awsapigatewayv2authorizers

package
v1.151.0-devpreview Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 1, 2022 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewHttpIamAuthorizer_Override 

func NewHttpIamAuthorizer_Override(h HttpIamAuthorizer)

Experimental.

func NewHttpJwtAuthorizer_Override 

func NewHttpJwtAuthorizer_Override(h HttpJwtAuthorizer, id *string, jwtIssuer *string, props *HttpJwtAuthorizerProps)

Initialize a JWT authorizer to be bound with HTTP route. Experimental.

func NewHttpLambdaAuthorizer_Override 

func NewHttpLambdaAuthorizer_Override(h HttpLambdaAuthorizer, id *string, handler awslambda.IFunction, props *HttpLambdaAuthorizerProps)

Initialize a lambda authorizer to be bound with HTTP route. Experimental.

func NewHttpUserPoolAuthorizer_Override 

func NewHttpUserPoolAuthorizer_Override(h HttpUserPoolAuthorizer, id *string, pool awscognito.IUserPool, props *HttpUserPoolAuthorizerProps)

Initialize a Cognito user pool authorizer to be bound with HTTP route. Experimental.

func NewWebSocketLambdaAuthorizer_Override 

func NewWebSocketLambdaAuthorizer_Override(w WebSocketLambdaAuthorizer, id *string, handler awslambda.IFunction, props *WebSocketLambdaAuthorizerProps)

Experimental.

Types

type HttpIamAuthorizer 

type HttpIamAuthorizer interface {
	awsapigatewayv2.IHttpRouteAuthorizer
	// Bind this authorizer to a specified Http route.
	// Experimental.
	Bind(_options *awsapigatewayv2.HttpRouteAuthorizerBindOptions) *awsapigatewayv2.HttpRouteAuthorizerConfig
}

Authorize HTTP API Routes with IAM.

Example: 

import awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpIamAuthorizer awscdk.HttpIamAuthorizerimport awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpUrlIntegration awscdk.HttpUrlIntegration

var principal anyPrincipal

authorizer := NewHttpIamAuthorizer()

httpApi := apigwv2.NewHttpApi(this, jsii.String("HttpApi"), &httpApiProps{
	defaultAuthorizer: authorizer,
})

routes := httpApi.addRoutes(&addRoutesOptions{
	integration: NewHttpUrlIntegration(jsii.String("BooksIntegration"), jsii.String("https://get-books-proxy.myproxy.internal")),
	path: jsii.String("/books/{book}"),
})

routes[0].grantInvoke(principal)

Experimental.

func NewHttpIamAuthorizer 

func NewHttpIamAuthorizer() HttpIamAuthorizer

Experimental.

type HttpJwtAuthorizer 

type HttpJwtAuthorizer interface {
	awsapigatewayv2.IHttpRouteAuthorizer
	// Bind this authorizer to a specified Http route.
	// Experimental.
	Bind(options *awsapigatewayv2.HttpRouteAuthorizerBindOptions) *awsapigatewayv2.HttpRouteAuthorizerConfig
}

Authorize Http Api routes on whether the requester is registered as part of an AWS Cognito user pool.

Example: 

import awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpJwtAuthorizer awscdk.HttpJwtAuthorizerimport awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpUrlIntegration awscdk.HttpUrlIntegration

issuer := "https://test.us.auth0.com"
authorizer := NewHttpJwtAuthorizer(jsii.String("BooksAuthorizer"), issuer, &httpJwtAuthorizerProps{
	jwtAudience: []*string{
		jsii.String("3131231"),
	},
})

api := apigwv2.NewHttpApi(this, jsii.String("HttpApi"))

api.addRoutes(&addRoutesOptions{
	integration: NewHttpUrlIntegration(jsii.String("BooksIntegration"), jsii.String("https://get-books-proxy.myproxy.internal")),
	path: jsii.String("/books"),
	authorizer: authorizer,
})

