0

In console, you have to "attach" the authorizer to a route. How is this achieved in TF?

Em Ma
  • 17
  • 3
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Sep 20 '22 at 11:15

2 Answers2

0
resource "aws_apigatewayv2_api" "service_http_api" {
  name          = var.name
  description   = var.description
  tags          = var.tags
  protocol_type = "HTTP"
}

resource "aws_apigatewayv2_authorizer" "authorizer" {
  api_id           = aws_apigatewayv2_api.service_http_api.id
  authorizer_type  = "JWT"
  identity_sources = ["$request.header.Authorization"]
  name             = "AuthName"

  jwt_configuration {
    audience = [var.open_id_audience]
    issuer   = var.open_id_issuer
  }
}

resource "aws_apigatewayv2_integration" "function" {
  api_id                 = aws_apigatewayv2_api.service_http_api.id
  integration_type       = "AWS_PROXY"
  connection_type        = "INTERNET"
  integration_method     = "POST"
  integration_uri        = var.function_arn
  payload_format_version = "2.0"
}

resource "aws_apigatewayv2_route" "route" {
  api_id             = aws_apigatewayv2_api.service_http_api.id
  authorizer_id      = aws_apigatewayv2_authorizer.authorizer.id
  target             = "integrations/${aws_apigatewayv2_integration.function.id}"
  authorization_type = "JWT"
  route_key          = "/route/"
}

resource "aws_apigatewayv2_route" "route_integration" {
  api_id             = aws_apigatewayv2_api.service_http_api.id
  authorization_type = "AWS_IAM"
  route_key          = "/route/"
  target             = "integrations/${aws_apigatewayv2_integration.function.id}"
}
Gustavo Tavares
  • 2,579
  • 15
  • 29
0
resource "aws_apigatewayv2_api" "service_http_api" {
  name          = var.name
  description   = var.description
  tags          = var.tags
  protocol_type = "HTTP"
}

resource "aws_apigatewayv2_authorizer" "authorizer" {
  api_id           = aws_apigatewayv2_api.service_http_api.id
  authorizer_type  = "JWT"
  identity_sources = ["$request.header.Authorization"]
  name             = "AuthName"

  jwt_configuration {
    audience = [var.open_id_audience]
    issuer   = var.open_id_issuer
  }
}

resource "aws_apigatewayv2_integration" "function" {
  api_id                 = aws_apigatewayv2_api.service_http_api.id
  integration_type       = "AWS_PROXY"
  connection_type        = "INTERNET"
  integration_method     = "POST"
  integration_uri        = var.function_arn
  payload_format_version = "2.0"
}

resource "aws_apigatewayv2_route" "route" {
  api_id             = aws_apigatewayv2_api.service_http_api.id
  authorizer_id      = aws_apigatewayv2_authorizer.authorizer.id
  target             = "integrations/${aws_apigatewayv2_integration.function.id}"
  authorization_type = "JWT"
  route_key          = "/route/"
}
Gustavo Tavares
  • 2,579
  • 15
  • 29