How correctly setup AWS::ApiGatewayV2::Authorizer?
See original GitHub issueHello I have some issue to correctly setup the AWS::ApiGatewayV2::Authorizer for my API.
According to the documentation I create this:
Resources:
DevWebSocket:
Type: 'AWS::ApiGatewayV2::Api'
Properties:
Name: TL-Dev-WebSocket-API
ProtocolType: WEBSOCKET
RouteSelectionExpression: $request.body.action
DevAuthorizerLambda:
Type: 'AWS::Serverless::Function'
Properties:
CodeUri: WebSockets/Authorizer
Role: 'arn:aws:iam::************:role/LambdaDynamoDB'
Environment:
Variables:
STAGE: Dev
DevAuthorizerLambdaPermission:
Type: 'AWS::Lambda::Permission'
Properties:
Action: 'lambda:invokeFunction'
Principal: apigateway.amazonaws.com
FunctionName:
Ref: DevAuthorizerLambda
SourceArn:
'Fn::Sub':
- >-
arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${__ApiId__}/${__Stage__}/$connect
- __Stage__: '*'
__ApiId__:
Ref: DevWebSocket
DevWebSocketAuthorizer:
Type: 'AWS::ApiGatewayV2::Authorizer'
Properties:
Name: DevAuthorizer
ApiId:
Ref: DevWebSocket
AuthorizerType: REQUEST
AuthorizerUri:
'Fn::Sub': >-
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DevAuthorizerLambda.Arn}/invocations
IdentitySource:
- route.request.querystring.token
DevWebSocketDeployment:
Type: 'AWS::ApiGatewayV2::Deployment'
Properties:
ApiId:
Ref: DevWebSocket
DependsOn:
- WebSocketPart1 # ref routes to avoid error 'need a least one route to create this'
DevWebSocketStage:
Type: 'AWS::ApiGatewayV2::Stage'
Properties:
StageName: Dev
Description: Dev
DeploymentId:
Ref: DevWebSocketDeployment
ApiId:
Ref: DevWebSocket
[...]
But currently I get all the time Unauthorized and my lambda for authorization is not trigger at all (no cloudwacth logs).
Thank you in advance for your help.
Issue Analytics
- State:
- Created 4 years ago
- Reactions:3
- Comments:6
Top Results From Across the Web
No results found
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Yes, I completely forget this issue but I solved it a moment ago with helps of AWS support.
Template.yaml :
WebSocketEntries.yaml :
And the authorizer lambda:
The things is the authorizer have to be setup ONLY on the route for
$connect
Have fun 😉
Why is the “IntegrationMethod: POST” needed?
I’m getting some “Execution failed due to configuration error: Invalid permissions on Lambda function”
This is my Type: AWS::Lambda::Permission