Class: AWSCDK::AppSync::CfnAPI::LambdaAuthorizerConfigProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
app_sync/cfn_api.rb

Overview

A LambdaAuthorizerConfig specifies how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode.

Be aware that an AWS AppSync API can have only one AWS Lambda authorizer configured at a time.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(authorizer_uri:, authorizer_result_ttl_in_seconds: nil, identity_validation_expression: nil) ⇒ LambdaAuthorizerConfigProperty

Returns a new instance of LambdaAuthorizerConfigProperty.

Parameters:

  • authorizer_uri (String)

    The Amazon Resource Name (ARN) of the Lambda function to be called for authorization.

  • authorizer_result_ttl_in_seconds (Numeric, nil) (defaults to: nil)

    The number of seconds a response should be cached for.

  • identity_validation_expression (String, nil) (defaults to: nil)

    A regular expression for validation of tokens before the Lambda function is called.



907
908
909
910
911
912
913
914
# File 'app_sync/cfn_api.rb', line 907

def initialize(authorizer_uri:, authorizer_result_ttl_in_seconds: nil, identity_validation_expression: nil)
  @authorizer_uri = authorizer_uri
  Jsii::Type.check_type(@authorizer_uri, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "authorizerUri")
  @authorizer_result_ttl_in_seconds = authorizer_result_ttl_in_seconds
  Jsii::Type.check_type(@authorizer_result_ttl_in_seconds, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "authorizerResultTtlInSeconds") unless @authorizer_result_ttl_in_seconds.nil?
  @identity_validation_expression = identity_validation_expression
  Jsii::Type.check_type(@identity_validation_expression, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "identityValidationExpression") unless @identity_validation_expression.nil?
end

Instance Attribute Details

#authorizer_result_ttl_in_secondsNumeric? (readonly)

The number of seconds a response should be cached for.

The default is 0 seconds, which disables caching. If you don't specify a value for authorizer_result_ttl_in_seconds , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a ttl_override key in its response.



933
934
935
# File 'app_sync/cfn_api.rb', line 933

def authorizer_result_ttl_in_seconds
  @authorizer_result_ttl_in_seconds
end

#authorizer_uriString (readonly)

The Amazon Resource Name (ARN) of the Lambda function to be called for authorization.

This can be a standard Lambda ARN, a version ARN ( .../v3 ), or an alias ARN.

Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the AWS Command Line Interface ( AWS CLI ), run the following:

aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction



926
927
928
# File 'app_sync/cfn_api.rb', line 926

def authorizer_uri
  @authorizer_uri
end

#identity_validation_expressionString? (readonly)

A regular expression for validation of tokens before the Lambda function is called.



938
939
940
# File 'app_sync/cfn_api.rb', line 938

def identity_validation_expression
  @identity_validation_expression
end

Class Method Details

.jsii_propertiesObject



940
941
942
943
944
945
946
# File 'app_sync/cfn_api.rb', line 940

def self.jsii_properties
  {
    :authorizer_uri => "authorizerUri",
    :authorizer_result_ttl_in_seconds => "authorizerResultTtlInSeconds",
    :identity_validation_expression => "identityValidationExpression",
  }
end

Instance Method Details

#to_jsiiObject



948
949
950
951
952
953
954
955
956
# File 'app_sync/cfn_api.rb', line 948

def to_jsii
  result = {}
  result.merge!({
    "authorizerUri" => @authorizer_uri,
    "authorizerResultTtlInSeconds" => @authorizer_result_ttl_in_seconds,
    "identityValidationExpression" => @identity_validation_expression,
  })
  result.compact
end