/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include namespace Aws { namespace APIGateway { namespace Model { /** *

Request to add a new Authorizer to an existing RestApi * resource.

See Also:

AWS * API Reference

*/ class CreateAuthorizerRequest : public APIGatewayRequest { public: AWS_APIGATEWAY_API CreateAuthorizerRequest(); // Service request name is the Operation name which will send this request out, // each operation should has unique request name, so that we can get operation's name from this request. // Note: this is not true for response, multiple operations may have the same response name, // so we can not get operation's name from response. inline virtual const char* GetServiceRequestName() const override { return "CreateAuthorizer"; } AWS_APIGATEWAY_API Aws::String SerializePayload() const override; /** *

The string identifier of the associated RestApi.

*/ inline const Aws::String& GetRestApiId() const{ return m_restApiId; } /** *

The string identifier of the associated RestApi.

*/ inline bool RestApiIdHasBeenSet() const { return m_restApiIdHasBeenSet; } /** *

The string identifier of the associated RestApi.

*/ inline void SetRestApiId(const Aws::String& value) { m_restApiIdHasBeenSet = true; m_restApiId = value; } /** *

The string identifier of the associated RestApi.

*/ inline void SetRestApiId(Aws::String&& value) { m_restApiIdHasBeenSet = true; m_restApiId = std::move(value); } /** *

The string identifier of the associated RestApi.

*/ inline void SetRestApiId(const char* value) { m_restApiIdHasBeenSet = true; m_restApiId.assign(value); } /** *

The string identifier of the associated RestApi.

*/ inline CreateAuthorizerRequest& WithRestApiId(const Aws::String& value) { SetRestApiId(value); return *this;} /** *

The string identifier of the associated RestApi.

*/ inline CreateAuthorizerRequest& WithRestApiId(Aws::String&& value) { SetRestApiId(std::move(value)); return *this;} /** *

The string identifier of the associated RestApi.

*/ inline CreateAuthorizerRequest& WithRestApiId(const char* value) { SetRestApiId(value); return *this;} /** *

The name of the authorizer.

*/ inline const Aws::String& GetName() const{ return m_name; } /** *

The name of the authorizer.

*/ inline bool NameHasBeenSet() const { return m_nameHasBeenSet; } /** *

The name of the authorizer.

*/ inline void SetName(const Aws::String& value) { m_nameHasBeenSet = true; m_name = value; } /** *

The name of the authorizer.

*/ inline void SetName(Aws::String&& value) { m_nameHasBeenSet = true; m_name = std::move(value); } /** *

The name of the authorizer.

*/ inline void SetName(const char* value) { m_nameHasBeenSet = true; m_name.assign(value); } /** *

The name of the authorizer.

*/ inline CreateAuthorizerRequest& WithName(const Aws::String& value) { SetName(value); return *this;} /** *

The name of the authorizer.

*/ inline CreateAuthorizerRequest& WithName(Aws::String&& value) { SetName(std::move(value)); return *this;} /** *

The name of the authorizer.

*/ inline CreateAuthorizerRequest& WithName(const char* value) { SetName(value); return *this;} /** *

The authorizer type. Valid values are TOKEN for a Lambda * function using a single authorization token submitted in a custom header, * REQUEST for a Lambda function using incoming request parameters, * and COGNITO_USER_POOLS for using an Amazon Cognito user pool.

*/ inline const AuthorizerType& GetType() const{ return m_type; } /** *

The authorizer type. Valid values are TOKEN for a Lambda * function using a single authorization token submitted in a custom header, * REQUEST for a Lambda function using incoming request parameters, * and COGNITO_USER_POOLS for using an Amazon Cognito user pool.

*/ inline bool TypeHasBeenSet() const { return m_typeHasBeenSet; } /** *

The authorizer type. Valid values are TOKEN for a Lambda * function using a single authorization token submitted in a custom header, * REQUEST for a Lambda function using incoming request parameters, * and COGNITO_USER_POOLS for using an Amazon Cognito user pool.

