AWSTemplateFormatVersion: '2010-09-09' Transform: AWS::Serverless-2016-10-31 Parameters: AuthHandler: Type: String Default: app.auth_handler ValidationString: Type: String Default: "" Resources: ## # Swagger definition within a REST API # RestApiSwagger: Type: AWS::ApiGateway::RestApi Properties: Body: swagger: "2.0" info: title: RestApiSwagger securityDefinitions: ## # request based authorizer # ApiKeyAuthRequest: type: apiKey in: header name: notused "x-amazon-apigateway-authtype": "custom" "x-amazon-apigateway-authorizer": type: "request" identitySource: "method.request.header.header, method.request.querystring.query" authorizerUri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${AuthorizerFunction.Arn}/invocations ## # token based authorizer # ApiKeyAuthToken: type: apiKey in: header name: header "x-amazon-apigateway-authtype": "custom" "x-amazon-apigateway-authorizer": type: "token" identityValidationExpression: !Ref ValidationString authorizerUri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${AuthorizerFunction.Arn}/invocations paths: "/requestauthorizerswaggerrequest": get: security: - ApiKeyAuthRequest: [] x-amazon-apigateway-integration: httpMethod: POST type: aws_proxy uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${HelloWorldFunction.Arn}/invocations "/requestauthorizerswaggertoken": get: security: - ApiKeyAuthToken: [] x-amazon-apigateway-integration: httpMethod: POST type: aws_proxy uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${HelloWorldFunction.Arn}/invocations "/requestauthorizerswaggerrequest/{status}": parameters: - status: in: path name: status schema: type: string get: security: - ApiKeyAuthRequest: [] x-amazon-apigateway-integration: httpMethod: POST type: aws_proxy uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${HelloWorldFunction.Arn}/invocations "/requestauthorizerswaggertoken/{status}": parameters: - status: in: path name: status schema: type: integer get: security: - ApiKeyAuthToken: [] x-amazon-apigateway-integration: httpMethod: POST type: aws_proxy uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${HelloWorldFunction.Arn}/invocations Name: RestApiSwagger ## # OpenAPI definitino with a REST API # RestApiOpenApi: Type: AWS::ApiGateway::RestApi Properties: Body: openapi: "3.0" info: title: RestApiOpenApi components: securitySchemes: ApiKeyAuth: type: apiKey in: header name: Auth "x-amazon-apigateway-authtype": "custom" "x-amazon-apigateway-authorizer": type: "request" identitySource: "method.request.header.header, method.request.querystring.query" authorizerUri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${AuthorizerFunction.Arn}/invocations paths: "/requestauthorizeropenapi": get: security: - ApiKeyAuth: [] x-amazon-apigateway-integration: httpMethod: POST type: aws_proxy uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${HelloWorldFunction.Arn}/invocations Name: RestApiOpenApi ## # Hello world function an execute permission # HelloWorldFunction: Type: AWS::Serverless::Function Properties: CodeUri: ./ Handler: app.lambda_handler Runtime: python3.8 Architectures: - x86_64 HelloWorldFunctionPermission: Type: AWS::Lambda::Permission Properties: FunctionName: !Ref HelloWorldFunction Action: lambda:InvokeFunction Principal: apigateway.amazonaws.com ## # Authorizer function and execute permission # AuthorizerFunction: Type: AWS::Serverless::Function Properties: CodeUri: ./ Handler: !Ref AuthHandler # Handler: app.unauth Runtime: python3.8 Architectures: - x86_64 AuthorizerFunctionPermission: Type: AWS::Lambda::Permission Properties: FunctionName: !Ref AuthorizerFunction Action: lambda:InvokeFunction Principal: apigateway.amazonaws.com