Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MCR-3835: Attach lambda authorizer to api gateway endpoint #2152

Merged
merged 3 commits into from
Jan 9, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 15 additions & 12 deletions services/app-api/serverless.yml
Original file line number Diff line number Diff line change
Expand Up @@ -175,18 +175,7 @@ functions:

third_party_api_authorizer:
handler: src/handlers/third_party_API_authorizer.main

jwthealth:
handler: src/handlers/health_check.main
events:
- http:
path: jwt_health_check
method: get
cors: true
authorizer:
name: third_party_api_authorizer
identitySource: method.request.header.Authorization


otel:
handler: src/handlers/otel_proxy.main
events:
Expand All @@ -208,6 +197,20 @@ functions:
method: get
cors: true
authorizer: aws_iam
- http:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could these events be inside the regular graphql lambda or do they need to be their own lambda?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I confirmed it works with combining with the regular graphql lambda. I think this falls under "lambda proxy integration" which is the default used with serverless

path: v1/graphql/external
method: post
cors: true
authorizer:
name: third_party_api_authorizer
identitySource: method.request.header.Authorization
- http:
path: v1/graphql/external
method: get
cors: true
authorizer:
name: third_party_api_authorizer
identitySource: method.request.header.Authorization
timeout: 60 # aurora cold start can be long
vpc:
securityGroupIds:
Expand Down
Loading