*/ inline void SetType(const AuthorizerType& value) { m_typeHasBeenSet = true; m_type = value; } /** *

The authorizer type. Valid values are TOKEN for a Lambda * function using a single authorization token submitted in a custom header, * REQUEST for a Lambda function using incoming request parameters, * and COGNITO_USER_POOLS for using an Amazon Cognito user pool.

*/ inline void SetType(AuthorizerType&& value) { m_typeHasBeenSet = true; m_type = std::move(value); } /** *

The authorizer type. Valid values are TOKEN for a Lambda * function using a single authorization token submitted in a custom header, * REQUEST for a Lambda function using incoming request parameters, * and COGNITO_USER_POOLS for using an Amazon Cognito user pool.

*/ inline CreateAuthorizerRequest& WithType(const AuthorizerType& value) { SetType(value); return *this;} /** *

The authorizer type. Valid values are TOKEN for a Lambda * function using a single authorization token submitted in a custom header, * REQUEST for a Lambda function using incoming request parameters, * and COGNITO_USER_POOLS for using an Amazon Cognito user pool.

*/ inline CreateAuthorizerRequest& WithType(AuthorizerType&& value) { SetType(std::move(value)); return *this;} /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline const Aws::Vector& GetProviderARNs() const{ return m_providerARNs; } /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline bool ProviderARNsHasBeenSet() const { return m_providerARNsHasBeenSet; } /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline void SetProviderARNs(const Aws::Vector& value) { m_providerARNsHasBeenSet = true; m_providerARNs = value; } /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline void SetProviderARNs(Aws::Vector&& value) { m_providerARNsHasBeenSet = true; m_providerARNs = std::move(value); } /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline CreateAuthorizerRequest& WithProviderARNs(const Aws::Vector& value) { SetProviderARNs(value); return *this;} /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline CreateAuthorizerRequest& WithProviderARNs(Aws::Vector&& value) { SetProviderARNs(std::move(value)); return *this;} /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline CreateAuthorizerRequest& AddProviderARNs(const Aws::String& value) { m_providerARNsHasBeenSet = true; m_providerARNs.push_back(value); return *this; } /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline CreateAuthorizerRequest& AddProviderARNs(Aws::String&& value) { m_providerARNsHasBeenSet = true; m_providerARNs.push_back(std::move(value)); return *this; } /** *

A list of the Amazon Cognito user pool ARNs for the * COGNITO_USER_POOLS authorizer. Each element is of this format: * arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. * For a TOKEN or REQUEST authorizer, this is not * defined.

*/ inline CreateAuthorizerRequest& AddProviderARNs(const char* value) { m_providerARNsHasBeenSet = true; m_providerARNs.push_back(value); return *this; } /** *

Optional customer-defined field, used in OpenAPI imports and exports without * functional impact.

*/ inline const Aws::String& GetAuthType() const{ return m_authType; } /** *

Optional customer-defined field, used in OpenAPI imports and exports without * functional impact.

*/ inline bool AuthTypeHasBeenSet() const { return m_authTypeHasBeenSet; } /** *

Optional customer-defined field, used in OpenAPI imports and exports without * functional impact.

*/ inline void SetAuthType(const Aws::String& value) { m_authTypeHasBeenSet = true; m_authType = value; } /** *

Optional customer-defined field, used in OpenAPI imports and exports without * functional impact.

*/ inline void SetAuthType(Aws::String&& value) { m_authTypeHasBeenSet = true; m_authType = std::move(value); } /** *

Optional customer-defined field, used in OpenAPI imports and exports without * functional impact.

*/ inline void SetAuthType(const char* value) { m_authTypeHasBeenSet = true; m_authType.assign(value); } /** *

Optional customer-defined field, used in OpenAPI imports and exports without * functional impact.

*/ inline CreateAuthorizerRequest& WithAuthType(const Aws::String& value) { SetAuthType(value); return *this;} /** *

Optional customer-defined field, used in OpenAPI imports and exports without * functional impact.

