Class: AWSCDK::AppSync::CfnGraphQLAPI::LambdaAuthorizerConfigProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
app_sync/cfn_graph_qlapi.rb

Overview

Configuration for AWS Lambda function authorization.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(authorizer_result_ttl_in_seconds: nil, authorizer_uri: nil, identity_validation_expression: nil) ⇒ LambdaAuthorizerConfigProperty

Returns a new instance of LambdaAuthorizerConfigProperty.

Parameters:

  • authorizer_result_ttl_in_seconds (Numeric, nil) (defaults to: nil)

    The number of seconds a response should be cached for.

  • authorizer_uri (String, nil) (defaults to: nil)

    The ARN of the Lambda function to be called for authorization.

  • identity_validation_expression (String, nil) (defaults to: nil)

    A regular expression for validation of tokens before the Lambda function is called.



995
996
997
998
999
1000
1001
1002
# File 'app_sync/cfn_graph_qlapi.rb', line 995

def initialize(authorizer_result_ttl_in_seconds: nil, authorizer_uri: nil, identity_validation_expression: nil)
  @authorizer_result_ttl_in_seconds = authorizer_result_ttl_in_seconds
  Jsii::Type.check_type(@authorizer_result_ttl_in_seconds, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "authorizerResultTtlInSeconds") unless @authorizer_result_ttl_in_seconds.nil?
  @authorizer_uri = authorizer_uri
  Jsii::Type.check_type(@authorizer_uri, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "authorizerUri") unless @authorizer_uri.nil?
  @identity_validation_expression = identity_validation_expression
  Jsii::Type.check_type(@identity_validation_expression, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "identityValidationExpression") unless @identity_validation_expression.nil?
end

Instance Attribute Details

#authorizer_result_ttl_in_secondsNumeric? (readonly)

The number of seconds a response should be cached for.

The default is 0 seconds, which disables caching. If you don't specify a value for authorizer_result_ttl_in_seconds , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a ttl_override key in its response.



1010
1011
1012
# File 'app_sync/cfn_graph_qlapi.rb', line 1010

def authorizer_result_ttl_in_seconds
  @authorizer_result_ttl_in_seconds
end

#authorizer_uriString? (readonly)

The ARN of the Lambda function to be called for authorization.

This may be a standard Lambda ARN, a version ARN ( .../v3 ) or alias ARN.

Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To do so with the AWS CLI , run the following:

aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction



1021
1022
1023
# File 'app_sync/cfn_graph_qlapi.rb', line 1021

def authorizer_uri
  @authorizer_uri
end

#identity_validation_expressionString? (readonly)

A regular expression for validation of tokens before the Lambda function is called.



1026
1027
1028
# File 'app_sync/cfn_graph_qlapi.rb', line 1026

def identity_validation_expression
  @identity_validation_expression
end

Class Method Details

.jsii_propertiesObject



1028
1029
1030
1031
1032
1033
1034
# File 'app_sync/cfn_graph_qlapi.rb', line 1028

def self.jsii_properties
  {
    :authorizer_result_ttl_in_seconds => "authorizerResultTtlInSeconds",
    :authorizer_uri => "authorizerUri",
    :identity_validation_expression => "identityValidationExpression",
  }
end

Instance Method Details

#to_jsiiObject



1036
1037
1038
1039
1040
1041
1042
1043
1044
# File 'app_sync/cfn_graph_qlapi.rb', line 1036

def to_jsii
  result = {}
  result.merge!({
    "authorizerResultTtlInSeconds" => @authorizer_result_ttl_in_seconds,
    "authorizerUri" => @authorizer_uri,
    "identityValidationExpression" => @identity_validation_expression,
  })
  result.compact
end