apigwv2: AuthorizerPayloadFormatVersion not a field in HttpLambdaAuthorizerProps #21492
Comments
elad-asaf
added
feature-request
github-actions
bot
added
the
@aws-cdk/aws-iam
rix0rrr
added
effort/small
|
Any solution to this? I'm in the same |
|
In case the PR is not (yet) accepted, for anyone facing this issue, you can use the lower-level import {
aws_apigatewayv2 as apigateway,
aws_ecr as ecr,
aws_lambda as lambda,
Names,
Stack,
StackProps,
} from "aws-cdk-lib";
import {
AuthorizerPayloadVersion,
HttpAuthorizer,
HttpAuthorizerType,
} from "aws-cdk-lib/aws-apigatewayv2";
import { Construct } from "constructs";
import * as ecrdeploy from "cdk-ecr-deployment";
import { DockerImageAsset } from "aws-cdk-lib/aws-ecr-assets";
import { IFunction } from "aws-cdk-lib/aws-lambda";
import { ServicePrincipal } from "aws-cdk-lib/aws-iam";
export class CdkStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
const repo = new ecr.Repository(this, "repo");
const dummyImage = new DockerImageAsset(this, "dummy-image", {
assetName: "dummy-image",
directory: "../dummy",
});
const ecrDeployment = new ecrdeploy.ECRDeployment(
this,
"ecr-deployment",
{
src: new ecrdeploy.DockerImageName(dummyImage.imageUri),
dest: new ecrdeploy.DockerImageName(
`${repo.repositoryUri}:latest`
),
}
);
const api = new apigateway.HttpApi(this, "api");
const lambdaFunction = new lambda.Function(this, "lambda", {
runtime: lambda.Runtime.FROM_IMAGE,
code: lambda.Code.fromEcrImage(repo),
handler: lambda.Handler.FROM_IMAGE,
});
lambdaFunction.node.addDependency(ecrDeployment);
const authorizer = new HttpAuthorizer(this, "authorizer", {
httpApi: api,
identitySource: [
'$request.header.Authorization',
],
type: HttpAuthorizerType.LAMBDA,
enableSimpleResponses: false,
payloadFormatVersion: AuthorizerPayloadVersion.VERSION_2_0,
authorizerUri: lambdaAuthorizerArn(lambdaFunction),
});
lambdaFunction.addPermission(
`${Names.nodeUniqueId(authorizer.node)}-Permission`,
{
scope: api,
principal: new ServicePrincipal("apigateway.amazonaws.com"),
sourceArn: this.formatArn({
service: "execute-api",
resource: api.apiId,
resourceName: `authorizers/${authorizer.authorizerId}`,
}),
}
);
}
}
function lambdaAuthorizerArn(handler: IFunction) {
return `arn:${Stack.of(handler).partition}:apigateway:${Stack.of(handler).region
}:lambda:path/2015-03-31/functions/${handler.functionArn}/invocations`;
}Alternatively, you can copy the contents of |
|
@yasamoka Thanks for providing an example with a lower level L2 construct. |
|
I also stumbled over this, thanks for putting in the effort. |
Describe the feature
The HttpLambdaAuthorizerProps includes a response type field, however, you can't choose the IAM response type and set the version of the payload format as 2.0.
The IAM payload 2.0 behaves a bit differently than 1.0, as described here:
https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.payload-format-response
It would be great to be able to set this as a prop in HttpLambdaAuthorizerProps.
Use Case
APIGW deployment using CDK would be much smoother with this.
Proposed Solution
No response
Other Information
No response
Acknowledgements
CDK version used
2.35.0
Environment details (OS name and version, etc.)
Ubuntu 20.04
The text was updated successfully, but these errors were encountered: