aws.apigatewayv2.Authorizer
Explore with Pulumi AI
Manages an Amazon API Gateway Version 2 authorizer. More information can be found in the Amazon API Gateway Developer Guide.
Example Usage
Basic WebSocket API
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.apigatewayv2.Authorizer("example", {
apiId: exampleAwsApigatewayv2Api.id,
authorizerType: "REQUEST",
authorizerUri: exampleAwsLambdaFunction.invokeArn,
identitySources: ["route.request.header.Auth"],
name: "example-authorizer",
});
import pulumi
import pulumi_aws as aws
example = aws.apigatewayv2.Authorizer("example",
api_id=example_aws_apigatewayv2_api["id"],
authorizer_type="REQUEST",
authorizer_uri=example_aws_lambda_function["invokeArn"],
identity_sources=["route.request.header.Auth"],
name="example-authorizer")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apigatewayv2.NewAuthorizer(ctx, "example", &apigatewayv2.AuthorizerArgs{
ApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),
AuthorizerType: pulumi.String("REQUEST"),
AuthorizerUri: pulumi.Any(exampleAwsLambdaFunction.InvokeArn),
IdentitySources: pulumi.StringArray{
pulumi.String("route.request.header.Auth"),
},
Name: pulumi.String("example-authorizer"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.ApiGatewayV2.Authorizer("example", new()
{
ApiId = exampleAwsApigatewayv2Api.Id,
AuthorizerType = "REQUEST",
AuthorizerUri = exampleAwsLambdaFunction.InvokeArn,
IdentitySources = new[]
{
"route.request.header.Auth",
},
Name = "example-authorizer",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.apigatewayv2.Authorizer;
import com.pulumi.aws.apigatewayv2.AuthorizerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Authorizer("example", AuthorizerArgs.builder()
.apiId(exampleAwsApigatewayv2Api.id())
.authorizerType("REQUEST")
.authorizerUri(exampleAwsLambdaFunction.invokeArn())
.identitySources("route.request.header.Auth")
.name("example-authorizer")
.build());
}
}
resources:
example:
type: aws:apigatewayv2:Authorizer
properties:
apiId: ${exampleAwsApigatewayv2Api.id}
authorizerType: REQUEST
authorizerUri: ${exampleAwsLambdaFunction.invokeArn}
identitySources:
- route.request.header.Auth
name: example-authorizer
Basic HTTP API
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.apigatewayv2.Authorizer("example", {
apiId: exampleAwsApigatewayv2Api.id,
authorizerType: "REQUEST",
authorizerUri: exampleAwsLambdaFunction.invokeArn,
identitySources: ["$request.header.Authorization"],
name: "example-authorizer",
authorizerPayloadFormatVersion: "2.0",
});
import pulumi
import pulumi_aws as aws
example = aws.apigatewayv2.Authorizer("example",
api_id=example_aws_apigatewayv2_api["id"],
authorizer_type="REQUEST",
authorizer_uri=example_aws_lambda_function["invokeArn"],
identity_sources=["$request.header.Authorization"],
name="example-authorizer",
authorizer_payload_format_version="2.0")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apigatewayv2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := apigatewayv2.NewAuthorizer(ctx, "example", &apigatewayv2.AuthorizerArgs{
ApiId: pulumi.Any(exampleAwsApigatewayv2Api.Id),
AuthorizerType: pulumi.String("REQUEST"),
AuthorizerUri: pulumi.Any(exampleAwsLambdaFunction.InvokeArn),
IdentitySources: pulumi.StringArray{
pulumi.String("$request.header.Authorization"),
},
Name: pulumi.String("example-authorizer"),
AuthorizerPayloadFormatVersion: pulumi.String("2.0"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.ApiGatewayV2.Authorizer("example", new()
{
ApiId = exampleAwsApigatewayv2Api.Id,
AuthorizerType = "REQUEST",
AuthorizerUri = exampleAwsLambdaFunction.InvokeArn,
IdentitySources = new[]
{
"$request.header.Authorization",
},
Name = "example-authorizer",
AuthorizerPayloadFormatVersion = "2.0",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.apigatewayv2.Authorizer;
import com.pulumi.aws.apigatewayv2.AuthorizerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Authorizer("example", AuthorizerArgs.builder()
.apiId(exampleAwsApigatewayv2Api.id())
.authorizerType("REQUEST")
.authorizerUri(exampleAwsLambdaFunction.invokeArn())
.identitySources("$request.header.Authorization")
.name("example-authorizer")
.authorizerPayloadFormatVersion("2.0")
.build());
}
}
resources:
example:
type: aws:apigatewayv2:Authorizer
properties:
apiId: ${exampleAwsApigatewayv2Api.id}
authorizerType: REQUEST
authorizerUri: ${exampleAwsLambdaFunction.invokeArn}
