authorizers
Creates, updates, deletes or gets an authorizer resource or lists authorizers in a region
Overview
| Name | authorizers |
| Type | Resource |
| Description | The ``AWS::ApiGateway::Authorizer`` resource creates an authorization layer that API Gateway activates for methods that have authorization enabled. API Gateway activates the authorizer when a client calls those methods. |
| Id | awscc.apigateway.authorizers |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
rest_api_id | string | |
authorizer_id | string | |
auth_type | string | |
authorizer_credentials | string | |
authorizer_result_ttl_in_seconds | integer | |
authorizer_uri | string | |
identity_source | string | |
identity_validation_expression | string | |
name | string | |
provider_arns | array | |
type | string | |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
rest_api_id | string | |
authorizer_id | string | |
region | string | AWS region. |
For more information, see AWS::ApiGateway::Authorizer.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | authorizers | INSERT | RestApiId, Type, Name, region |
delete_resource | authorizers | DELETE | Identifier, region |
update_resource | authorizers | UPDATE | Identifier, PatchDocument, region |
list_resources | authorizers_list_only | SELECT | region |
get_resource | authorizers | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual authorizer.
SELECT
region,
rest_api_id,
authorizer_id,
auth_type,
authorizer_credentials,
authorizer_result_ttl_in_seconds,
authorizer_uri,
identity_source,
identity_validation_expression,
name,
provider_arns,
type
FROM awscc.apigateway.authorizers
WHERE
region = 'us-east-1' AND
Identifier = '{{ rest_api_id }}|{{ authorizer_id }}';
Lists all authorizers in a region.
SELECT
region,
rest_api_id,
authorizer_id
FROM awscc.apigateway.authorizers_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new authorizer resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.apigateway.authorizers (
RestApiId,
Name,
Type,
region
)
SELECT
'{{ rest_api_id }}',
'{{ name }}',
'{{ type }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.apigateway.authorizers (
RestApiId,
AuthType,
AuthorizerCredentials,
AuthorizerResultTtlInSeconds,
AuthorizerUri,
IdentitySource,
IdentityValidationExpression,
Name,
ProviderARNs,
Type,
region
)
SELECT
'{{ rest_api_id }}',
'{{ auth_type }}',
'{{ authorizer_credentials }}',
'{{ authorizer_result_ttl_in_seconds }}',
'{{ authorizer_uri }}',
'{{ identity_source }}',
'{{ identity_validation_expression }}',
'{{ name }}',
'{{ provider_arns }}',
'{{ type }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: authorizer
props:
- name: rest_api_id
value: '{{ rest_api_id }}'
- name: auth_type
value: '{{ auth_type }}'
- name: authorizer_credentials
value: '{{ authorizer_credentials }}'
- name: authorizer_result_ttl_in_seconds
value: '{{ authorizer_result_ttl_in_seconds }}'
- name: authorizer_uri
value: '{{ authorizer_uri }}'
- name: identity_source
value: '{{ identity_source }}'
- name: identity_validation_expression
value: '{{ identity_validation_expression }}'
- name: name
value: '{{ name }}'
- name: provider_arns
value:
- '{{ provider_arns[0] }}'
- name: type
value: '{{ type }}'
UPDATE example
Use the following StackQL query and manifest file to update a authorizer resource, using stack-deploy.
/*+ update */
UPDATE awscc.apigateway.authorizers
SET PatchDocument = string('{{ {
"AuthType": auth_type,
"AuthorizerCredentials": authorizer_credentials,
"AuthorizerResultTtlInSeconds": authorizer_result_ttl_in_seconds,
"AuthorizerUri": authorizer_uri,
"IdentitySource": identity_source,
"IdentityValidationExpression": identity_validation_expression,
"Name": name,
"ProviderARNs": provider_arns,
"Type": type
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ rest_api_id }}|{{ authorizer_id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.apigateway.authorizers
WHERE
Identifier = '{{ rest_api_id }}|{{ authorizer_id }}' AND
region = 'us-east-1';
Permissions
To operate on the authorizers resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
apigateway:POST,
iam:PassRole
apigateway:GET
apigateway:GET,
apigateway:PATCH,
iam:PassRole
apigateway:DELETE
apigateway:GET