HttpUserPoolAuthorizer

class aws_cdk.aws_apigatewayv2_authorizers.HttpUserPoolAuthorizer(id, pool, *, authorizer_name=None, identity_source=None, user_pool_clients=None, user_pool_region=None)

Bases: object

(experimental) Authorize Http Api routes on whether the requester is registered as part of an AWS Cognito user pool.

Stability:

experimental

ExampleMetadata:

infused

Example:

import aws_cdk.aws_cognito as cognito
from aws_cdk.aws_apigatewayv2_authorizers import HttpUserPoolAuthorizer
from aws_cdk.aws_apigatewayv2_integrations import HttpUrlIntegration


user_pool = cognito.UserPool(self, "UserPool")

authorizer = HttpUserPoolAuthorizer("BooksAuthorizer", user_pool)

api = apigwv2.HttpApi(self, "HttpApi")

api.add_routes(
    integration=HttpUrlIntegration("BooksIntegration", "https://get-books-proxy.myproxy.internal"),
    path="/books",
    authorizer=authorizer
)

(experimental) Initialize a Cognito user pool authorizer to be bound with HTTP route.

Parameters:

  • id (str) – The id of the underlying construct.

  • pool (IUserPool) – The user pool to use for authorization.

  • authorizer_name (Optional[str]) – (experimental) Friendly name of the authorizer. Default: - same value as id passed in the constructor

  • identity_source (Optional[Sequence[str]]) – (experimental) The identity source for which authorization is requested. Default: [‘$request.header.Authorization’]

  • user_pool_clients (Optional[Sequence[IUserPoolClient]]) – (experimental) The user pool clients that should be used to authorize requests with the user pool. Default: - a new client will be created for the given user pool

  • user_pool_region (Optional[str]) – (experimental) The AWS region in which the user pool is present. Default: - same region as the Route the authorizer is attached to.

Stability:

experimental

Methods

bind(*, route, scope)

(experimental) Bind this authorizer to a specified Http route.

Parameters:

  • route (IHttpRoute) – (experimental) The route to which the authorizer is being bound.

  • scope (Construct) – (experimental) The scope for any constructs created as part of the bind.

Stability:

experimental

Return type:

HttpRouteAuthorizerConfig