Experimental.

func NewHttpJwtAuthorizer 

func NewHttpJwtAuthorizer(id *string, jwtIssuer *string, props *HttpJwtAuthorizerProps) HttpJwtAuthorizer

Initialize a JWT authorizer to be bound with HTTP route. Experimental.

type HttpJwtAuthorizerProps 

type HttpJwtAuthorizerProps struct {
	// A list of the intended recipients of the JWT.
	//
	// A valid JWT must provide an aud that matches at least one entry in this list.
	// Experimental.
	JwtAudience *[]*string `json:"jwtAudience" yaml:"jwtAudience"`
	// The name of the authorizer.
	// Experimental.
	AuthorizerName *string `json:"authorizerName" yaml:"authorizerName"`
	// The identity source for which authorization is requested.
	// Experimental.
	IdentitySource *[]*string `json:"identitySource" yaml:"identitySource"`
}

Properties to initialize HttpJwtAuthorizer.

Example: 

import awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpJwtAuthorizer awscdk.HttpJwtAuthorizerimport awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpUrlIntegration awscdk.HttpUrlIntegration

issuer := "https://test.us.auth0.com"
authorizer := NewHttpJwtAuthorizer(jsii.String("BooksAuthorizer"), issuer, &httpJwtAuthorizerProps{
	jwtAudience: []*string{
		jsii.String("3131231"),
	},
})

api := apigwv2.NewHttpApi(this, jsii.String("HttpApi"))

api.addRoutes(&addRoutesOptions{
	integration: NewHttpUrlIntegration(jsii.String("BooksIntegration"), jsii.String("https://get-books-proxy.myproxy.internal")),
	path: jsii.String("/books"),
	authorizer: authorizer,
})

Experimental.

type HttpLambdaAuthorizer 

type HttpLambdaAuthorizer interface {
	awsapigatewayv2.IHttpRouteAuthorizer
	// Bind this authorizer to a specified Http route.
	// Experimental.
	Bind(options *awsapigatewayv2.HttpRouteAuthorizerBindOptions) *awsapigatewayv2.HttpRouteAuthorizerConfig
}

Authorize Http Api routes via a lambda function.

Example: 

import awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpLambdaAuthorizer awscdk.HttpLambdaAuthorizer
type HttpLambdaResponseType awscdk.HttpLambdaResponseTypeimport awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpUrlIntegration awscdk.HttpUrlIntegration

// This function handles your auth logic
var authHandler function

authorizer := NewHttpLambdaAuthorizer(jsii.String("BooksAuthorizer"), authHandler, &httpLambdaAuthorizerProps{
	responseTypes: []httpLambdaResponseType{
		httpLambdaResponseType_SIMPLE,
	},
})

api := apigwv2.NewHttpApi(this, jsii.String("HttpApi"))

api.addRoutes(&addRoutesOptions{
	integration: NewHttpUrlIntegration(jsii.String("BooksIntegration"), jsii.String("https://get-books-proxy.myproxy.internal")),
	path: jsii.String("/books"),
	authorizer: authorizer,
})

Experimental.

func NewHttpLambdaAuthorizer 

func NewHttpLambdaAuthorizer(id *string, handler awslambda.IFunction, props *HttpLambdaAuthorizerProps) HttpLambdaAuthorizer

Initialize a lambda authorizer to be bound with HTTP route. Experimental.

type HttpLambdaAuthorizerProps 

type HttpLambdaAuthorizerProps struct {
	// Friendly authorizer name.
	// Experimental.
	AuthorizerName *string `json:"authorizerName" yaml:"authorizerName"`
	// The identity source for which authorization is requested.
	// Experimental.
	IdentitySource *[]*string `json:"identitySource" yaml:"identitySource"`
	// The types of responses the lambda can return.
	//
	// If HttpLambdaResponseType.SIMPLE is included then
	// response format 2.0 will be used.
	// See: https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.payload-format-response
	//
	// Experimental.
	ResponseTypes *[]HttpLambdaResponseType `json:"responseTypes" yaml:"responseTypes"`
	// How long APIGateway should cache the results.
	//
	// Max 1 hour.
	// Disable caching by setting this to `Duration.seconds(0)`.
	// Experimental.
	ResultsCacheTtl awscdk.Duration `json:"resultsCacheTtl" yaml:"resultsCacheTtl"`
}

Properties to initialize HttpTokenAuthorizer.

