Class: AWSCDK::APIGateway::RequestAuthorizerProps
- Inherits:
-
LambdaAuthorizerProps
- Object
- LambdaAuthorizerProps
- AWSCDK::APIGateway::RequestAuthorizerProps
- Defined in:
- api_gateway/request_authorizer_props.rb
Overview
Properties for RequestAuthorizer.
Instance Attribute Summary collapse
-
#assume_role ⇒ AWSCDK::IAM::IRole?
readonly
An optional IAM role for APIGateway to assume before calling the Lambda-based authorizer.
-
#authorizer_name ⇒ String?
readonly
An optional human friendly name for the authorizer.
-
#handler ⇒ AWSCDK::Lambda::IFunction
readonly
The handler for the authorizer lambda function.
-
#identity_sources ⇒ Array<String>
readonly
An array of request header mapping expressions for identities.
-
#results_cache_ttl ⇒ AWSCDK::Duration?
readonly
How long APIGateway should cache the results.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(handler:, assume_role: nil, authorizer_name: nil, results_cache_ttl: nil, identity_sources:) ⇒ RequestAuthorizerProps
constructor
A new instance of RequestAuthorizerProps.
- #to_jsii ⇒ Object
Constructor Details
#initialize(handler:, assume_role: nil, authorizer_name: nil, results_cache_ttl: nil, identity_sources:) ⇒ RequestAuthorizerProps
Returns a new instance of RequestAuthorizerProps.
12 13 14 15 16 17 18 19 20 21 22 23 |
# File 'api_gateway/request_authorizer_props.rb', line 12 def initialize(handler:, assume_role: nil, authorizer_name: nil, results_cache_ttl: nil, identity_sources:) @handler = handler Jsii::Type.check_type(@handler, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfbGFtYmRhLklGdW5jdGlvbiJ9")), "handler") @assume_role = assume_role Jsii::Type.check_type(@assume_role, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfaWFtLklSb2xlIn0=")), "assumeRole") unless @assume_role.nil? @authorizer_name = Jsii::Type.check_type(@authorizer_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "authorizerName") unless @authorizer_name.nil? @results_cache_ttl = results_cache_ttl Jsii::Type.check_type(@results_cache_ttl, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5EdXJhdGlvbiJ9")), "resultsCacheTtl") unless @results_cache_ttl.nil? @identity_sources = identity_sources Jsii::Type.check_type(@identity_sources, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "identitySources") end |
Instance Attribute Details
#assume_role ⇒ AWSCDK::IAM::IRole? (readonly)
Default: - A resource policy is added to the Lambda function allowing apigateway.amazonaws.com to invoke the function.
An optional IAM role for APIGateway to assume before calling the Lambda-based authorizer.
The IAM role must be assumable by 'apigateway.amazonaws.com'.
41 42 43 |
# File 'api_gateway/request_authorizer_props.rb', line 41 def assume_role @assume_role end |
#authorizer_name ⇒ String? (readonly)
Default: - the unique construct ID
An optional human friendly name for the authorizer.
Note that, this is not the primary identifier of the authorizer.
48 49 50 |
# File 'api_gateway/request_authorizer_props.rb', line 48 def @authorizer_name end |
#handler ⇒ AWSCDK::Lambda::IFunction (readonly)
The handler for the authorizer lambda function.
The handler must follow a very specific protocol on the input it receives and the output it needs to produce. API Gateway has documented the handler's input specification and output specification.
33 34 35 |
# File 'api_gateway/request_authorizer_props.rb', line 33 def handler @handler end |
#identity_sources ⇒ Array<String> (readonly)
An array of request header mapping expressions for identities.
Supported parameter types are
Header, Query String, Stage Variable, and Context. For instance, extracting an authorization
token from a header would use the identity source IdentitySource.header('Authorization').
Note: API Gateway uses the specified identity sources as the request authorizer caching key. When caching is enabled, API Gateway calls the authorizer's Lambda function only after successfully verifying that all the specified identity sources are present at runtime. If a specified identify source is missing, null, or empty, API Gateway returns a 401 Unauthorized response without calling the authorizer Lambda function.
70 71 72 |
# File 'api_gateway/request_authorizer_props.rb', line 70 def identity_sources @identity_sources end |
#results_cache_ttl ⇒ AWSCDK::Duration? (readonly)
Default: - Duration.minutes(5)
How long APIGateway should cache the results.
Max 1 hour. Disable caching by setting this to 0.
56 57 58 |
# File 'api_gateway/request_authorizer_props.rb', line 56 def results_cache_ttl @results_cache_ttl end |
Class Method Details
.jsii_properties ⇒ Object
72 73 74 75 76 77 78 79 80 |
# File 'api_gateway/request_authorizer_props.rb', line 72 def self.jsii_properties { :handler => "handler", :assume_role => "assumeRole", :authorizer_name => "authorizerName", :results_cache_ttl => "resultsCacheTtl", :identity_sources => "identitySources", } end |
Instance Method Details
#to_jsii ⇒ Object
82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'api_gateway/request_authorizer_props.rb', line 82 def to_jsii result = {} result.merge!(super) result.merge!({ "handler" => @handler, "assumeRole" => @assume_role, "authorizerName" => @authorizer_name, "resultsCacheTtl" => @results_cache_ttl, "identitySources" => @identity_sources, }) result.compact end |