HttpApiFunctionAuth
Configures authorization at the event level.
Configure Auth for a specific API + Path + Method
Syntax
To declare this entity in your Amazon Serverless Application Model (Amazon SAM) template, use the following syntax.
YAML
AuthorizationScopes:ListAuthorizer:String
Properties
-
The authorization scopes to apply to this API, path, and method.
Scopes listed here will override any scopes applied by the
DefaultAuthorizerif one exists.Type: List
Required: No
Amazon CloudFormation compatibility: This property is unique to Amazon SAM and doesn't have an Amazon CloudFormation equivalent.
-
The
Authorizerfor a specific Function. To use IAM authorization, specifyAWS_IAMand specifytrueforEnableIamAuthorizerin theGlobalssection of your template.If you have specified a Global Authorizer on the API and want to make a specific Function public, override by setting
AuthorizertoNONE.Type: String
Required: No
Amazon CloudFormation compatibility: This property is unique to Amazon SAM and doesn't have an Amazon CloudFormation equivalent.
Examples
Function-Auth
Specifing Authorization at Function level
YAML
Auth: Authorizer: OpenIdAuth AuthorizationScopes: - scope1 - scope2
IAM authorization
Specifies IAM authorization at the event level. To use AWS_IAM authorization at the event level, you must also specify true for EnableIamAuthorizer in the Globals section of your template. For more information, see Globals section of the Amazon SAM
template.
YAML
Globals: HttpApi: Auth: EnableIamAuthorizer: true Resources: HttpApiFunctionWithIamAuth: Type: AWS::Serverless::Function Properties: Events: ApiEvent: Type: HttpApi Properties: Path: /iam-auth Method: GET Auth: Authorizer: AWS_IAM Handler: index.handler InlineCode: | def handler(event, context): return {'body': 'HttpApiFunctionWithIamAuth', 'statusCode': 200} Runtime: python3.9