*/ inline CreateAuthorizerRequest& WithAuthType(Aws::String&& value) { SetAuthType(std::move(value)); return *this;} /** *

Optional customer-defined field, used in OpenAPI imports and exports without * functional impact.

*/ inline CreateAuthorizerRequest& WithAuthType(const char* value) { SetAuthType(value); return *this;} /** *

Specifies the authorizer's Uniform Resource Identifier (URI). For * TOKEN or REQUEST authorizers, this must be a * well-formed Lambda function URI, for example, * arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. * In general, the URI has this form * arn:aws:apigateway:{region}:lambda:path/{service_api}, where * {region} is the same as the region hosting the Lambda function, * path indicates that the remaining substring in the URI should be * treated as the path to the resource, including the initial /. For * Lambda functions, this is usually of the form * /2015-03-31/functions/[FunctionARN]/invocations.

*/ inline const Aws::String& GetAuthorizerUri() const{ return m_authorizerUri; } /** *

Specifies the authorizer's Uniform Resource Identifier (URI). For * TOKEN or REQUEST authorizers, this must be a * well-formed Lambda function URI, for example, * arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. * In general, the URI has this form * arn:aws:apigateway:{region}:lambda:path/{service_api}, where * {region} is the same as the region hosting the Lambda function, * path indicates that the remaining substring in the URI should be * treated as the path to the resource, including the initial /. For * Lambda functions, this is usually of the form * /2015-03-31/functions/[FunctionARN]/invocations.

*/ inline bool AuthorizerUriHasBeenSet() const { return m_authorizerUriHasBeenSet; } /** *

Specifies the authorizer's Uniform Resource Identifier (URI). For * TOKEN or REQUEST authorizers, this must be a * well-formed Lambda function URI, for example, * arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. * In general, the URI has this form * arn:aws:apigateway:{region}:lambda:path/{service_api}, where * {region} is the same as the region hosting the Lambda function, * path indicates that the remaining substring in the URI should be * treated as the path to the resource, including the initial /. For * Lambda functions, this is usually of the form * /2015-03-31/functions/[FunctionARN]/invocations.

*/ inline void SetAuthorizerUri(const Aws::String& value) { m_authorizerUriHasBeenSet = true; m_authorizerUri = value; } /** *

Specifies the authorizer's Uniform Resource Identifier (URI). For * TOKEN or REQUEST authorizers, this must be a * well-formed Lambda function URI, for example, * arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. * In general, the URI has this form * arn:aws:apigateway:{region}:lambda:path/{service_api}, where * {region} is the same as the region hosting the Lambda function, * path indicates that the remaining substring in the URI should be * treated as the path to the resource, including the initial /. For * Lambda functions, this is usually of the form * /2015-03-31/functions/[FunctionARN]/invocations.

*/ inline void SetAuthorizerUri(Aws::String&& value) { m_authorizerUriHasBeenSet = true; m_authorizerUri = std::move(value); } /** *

Specifies the authorizer's Uniform Resource Identifier (URI). For * TOKEN or REQUEST authorizers, this must be a * well-formed Lambda function URI, for example, * arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. * In general, the URI has this form * arn:aws:apigateway:{region}:lambda:path/{service_api}, where * {region} is the same as the region hosting the Lambda function, * path indicates that the remaining substring in the URI should be * treated as the path to the resource, including the initial /. For * Lambda functions, this is usually of the form * /2015-03-31/functions/[FunctionARN]/invocations.

*/ inline void SetAuthorizerUri(const char* value) { m_authorizerUriHasBeenSet = true; m_authorizerUri.assign(value); } /** *

Specifies the authorizer's Uniform Resource Identifier (URI). For * TOKEN or REQUEST authorizers, this must be a * well-formed Lambda function URI, for example, * arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. * In general, the URI has this form * arn:aws:apigateway:{region}:lambda:path/{service_api}, where * {region} is the same as the region hosting the Lambda function, * path indicates that the remaining substring in the URI should be * treated as the path to the resource, including the initial /. For * Lambda functions, this is usually of the form * /2015-03-31/functions/[FunctionARN]/invocations.

*/ inline CreateAuthorizerRequest& WithAuthorizerUri(const Aws::String& value) { SetAuthorizerUri(value); return *this;} /** *

Specifies the authorizer's Uniform Resource Identifier (URI). For * TOKEN or REQUEST authorizers, this must be a * well-formed Lambda function URI, for example, * arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. * In general, the URI has this form * arn:aws:apigateway:{region}:lambda:path/{service_api}, where * {region} is the same as the region hosting the Lambda function, * path indicates that the remaining substring in the URI should be * treated as the path to the resource, including the initial /. For * Lambda functions, this is usually of the form * /2015-03-31/functions/[FunctionARN]/invocations.

*/ inline CreateAuthorizerRequest& WithAuthorizerUri(Aws::String&& value) { SetAuthorizerUri(std::move(value)); return *this;} /** *

Specifies the authorizer's Uniform Resource Identifier (URI). For * TOKEN or REQUEST authorizers, this must be a * well-formed Lambda function URI, for example, * arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. * In general, the URI has this form * arn:aws:apigateway:{region}:lambda:path/{service_api}, where * {region} is the same as the region hosting the Lambda function, * path indicates that the remaining substring in the URI should be * treated as the path to the resource, including the initial /. For * Lambda functions, this is usually of the form * /2015-03-31/functions/[FunctionARN]/invocations.

*/ inline CreateAuthorizerRequest& WithAuthorizerUri(const char* value) { SetAuthorizerUri(value); return *this;} /** *

Specifies the required credentials as an IAM role for API Gateway to invoke * the authorizer. To specify an IAM role for API Gateway to assume, use the role's * Amazon Resource Name (ARN). To use resource-based permissions on the Lambda * function, specify null.

*/ inline const Aws::String& GetAuthorizerCredentials() const{ return m_authorizerCredentials; } /** *

Specifies the required credentials as an IAM role for API Gateway to invoke * the authorizer. To specify an IAM role for API Gateway to assume, use the role's * Amazon Resource Name (ARN). To use resource-based permissions on the Lambda * function, specify null.

*/ inline bool AuthorizerCredentialsHasBeenSet() const { return m_authorizerCredentialsHasBeenSet; } /** *

Specifies the required credentials as an IAM role for API Gateway to invoke * the authorizer. To specify an IAM role for API Gateway to assume, use the role's * Amazon Resource Name (ARN). To use resource-based permissions on the Lambda * function, specify null.

*/ inline void SetAuthorizerCredentials(const Aws::String& value) { m_authorizerCredentialsHasBeenSet = true; m_authorizerCredentials = value; } /** *

Specifies the required credentials as an IAM role for API Gateway to invoke * the authorizer. To specify an IAM role for API Gateway to assume, use the role's * Amazon Resource Name (ARN). To use resource-based permissions on the Lambda * function, specify null.

*/ inline void SetAuthorizerCredentials(Aws::String&& value) { m_authorizerCredentialsHasBeenSet = true; m_authorizerCredentials = std::move(value); } /** *

Specifies the required credentials as an IAM role for API Gateway to invoke * the authorizer. To specify an IAM role for API Gateway to assume, use the role's * Amazon Resource Name (ARN). To use resource-based permissions on the Lambda * function, specify null.

*/ inline void SetAuthorizerCredentials(const char* value) { m_authorizerCredentialsHasBeenSet = true; m_authorizerCredentials.assign(value); } /** *

Specifies the required credentials as an IAM role for API Gateway to invoke * the authorizer. To specify an IAM role for API Gateway to assume, use the role's * Amazon Resource Name (ARN). To use resource-based permissions on the Lambda * function, specify null.

*/ inline CreateAuthorizerRequest& WithAuthorizerCredentials(const Aws::String& value) { SetAuthorizerCredentials(value); return *this;} /** *

Specifies the required credentials as an IAM role for API Gateway to invoke * the authorizer. To specify an IAM role for API Gateway to assume, use the role's * Amazon Resource Name (ARN). To use resource-based permissions on the Lambda * function, specify null.