identitySources:
- $request.header.Authorization
name: example-authorizer
authorizerPayloadFormatVersion: '2.0'
Create Authorizer Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Authorizer(name: string, args: AuthorizerArgs, opts?: CustomResourceOptions);
@overload
def Authorizer(resource_name: str,
args: AuthorizerArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Authorizer(resource_name: str,
opts: Optional[ResourceOptions] = None,
api_id: Optional[str] = None,
authorizer_type: Optional[str] = None,
authorizer_credentials_arn: Optional[str] = None,
authorizer_payload_format_version: Optional[str] = None,
authorizer_result_ttl_in_seconds: Optional[int] = None,
authorizer_uri: Optional[str] = None,
enable_simple_responses: Optional[bool] = None,
identity_sources: Optional[Sequence[str]] = None,
jwt_configuration: Optional[AuthorizerJwtConfigurationArgs] = None,
name: Optional[str] = None)
func NewAuthorizer(ctx *Context, name string, args AuthorizerArgs, opts ...ResourceOption) (*Authorizer, error)
public Authorizer(string name, AuthorizerArgs args, CustomResourceOptions? opts = null)
public Authorizer(String name, AuthorizerArgs args)
public Authorizer(String name, AuthorizerArgs args, CustomResourceOptions options)
type: aws:apigatewayv2:Authorizer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AuthorizerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AuthorizerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AuthorizerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthorizerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AuthorizerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var awsAuthorizerResource = new Aws.ApiGatewayV2.Authorizer("awsAuthorizerResource", new()
{
ApiId = "string",
AuthorizerType = "string",
AuthorizerCredentialsArn = "string",
AuthorizerPayloadFormatVersion = "string",
AuthorizerResultTtlInSeconds = 0,
AuthorizerUri = "string",
EnableSimpleResponses = false,
IdentitySources = new[]
{
"string",
},
JwtConfiguration = new Aws.ApiGatewayV2.Inputs.AuthorizerJwtConfigurationArgs
{
Audiences = new[]
{
"string",
},
Issuer = "string",
},
Name = "string",
});
example, err := apigatewayv2.NewAuthorizer(ctx, "awsAuthorizerResource", &apigatewayv2.AuthorizerArgs{
ApiId: pulumi.String("string"),
AuthorizerType: pulumi.String("string"),
AuthorizerCredentialsArn: pulumi.String("string"),
AuthorizerPayloadFormatVersion: pulumi.String("string"),
AuthorizerResultTtlInSeconds: pulumi.Int(0),
AuthorizerUri: pulumi.String("string"),
EnableSimpleResponses: pulumi.Bool(false),
IdentitySources: pulumi.StringArray{
pulumi.String("string"),
},
JwtConfiguration: &apigatewayv2.AuthorizerJwtConfigurationArgs{
Audiences: pulumi.StringArray{
pulumi.String("string"),
},
Issuer: pulumi.String("string"),
},
Name: pulumi.String("string"),
})
var awsAuthorizerResource = new Authorizer("awsAuthorizerResource", AuthorizerArgs.builder()
.apiId("string")
.authorizerType("string")
.authorizerCredentialsArn("string")
.authorizerPayloadFormatVersion("string")
.authorizerResultTtlInSeconds(0)
.authorizerUri("string")
.enableSimpleResponses(false)
.identitySources("string")
.jwtConfiguration(AuthorizerJwtConfigurationArgs.builder()
.audiences("string")
.issuer("string")
.build())
.name("string")
.build());
aws_authorizer_resource = aws.apigatewayv2.Authorizer("awsAuthorizerResource",
api_id="string",
authorizer_type="string",
authorizer_credentials_arn="string",
authorizer_payload_format_version="string",
authorizer_result_ttl_in_seconds=0,
authorizer_uri="string",
enable_simple_responses=False,
identity_sources=["string"],
jwt_configuration={
"audiences": ["string"],
"issuer": "string",
},
name="string")
const awsAuthorizerResource = new aws.apigatewayv2.Authorizer("awsAuthorizerResource", {
apiId: "string",
authorizerType: "string",
authorizerCredentialsArn: "string",
authorizerPayloadFormatVersion: "string",
authorizerResultTtlInSeconds: 0,
authorizerUri: "string",
enableSimpleResponses: false,
identitySources: ["string"],
jwtConfiguration: {
audiences: ["string"],
issuer: "string",
},
name: "string",
});
type: aws:apigatewayv2:Authorizer
properties:
apiId: string
authorizerCredentialsArn: string
authorizerPayloadFormatVersion: string
authorizerResultTtlInSeconds: 0
authorizerType: string
authorizerUri: string
enableSimpleResponses: false
