

Output:

{
    "authorizerName": "CustomAuthorizer",
    "authorizerArn": "arn:aws:iot:us-west-2:123456789012:authorizer/CustomAuthorizer2"
}

For more information, see CreateAuthorizer in the AWS IoT API Reference.

Output

authorizerName -> (string)

The authorizer's name.

authorizerArn -> (string)

The authorizer ARN.