configure iam authorizer in SAM template

Question

I want to control access to my api gateway fronting lambda with iam permissions: https://docs.aws.amazon.com/apigateway/latest/developerguide/permissions.html

I have seen no examples of how to configure this in a sam template. What does a sam template look like that has authorizationType property set to AWS_IAM?

I think I read somewhere that Sam doesn't support this directly but you can do it with swagger? Can I use swagger to get around this limitation? I haven't found a simple example of that.

this works with swagger even though its not supported natively yet via template — red888, Oct 29 '18 at 14:55

score 0 · Answer 1 · answered Sep 12 '18 at 13:20

0

The SAM template for AWS::Serverless::Api does not provide the authorizationType. You could instead use the AWS::ApiGateway::Method in your SAM template, but that means you have to define your API Gateway using CloudFormation resource types rather than SAM.

answered Sep 12 '18 at 13:20

hin522

59
2

Not even with swagger? – red888 Sep 12 '18 at 13:35
Sorry I am not sure, haven't used swagger with SAM before. – hin522 Sep 12 '18 at 13:57

score 0 · Answer 2 · answered Feb 05 '21 at 16:24

0

You can use the DefaultAuthorizer: AWS_IAM under Auth:

Example:

Resources:
  MyApi:
    Type: AWS::Serverless::Api
    Properties:
      StageName: Prod
      Auth:
        DefaultAuthorizer: AWS_IAM

More: IAM permission example

answered Feb 05 '21 at 16:24

Chandra Shekhar Goka

824
12
19

configure iam authorizer in SAM template

2 Answers2