*/ inline CreateAuthorizerRequest& WithAuthorizerCredentials(Aws::String&& value) { SetAuthorizerCredentials(std::move(value)); return *this;} /** *

Specifies the required credentials as an IAM role for API Gateway to invoke * the authorizer. To specify an IAM role for API Gateway to assume, use the role's * Amazon Resource Name (ARN). To use resource-based permissions on the Lambda * function, specify null.

*/ inline CreateAuthorizerRequest& WithAuthorizerCredentials(const char* value) { SetAuthorizerCredentials(value); return *this;} /** *

The identity source for which authorization is requested. For a * TOKEN or COGNITO_USER_POOLS authorizer, this is * required and specifies the request header mapping expression for the custom * header holding the authorization token submitted by the client. For example, if * the token header name is Auth, the header mapping expression is * method.request.header.Auth. For the REQUEST * authorizer, this is required when authorization caching is enabled. The value is * a comma-separated string of one or more mapping expressions of the specified * request parameters. For example, if an Auth header, a * Name query string parameter are defined as identity sources, this * value is method.request.header.Auth, * method.request.querystring.Name. These parameters will be used to derive * the authorization caching key and to perform runtime validation of the * REQUEST authorizer by verifying all of the identity-related request * parameters are present, not null and non-empty. Only when this is true does the * authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 * Unauthorized response without calling the Lambda function. The valid value is a * string of comma-separated mapping expressions of the specified request * parameters. When the authorization caching is not enabled, this property is * optional.

*/ inline const Aws::String& GetIdentitySource() const{ return m_identitySource; } /** *

The identity source for which authorization is requested. For a * TOKEN or COGNITO_USER_POOLS authorizer, this is * required and specifies the request header mapping expression for the custom * header holding the authorization token submitted by the client. For example, if * the token header name is Auth, the header mapping expression is * method.request.header.Auth. For the REQUEST * authorizer, this is required when authorization caching is enabled. The value is * a comma-separated string of one or more mapping expressions of the specified * request parameters. For example, if an Auth header, a * Name query string parameter are defined as identity sources, this * value is method.request.header.Auth, * method.request.querystring.Name. These parameters will be used to derive * the authorization caching key and to perform runtime validation of the * REQUEST authorizer by verifying all of the identity-related request * parameters are present, not null and non-empty. Only when this is true does the * authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 * Unauthorized response without calling the Lambda function. The valid value is a * string of comma-separated mapping expressions of the specified request * parameters. When the authorization caching is not enabled, this property is * optional.

*/ inline bool IdentitySourceHasBeenSet() const { return m_identitySourceHasBeenSet; } /** *

The identity source for which authorization is requested. For a * TOKEN or COGNITO_USER_POOLS authorizer, this is * required and specifies the request header mapping expression for the custom * header holding the authorization token submitted by the client. For example, if * the token header name is Auth, the header mapping expression is * method.request.header.Auth. For the REQUEST * authorizer, this is required when authorization caching is enabled. The value is * a comma-separated string of one or more mapping expressions of the specified * request parameters. For example, if an Auth header, a * Name query string parameter are defined as identity sources, this * value is method.request.header.Auth, * method.request.querystring.Name. These parameters will be used to derive * the authorization caching key and to perform runtime validation of the * REQUEST authorizer by verifying all of the identity-related request * parameters are present, not null and non-empty. Only when this is true does the * authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 * Unauthorized response without calling the Lambda function. The valid value is a * string of comma-separated mapping expressions of the specified request * parameters. When the authorization caching is not enabled, this property is * optional.