Example: 

import awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpLambdaAuthorizer awscdk.HttpLambdaAuthorizer
type HttpLambdaResponseType awscdk.HttpLambdaResponseTypeimport awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpUrlIntegration awscdk.HttpUrlIntegration

// This function handles your auth logic
var authHandler function

authorizer := NewHttpLambdaAuthorizer(jsii.String("BooksAuthorizer"), authHandler, &httpLambdaAuthorizerProps{
	responseTypes: []httpLambdaResponseType{
		httpLambdaResponseType_SIMPLE,
	},
})

api := apigwv2.NewHttpApi(this, jsii.String("HttpApi"))

api.addRoutes(&addRoutesOptions{
	integration: NewHttpUrlIntegration(jsii.String("BooksIntegration"), jsii.String("https://get-books-proxy.myproxy.internal")),
	path: jsii.String("/books"),
	authorizer: authorizer,
})

Experimental.

type HttpLambdaResponseType 

type HttpLambdaResponseType string

Specifies the type responses the lambda returns. Experimental. 

const (
	// Returns simple boolean response.
	// Experimental.
	HttpLambdaResponseType_SIMPLE HttpLambdaResponseType = "SIMPLE"
	// Returns an IAM Policy.
	// Experimental.
	HttpLambdaResponseType_IAM HttpLambdaResponseType = "IAM"
)

type HttpUserPoolAuthorizer 

type HttpUserPoolAuthorizer interface {
	awsapigatewayv2.IHttpRouteAuthorizer
	// Bind this authorizer to a specified Http route.
	// Experimental.
	Bind(options *awsapigatewayv2.HttpRouteAuthorizerBindOptions) *awsapigatewayv2.HttpRouteAuthorizerConfig
}

Authorize Http Api routes on whether the requester is registered as part of an AWS Cognito user pool.

Example: 

import cognito "github.com/aws/aws-cdk-go/awscdk"import awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpUserPoolAuthorizer awscdk.HttpUserPoolAuthorizerimport awscdk "github.com/aws/aws-cdk-go/awscdk"type HttpUrlIntegration awscdk.HttpUrlIntegration

userPool := cognito.NewUserPool(this, jsii.String("UserPool"))

authorizer := NewHttpUserPoolAuthorizer(jsii.String("BooksAuthorizer"), userPool)

api := apigwv2.NewHttpApi(this, jsii.String("HttpApi"))

api.addRoutes(&addRoutesOptions{
	integration: NewHttpUrlIntegration(jsii.String("BooksIntegration"), jsii.String("https://get-books-proxy.myproxy.internal")),
	path: jsii.String("/books"),
	authorizer: authorizer,
})

Experimental.

func NewHttpUserPoolAuthorizer 

func NewHttpUserPoolAuthorizer(id *string, pool awscognito.IUserPool, props *HttpUserPoolAuthorizerProps) HttpUserPoolAuthorizer

Initialize a Cognito user pool authorizer to be bound with HTTP route. Experimental.

type HttpUserPoolAuthorizerProps 

type HttpUserPoolAuthorizerProps struct {
	// Friendly name of the authorizer.
	// Experimental.
	AuthorizerName *string `json:"authorizerName" yaml:"authorizerName"`
	// The identity source for which authorization is requested.
	// Experimental.
	IdentitySource *[]*string `json:"identitySource" yaml:"identitySource"`
	// The user pool clients that should be used to authorize requests with the user pool.
	// Experimental.
	UserPoolClients *[]awscognito.IUserPoolClient `json:"userPoolClients" yaml:"userPoolClients"`
	// The AWS region in which the user pool is present.
	// Experimental.
	UserPoolRegion *string `json:"userPoolRegion" yaml:"userPoolRegion"`
}

Properties to initialize HttpUserPoolAuthorizer.

Example: 

import awscdk "github.com/aws/aws-cdk-go/awscdk"import apigatewayv2_authorizers "github.com/aws/aws-cdk-go/awscdk/aws_apigatewayv2_authorizers"import awscdk "github.com/aws/aws-cdk-go/awscdk"import cognito "github.com/aws/aws-cdk-go/awscdk/aws_cognito"

var userPoolClient userPoolClient
httpUserPoolAuthorizerProps := &httpUserPoolAuthorizerProps{
	authorizerName: jsii.String("authorizerName"),
	identitySource: []*string{
		jsii.String("identitySource"),
	},
	userPoolClients: []iUserPoolClient{
		userPoolClient,
	},
	userPoolRegion: jsii.String("userPoolRegion"),
}

Experimental.

type WebSocketLambdaAuthorizer 

type WebSocketLambdaAuthorizer interface {
	awsapigatewayv2.IWebSocketRouteAuthorizer
	// Bind this authorizer to a specified WebSocket route.
	// Experimental.
	Bind(options *awsapigatewayv2.WebSocketRouteAuthorizerBindOptions) *awsapigatewayv2.WebSocketRouteAuthorizerConfig
}

Authorize WebSocket Api routes via a lambda function.

Example: 

import awscdk "github.com/aws/aws-cdk-go/awscdk"type WebSocketLambdaAuthorizer awscdk.WebSocketLambdaAuthorizerimport awscdk "github.com/aws/aws-cdk-go/awscdk"type WebSocketLambdaIntegration awscdk.WebSocketLambdaIntegration

// This function handles your auth logic
var authHandler function

// This function handles your WebSocket requests
var handler function

authorizer := NewWebSocketLambdaAuthorizer(jsii.String("Authorizer"), authHandler)

integration := NewWebSocketLambdaIntegration(jsii.String("Integration"), handler)

apigwv2.NewWebSocketApi(this, jsii.String("WebSocketApi"), &webSocketApiProps{
	connectRouteOptions: &webSocketRouteOptions{
		integration: integration,
		authorizer: authorizer,
	},
})

Experimental.

func NewWebSocketLambdaAuthorizer 

func NewWebSocketLambdaAuthorizer(id *string, handler awslambda.IFunction, props *WebSocketLambdaAuthorizerProps) WebSocketLambdaAuthorizer

Experimental.

type WebSocketLambdaAuthorizerProps 

type WebSocketLambdaAuthorizerProps struct {
	// The name of the authorizer.
	// Experimental.
	AuthorizerName *string `json:"authorizerName" yaml:"authorizerName"`
	// The identity source for which authorization is requested.
	//
	// Request parameter match `'route.request.querystring|header.[a-zA-z0-9._-]+'`.
	// Staged variable match `'stageVariables.[a-zA-Z0-9._-]+'`.
	// Context parameter match `'context.[a-zA-Z0-9._-]+'`.
	// Experimental.
	IdentitySource *[]*string `json:"identitySource" yaml:"identitySource"`
}

Properties to initialize WebSocketTokenAuthorizer.

Example: 

import awscdk "github.com/aws/aws-cdk-go/awscdk"import apigatewayv2_authorizers "github.com/aws/aws-cdk-go/awscdk/aws_apigatewayv2_authorizers"
webSocketLambdaAuthorizerProps := &webSocketLambdaAuthorizerProps{
	authorizerName: jsii.String("authorizerName"),
	identitySource: []*string{
		jsii.String("identitySource"),
	},
}

Experimental.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.