identitySources:
- string
jwtConfiguration:
audiences:
- string
issuer: string
name: string
Authorizer Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Authorizer resource accepts the following input properties:
- Api
Id string - API identifier.
- string
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - string
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - string
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - int
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - string
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - Enable
Simple boolResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- Identity
Sources List<string> - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - Jwt
Configuration AuthorizerJwt Configuration - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - Name string
- Name of the authorizer. Must be between 1 and 128 characters in length.
- Api
Id string - API identifier.
- string
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - string
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - string
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - int
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - string
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - Enable
Simple boolResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- Identity
Sources []string - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - Jwt
Configuration AuthorizerJwt Configuration Args - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - Name string
- Name of the authorizer. Must be between 1 and 128 characters in length.
- api
Id String - API identifier.
- String
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - String
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - String
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - Integer
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - String
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - enable
Simple BooleanResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- identity
Sources List<String> - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - jwt
Configuration AuthorizerJwt Configuration - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - name String
- Name of the authorizer. Must be between 1 and 128 characters in length.
- api
Id string - API identifier.
- string
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - string
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - string
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - number
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - string
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - enable
Simple booleanResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- identity
Sources string[] - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - jwt
Configuration AuthorizerJwt Configuration - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - name string
- Name of the authorizer. Must be between 1 and 128 characters in length.
- api_
id str - API identifier.
- str
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - str
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - str
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - int
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - str
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - enable_
simple_ boolresponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- identity_
sources Sequence[str] - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - jwt_
configuration AuthorizerJwt Configuration Args - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - name str
- Name of the authorizer. Must be between 1 and 128 characters in length.
- api
Id String - API identifier.
- String
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - String
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - String
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - Number
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - String
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - enable
Simple BooleanResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- identity
Sources List<String> - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - jwt
Configuration Property Map - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - name String
- Name of the authorizer. Must be between 1 and 128 characters in length.
Outputs
All input properties are implicitly available as output properties. Additionally, the Authorizer resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Authorizer Resource
Get an existing Authorizer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AuthorizerState, opts?: CustomResourceOptions): Authorizer
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
api_id: Optional[str] = None,
authorizer_credentials_arn: Optional[str] = None,
authorizer_payload_format_version: Optional[str] = None,
authorizer_result_ttl_in_seconds: Optional[int] = None,
authorizer_type: Optional[str] = None,
authorizer_uri: Optional[str] = None,
enable_simple_responses: Optional[bool] = None,
identity_sources: Optional[Sequence[str]] = None,
jwt_configuration: Optional[AuthorizerJwtConfigurationArgs] = None,
name: Optional[str] = None) -> Authorizer
func GetAuthorizer(ctx *Context, name string, id IDInput, state *AuthorizerState, opts ...ResourceOption) (*Authorizer, error)
public static Authorizer Get(string name, Input<string> id, AuthorizerState? state, CustomResourceOptions? opts = null)
public static Authorizer get(String name, Output<String> id, AuthorizerState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Api
Id string - API identifier.
- string
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - string
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - int
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - string
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - string
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - Enable
Simple boolResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- Identity
Sources List<string> - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - Jwt
Configuration AuthorizerJwt Configuration - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - Name string
- Name of the authorizer. Must be between 1 and 128 characters in length.
- Api
Id string - API identifier.
- string
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - string
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - int
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - string
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - string
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - Enable
Simple boolResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- Identity
Sources []string - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - Jwt
Configuration AuthorizerJwt Configuration Args - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - Name string
- Name of the authorizer. Must be between 1 and 128 characters in length.
- api
Id String - API identifier.
- String
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - String
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - Integer
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - String
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - String
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - enable
Simple BooleanResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- identity
Sources List<String> - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - jwt
Configuration AuthorizerJwt Configuration - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - name String
- Name of the authorizer. Must be between 1 and 128 characters in length.
- api
Id string - API identifier.
- string
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - string
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - number
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - string
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - string
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - enable
Simple booleanResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- identity
Sources string[] - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - jwt
Configuration AuthorizerJwt Configuration - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - name string
- Name of the authorizer. Must be between 1 and 128 characters in length.
- api_
id str - API identifier.
- str
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - str
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - int
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - str
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - str
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - enable_
simple_ boolresponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- identity_
sources Sequence[str] - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - jwt_
configuration AuthorizerJwt Configuration Args - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - name str
- Name of the authorizer. Must be between 1 and 128 characters in length.
- api
Id String - API identifier.
- String
- Required credentials as an IAM role for API Gateway to invoke the authorizer.
Supported only for
REQUEST
authorizers. - String
- Format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers.
Valid values:
1.0
,2.0
. - Number
- Time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled.
If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Defaults to
300
. Supported only for HTTP API Lambda authorizers. - String
- Authorizer type. Valid values:
JWT
,REQUEST
. SpecifyREQUEST
for a Lambda function using incoming request parameters. For HTTP APIs, specifyJWT
to use JSON Web Tokens. - String
- Authorizer's Uniform Resource Identifier (URI).
For
REQUEST
authorizers this must be a well-formed Lambda function URI, such as theinvoke_arn
attribute of theaws.lambda.Function
resource. Supported only forREQUEST
authorizers. Must be between 1 and 2048 characters in length. - enable
Simple BooleanResponses - Whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs.
- identity
Sources List<String> - Identity sources for which authorization is requested.
For
REQUEST
authorizers the value is a list of one or more mapping expressions of the specified request parameters. ForJWT
authorizers the single entry specifies where to extract the JSON Web Token (JWT) from inbound requests. - jwt
Configuration Property Map - Configuration of a JWT authorizer. Required for the
JWT
authorizer type. Supported only for HTTP APIs. - name String
- Name of the authorizer. Must be between 1 and 128 characters in length.
Supporting Types
AuthorizerJwtConfiguration, AuthorizerJwtConfigurationArgs
Import
Using pulumi import
, import aws_apigatewayv2_authorizer
using the API identifier and authorizer identifier. For example:
$ pulumi import aws:apigatewayv2/authorizer:Authorizer example aabbccddee/1122334
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.