authorizers
Creates, updates, deletes or gets an authorizer resource or lists authorizers in a region
Overview
| Name | authorizers |
| Type | Resource |
| Description | The AWS::ApiGateway::Authorizer resource creates an authorization layer that API Gateway activates for methods that have authorization enabled. API Gateway activates the authorizer when a client calls those methods. |
| Id | aws.apigateway.authorizers |
Fields
| Name | Datatype | Description |
|---|---|---|
rest_api_id | string | |
authorizer_id | string | |
auth_type | string | |
authorizer_credentials | string | |
authorizer_result_ttl_in_seconds | integer | |
authorizer_uri | string | |
identity_source | string | |
identity_validation_expression | string | |
name | string | |
provider_arns | array | |
type | string | |
region | string | AWS region. |
For more information, see AWS::ApiGateway::Authorizer.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | RestApiId, Type, Name, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all authorizers in a region.
SELECT
region,
rest_api_id,
authorizer_id,
auth_type,
authorizer_credentials,
authorizer_result_ttl_in_seconds,
authorizer_uri,
identity_source,
identity_validation_expression,
name,
provider_arns,
type
FROM aws.apigateway.authorizers
WHERE region = 'us-east-1';
Gets all properties from an individual authorizer.
SELECT
region,
rest_api_id,
authorizer_id,
auth_type,
authorizer_credentials,
authorizer_result_ttl_in_seconds,
authorizer_uri,
identity_source,
identity_validation_expression,
name,
provider_arns,
type
FROM aws.apigateway.authorizers
WHERE region = 'us-east-1' AND data__Identifier = '<RestApiId>|<AuthorizerId>';
INSERT example
Use the following StackQL query and manifest file to create a new authorizer resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.apigateway.authorizers (
RestApiId,
Name,
Type,
region
)
SELECT
'{{ RestApiId }}',
'{{ Name }}',
'{{ Type }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.apigateway.authorizers (
RestApiId,
AuthType,
AuthorizerCredentials,
AuthorizerResultTtlInSeconds,
AuthorizerUri,
IdentitySource,
IdentityValidationExpression,
Name,
ProviderARNs,
Type,
region
)
SELECT
'{{ RestApiId }}',
'{{ AuthType }}',
'{{ AuthorizerCredentials }}',
'{{ AuthorizerResultTtlInSeconds }}',
'{{ AuthorizerUri }}',
'{{ IdentitySource }}',
'{{ IdentityValidationExpression }}',
'{{ Name }}',
'{{ ProviderARNs }}',
'{{ Type }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: authorizer
props:
- name: RestApiId
value: '{{ RestApiId }}'
- name: AuthType
value: '{{ AuthType }}'
- name: AuthorizerCredentials
value: '{{ AuthorizerCredentials }}'
- name: AuthorizerResultTtlInSeconds
value: '{{ AuthorizerResultTtlInSeconds }}'
- name: AuthorizerUri
value: '{{ AuthorizerUri }}'
- name: IdentitySource
value: '{{ IdentitySource }}'
- name: IdentityValidationExpression
value: '{{ IdentityValidationExpression }}'
- name: Name
value: '{{ Name }}'
- name: ProviderARNs
value:
- '{{ ProviderARNs[0] }}'
- name: Type
value: '{{ Type }}'
DELETE example
/*+ delete */
DELETE FROM aws.apigateway.authorizers
WHERE data__Identifier = '<RestApiId|AuthorizerId>'
AND region = 'us-east-1';
Permissions
To operate on the authorizers resource, the following permissions are required:
Create
apigateway:POST,
iam:PassRole
Read
apigateway:GET
Update
apigateway:GET,
apigateway:PATCH,
iam:PassRole
Delete
apigateway:DELETE
List
apigateway:GET