*/ inline void SetIdentitySource(const Aws::String& value) { m_identitySourceHasBeenSet = true; m_identitySource = value; } /** *

The identity source for which authorization is requested. For a * TOKEN or COGNITO_USER_POOLS authorizer, this is * required and specifies the request header mapping expression for the custom * header holding the authorization token submitted by the client. For example, if * the token header name is Auth, the header mapping expression is * method.request.header.Auth. For the REQUEST * authorizer, this is required when authorization caching is enabled. The value is * a comma-separated string of one or more mapping expressions of the specified * request parameters. For example, if an Auth header, a * Name query string parameter are defined as identity sources, this * value is method.request.header.Auth, * method.request.querystring.Name. These parameters will be used to derive * the authorization caching key and to perform runtime validation of the * REQUEST authorizer by verifying all of the identity-related request * parameters are present, not null and non-empty. Only when this is true does the * authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 * Unauthorized response without calling the Lambda function. The valid value is a * string of comma-separated mapping expressions of the specified request * parameters. When the authorization caching is not enabled, this property is * optional.

*/ inline void SetIdentitySource(Aws::String&& value) { m_identitySourceHasBeenSet = true; m_identitySource = std::move(value); } /** *

The identity source for which authorization is requested. For a * TOKEN or COGNITO_USER_POOLS authorizer, this is * required and specifies the request header mapping expression for the custom * header holding the authorization token submitted by the client. For example, if * the token header name is Auth, the header mapping expression is * method.request.header.Auth. For the REQUEST * authorizer, this is required when authorization caching is enabled. The value is * a comma-separated string of one or more mapping expressions of the specified * request parameters. For example, if an Auth header, a * Name query string parameter are defined as identity sources, this * value is method.request.header.Auth, * method.request.querystring.Name. These parameters will be used to derive * the authorization caching key and to perform runtime validation of the * REQUEST authorizer by verifying all of the identity-related request * parameters are present, not null and non-empty. Only when this is true does the * authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 * Unauthorized response without calling the Lambda function. The valid value is a * string of comma-separated mapping expressions of the specified request * parameters. When the authorization caching is not enabled, this property is * optional.

*/ inline void SetIdentitySource(const char* value) { m_identitySourceHasBeenSet = true; m_identitySource.assign(value); } /** *

The identity source for which authorization is requested. For a * TOKEN or COGNITO_USER_POOLS authorizer, this is * required and specifies the request header mapping expression for the custom * header holding the authorization token submitted by the client. For example, if * the token header name is Auth, the header mapping expression is * method.request.header.Auth. For the REQUEST * authorizer, this is required when authorization caching is enabled. The value is * a comma-separated string of one or more mapping expressions of the specified * request parameters. For example, if an Auth header, a * Name query string parameter are defined as identity sources, this * value is method.request.header.Auth, * method.request.querystring.Name. These parameters will be used to derive * the authorization caching key and to perform runtime validation of the * REQUEST authorizer by verifying all of the identity-related request * parameters are present, not null and non-empty. Only when this is true does the * authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 * Unauthorized response without calling the Lambda function. The valid value is a * string of comma-separated mapping expressions of the specified request * parameters. When the authorization caching is not enabled, this property is * optional.

*/ inline CreateAuthorizerRequest& WithIdentitySource(const Aws::String& value) { SetIdentitySource(value); return *this;} /** *

The identity source for which authorization is requested. For a * TOKEN or COGNITO_USER_POOLS authorizer, this is * required and specifies the request header mapping expression for the custom * header holding the authorization token submitted by the client. For example, if * the token header name is Auth, the header mapping expression is * method.request.header.Auth. For the REQUEST * authorizer, this is required when authorization caching is enabled. The value is * a comma-separated string of one or more mapping expressions of the specified * request parameters. For example, if an Auth header, a * Name query string parameter are defined as identity sources, this * value is method.request.header.Auth, * method.request.querystring.Name. These parameters will be used to derive * the authorization caching key and to perform runtime validation of the * REQUEST authorizer by verifying all of the identity-related request * parameters are present, not null and non-empty. Only when this is true does the * authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 * Unauthorized response without calling the Lambda function. The valid value is a * string of comma-separated mapping expressions of the specified request * parameters. When the authorization caching is not enabled, this property is * optional.

