小贝子编程

在AWS::Serverless:: API中设置API密钥源为Authorizer



我有一个通过CloudFormationAWS::Serverless::Api对象定义的API。我需要它从其自定义授权器中获取使用计划密钥,相当于在AWS::ApiGateway::RestApi上将ApiKeySourceType设置为authorizer。如何做到这一点?

这是我使用的当前定义,包括从正确配置的API导出的OpenAPI定义。我确实认为即使在将配置设置为AUTHORIZER之后,x-api-key仍然列出api_key是奇怪的。

RestApi:
Type: AWS::Serverless::Api
Properties:
Name: !Sub ${AWS::StackName}-API
StageName: !Ref ApiStageName
MethodSettings:
- CachingEnabled: false
DataTraceEnabled: false
HttpMethod: '*'
LoggingLevel: INFO
MetricsEnabled: true
ResourcePath: '/*'
ThrottlingBurstLimit: !Ref ThrottlingBurstLimit
ThrottlingRateLimit: !Ref ThrottlingRateLimit
AccessLogSetting:
DestinationArn: !GetAtt ApiLogs.Arn
# format is copied from an example generated by the web console
Format: '{ "requestId":"$context.requestId", "ip": "$context.identity.sourceIp", "requestTime":"$context.requestTime", "httpMethod":"$context.httpMethod","routeKey":"$context.routeKey", "status":"$context.status","protocol":"$context.protocol", "responseLength":"$context.responseLength" }'
CacheClusterEnabled: false
TracingEnabled: true
DefinitionBody: !Sub |
openapi: "3.0.1"
paths:
/v2/oauth2/token:
post:
x-amazon-apigateway-integration:
connectionId: "${RestApiVpcLink}"
httpMethod: "POST"
uri: "http://${VPCLinkLB.DNSName}/v2/oauth2/token"
passthroughBehavior: "when_no_match"
connectionType: "VPC_LINK"
type: "http_proxy"
/{proxy+}:
x-amazon-apigateway-any-method:
parameters:
- name: "proxy"
in: "path"
required: true
schema:
type: "string"
security:
- LambdaAuthorizer: []
- api_key: []
x-amazon-apigateway-integration:
connectionId: "${RestApiVpcLink}"
httpMethod: "ANY"
uri: "http://${VPCLinkLB.DNSName}/{proxy}"
requestParameters:
integration.request.path.proxy: "method.request.path.proxy"
passthroughBehavior: "when_no_match"
connectionType: "VPC_LINK"
type: "http_proxy"
components:
securitySchemes:
LambdaAuthorizer:
type: apiKey
name: Authorization
in: header
x-amazon-apigateway-authtype: custom
x-amazon-apigateway-authorizer:
authorizerUri: "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GatewayAuthorizerLambda.Arn}/invocations"
authorizerResultTtlInSeconds: 300
identityValidationExpression: "Bearer .*"
type: "token"
api_key:
type: "apiKey"
name: "x-api-key"
in: "header"

我主要使用Serverless::Api而不是它的组件ApiGateway对象,因为我发现阶段/部署是一个巨大的头痛,否则

x-amazon-apigateway-api-key-source: AUTHORIZER需要添加为openapi: "3.0.1"的兄弟。openAPI扩展的文档在这里。

看起来一定是在舞台导出中有一个错误,导致这个丢失。

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium