You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Examples/APIGateway+LambdaAuthorizer/README.md
+8-6Lines changed: 8 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,9 @@
1
-
# API Gateway
1
+
# Lambda Authorizer with API Gateway
2
2
3
-
This is an example of a Lambda Authorizer function. There are two Lambda function in this example. The first one is the authorizer function. The second one is the business function. The business function is exposed throigh a REST API using the API Gateway. The API Gateway is configured to use the authorizer function to authorize the requests.
3
+
This is an example of a Lambda Authorizer function. There are two Lambda functions in this example. The first one is the authorizer function. The second one is the business function. The business function is exposed through a REST API using the API Gateway. The API Gateway is configured to use the authorizer function to implement a custom logic to authorize the requests.
4
+
5
+
>![NOTE]
6
+
> If your application is protected by JWT tokens, it's recommended to use [the native JWT authorizer provided by the API Gateway](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html). The Lambda authorizer is useful when you need to implement a custom authorization logic. See the [OAuth 2.0/JWT authorizer example for AWS SAM](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-controlling-access-to-apis-oauth2-authorizer.html) to learn how to use the native JWT authorizer with SAM.
4
7
5
8
## Code
6
9
@@ -10,7 +13,6 @@ There are two possible responses from a Lambda Authorizer function: policy and s
10
13
11
14
This example uses an authorizer that returns the simple response. The authorizer function is defined in the `Sources/AuthorizerLambda` directory. The business function is defined in the `Sources/APIGatewayLambda` directory.
12
15
13
-
14
16
## Build & Package
15
17
16
18
To build the package, type the following commands.
@@ -25,7 +27,7 @@ The ZIP file are located under `.build/plugins/AWSLambdaPackager/outputs/AWSLamb
25
27
26
28
## Deploy
27
29
28
-
The deployment must include the Lambda function and the API Gateway. We use the [Serverless Application Model (SAM)](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html) to deploy the infrastructure.
30
+
The deployment must include the Lambda functions and the API Gateway. We use the [Serverless Application Model (SAM)](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-sam.html) to deploy the infrastructure.
29
31
30
32
**Prerequisites** : Install the [SAM CLI](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/install-sam-cli.html)
31
33
@@ -49,7 +51,7 @@ The output is similar to this one.
When invoking the Lambda function with the `Authorization` header, the response is a `200 OK` status code.
84
+
When invoking the Lambda function with the `Authorization` header, the response is a `200 OK` status code. Note that the Lambda Authorizer function is configured to accept any value in the `Authorization` header.
0 commit comments