*/ inline CreateAuthorizerRequest& WithIdentitySource(Aws::String&& value) { SetIdentitySource(std::move(value)); return *this;} /** *

The identity source for which authorization is requested. For a * TOKEN or COGNITO_USER_POOLS authorizer, this is * required and specifies the request header mapping expression for the custom * header holding the authorization token submitted by the client. For example, if * the token header name is Auth, the header mapping expression is * method.request.header.Auth. For the REQUEST * authorizer, this is required when authorization caching is enabled. The value is * a comma-separated string of one or more mapping expressions of the specified * request parameters. For example, if an Auth header, a * Name query string parameter are defined as identity sources, this * value is method.request.header.Auth, * method.request.querystring.Name. These parameters will be used to derive * the authorization caching key and to perform runtime validation of the * REQUEST authorizer by verifying all of the identity-related request * parameters are present, not null and non-empty. Only when this is true does the * authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 * Unauthorized response without calling the Lambda function. The valid value is a * string of comma-separated mapping expressions of the specified request * parameters. When the authorization caching is not enabled, this property is * optional.

*/ inline CreateAuthorizerRequest& WithIdentitySource(const char* value) { SetIdentitySource(value); return *this;} /** *

A validation expression for the incoming identity token. For * TOKEN authorizers, this value is a regular expression. For * COGNITO_USER_POOLS authorizers, API Gateway will match the * aud field of the incoming token from the client against the * specified regular expression. It will invoke the authorizer's Lambda function * when there is a match. Otherwise, it will return a 401 Unauthorized response * without calling the Lambda function. The validation expression does not apply to * the REQUEST authorizer.

*/ inline const Aws::String& GetIdentityValidationExpression() const{ return m_identityValidationExpression; } /** *

A validation expression for the incoming identity token. For * TOKEN authorizers, this value is a regular expression. For * COGNITO_USER_POOLS authorizers, API Gateway will match the * aud field of the incoming token from the client against the * specified regular expression. It will invoke the authorizer's Lambda function * when there is a match. Otherwise, it will return a 401 Unauthorized response * without calling the Lambda function. The validation expression does not apply to * the REQUEST authorizer.

*/ inline bool IdentityValidationExpressionHasBeenSet() const { return m_identityValidationExpressionHasBeenSet; } /** *

A validation expression for the incoming identity token. For * TOKEN authorizers, this value is a regular expression. For * COGNITO_USER_POOLS authorizers, API Gateway will match the * aud field of the incoming token from the client against the * specified regular expression. It will invoke the authorizer's Lambda function * when there is a match. Otherwise, it will return a 401 Unauthorized response * without calling the Lambda function. The validation expression does not apply to * the REQUEST authorizer.

*/ inline void SetIdentityValidationExpression(const Aws::String& value) { m_identityValidationExpressionHasBeenSet = true; m_identityValidationExpression = value; } /** *

A validation expression for the incoming identity token. For * TOKEN authorizers, this value is a regular expression. For * COGNITO_USER_POOLS authorizers, API Gateway will match the * aud field of the incoming token from the client against the * specified regular expression. It will invoke the authorizer's Lambda function * when there is a match. Otherwise, it will return a 401 Unauthorized response * without calling the Lambda function. The validation expression does not apply to * the REQUEST authorizer.

*/ inline void SetIdentityValidationExpression(Aws::String&& value) { m_identityValidationExpressionHasBeenSet = true; m_identityValidationExpression = std::move(value); } /** *

A validation expression for the incoming identity token. For * TOKEN authorizers, this value is a regular expression. For * COGNITO_USER_POOLS authorizers, API Gateway will match the * aud field of the incoming token from the client against the * specified regular expression. It will invoke the authorizer's Lambda function * when there is a match. Otherwise, it will return a 401 Unauthorized response * without calling the Lambda function. The validation expression does not apply to * the REQUEST authorizer.

*/ inline void SetIdentityValidationExpression(const char* value) { m_identityValidationExpressionHasBeenSet = true; m_identityValidationExpression.assign(value); } /** *

A validation expression for the incoming identity token. For * TOKEN authorizers, this value is a regular expression. For * COGNITO_USER_POOLS authorizers, API Gateway will match the * aud field of the incoming token from the client against the * specified regular expression. It will invoke the authorizer's Lambda function * when there is a match. Otherwise, it will return a 401 Unauthorized response * without calling the Lambda function. The validation expression does not apply to * the REQUEST authorizer.

*/ inline CreateAuthorizerRequest& WithIdentityValidationExpression(const Aws::String& value) { SetIdentityValidationExpression(value); return *this;} /** *

A validation expression for the incoming identity token. For * TOKEN authorizers, this value is a regular expression. For * COGNITO_USER_POOLS authorizers, API Gateway will match the * aud field of the incoming token from the client against the * specified regular expression. It will invoke the authorizer's Lambda function * when there is a match. Otherwise, it will return a 401 Unauthorized response * without calling the Lambda function. The validation expression does not apply to * the REQUEST authorizer.

*/ inline CreateAuthorizerRequest& WithIdentityValidationExpression(Aws::String&& value) { SetIdentityValidationExpression(std::move(value)); return *this;} /** *

A validation expression for the incoming identity token. For * TOKEN authorizers, this value is a regular expression. For * COGNITO_USER_POOLS authorizers, API Gateway will match the * aud field of the incoming token from the client against the * specified regular expression. It will invoke the authorizer's Lambda function * when there is a match. Otherwise, it will return a 401 Unauthorized response * without calling the Lambda function. The validation expression does not apply to * the REQUEST authorizer.

*/ inline CreateAuthorizerRequest& WithIdentityValidationExpression(const char* value) { SetIdentityValidationExpression(value); return *this;} /** *

The TTL in seconds of cached authorizer results. If it equals 0, * authorization caching is disabled. If it is greater than 0, API Gateway will * cache authorizer responses. If this field is not set, the default value is 300. * The maximum value is 3600, or 1 hour.

*/ inline int GetAuthorizerResultTtlInSeconds() const{ return m_authorizerResultTtlInSeconds; } /** *

The TTL in seconds of cached authorizer results. If it equals 0, * authorization caching is disabled. If it is greater than 0, API Gateway will * cache authorizer responses. If this field is not set, the default value is 300. * The maximum value is 3600, or 1 hour.

*/ inline bool AuthorizerResultTtlInSecondsHasBeenSet() const { return m_authorizerResultTtlInSecondsHasBeenSet; } /** *

The TTL in seconds of cached authorizer results. If it equals 0, * authorization caching is disabled. If it is greater than 0, API Gateway will * cache authorizer responses. If this field is not set, the default value is 300. * The maximum value is 3600, or 1 hour.

*/ inline void SetAuthorizerResultTtlInSeconds(int value) { m_authorizerResultTtlInSecondsHasBeenSet = true; m_authorizerResultTtlInSeconds = value; } /** *

The TTL in seconds of cached authorizer results. If it equals 0, * authorization caching is disabled. If it is greater than 0, API Gateway will * cache authorizer responses. If this field is not set, the default value is 300. * The maximum value is 3600, or 1 hour.

*/ inline CreateAuthorizerRequest& WithAuthorizerResultTtlInSeconds(int value) { SetAuthorizerResultTtlInSeconds(value); return *this;} private: Aws::String m_restApiId; bool m_restApiIdHasBeenSet = false; Aws::String m_name; bool m_nameHasBeenSet = false; AuthorizerType m_type; bool m_typeHasBeenSet = false; Aws::Vector m_providerARNs; bool m_providerARNsHasBeenSet = false; Aws::String m_authType; bool m_authTypeHasBeenSet = false; Aws::String m_authorizerUri; bool m_authorizerUriHasBeenSet = false; Aws::String m_authorizerCredentials; bool m_authorizerCredentialsHasBeenSet = false; Aws::String m_identitySource; bool m_identitySourceHasBeenSet = false; Aws::String m_identityValidationExpression; bool m_identityValidationExpressionHasBeenSet = false; int m_authorizerResultTtlInSeconds; bool m_authorizerResultTtlInSecondsHasBeenSet = false; }; } // namespace Model } // namespace APIGateway } // namespace Aws