Resources: Function: Type: AWS::Serverless::Function Properties: Runtime: python3.7 Handler: index.handler CodeUri: s3://bucket/key Events: Api: Type: HttpApi Properties: ApiId: !Ref MyApi Auth: Authorizer: myAuth Function2: Type: AWS::Serverless::Function Properties: Runtime: python3.7 Handler: index.handler CodeUri: s3://bucket/key Events: Api2: Type: HttpApi Properties: ApiId: !Ref MyApi2 Auth: Authorizer: myAuth Function3: Type: AWS::Serverless::Function Properties: Runtime: python3.7 Handler: index.handler CodeUri: s3://bucket/key Events: Api3: Type: HttpApi Properties: ApiId: !Ref MyApi3 Auth: Authorizer: NONE Function4: Type: AWS::Serverless::Function Properties: Runtime: python3.7 Handler: index.handler CodeUri: s3://bucket/key Events: Api4: Type: HttpApi Properties: ApiId: !Ref MyApi4 Auth: Authorizer: OAuth2 AuthorizationScopes: scope Function5: Type: AWS::Serverless::Function Properties: Runtime: python3.7 Handler: index.handler CodeUri: s3://bucket/key Events: Api4: Type: HttpApi Properties: ApiId: !Ref MyApi5 Auth: Authorizer: OIDC NonStringAuthFunction: Type: AWS::Serverless::Function Properties: CodeUri: s3://bucket/key Handler: index.handler Runtime: nodejs12.x Events: GetRoot: Type: HttpApi Properties: ApiId: NonStringAuthFunctionApi Path: / Method: get Auth: # Correct usage: Authorizer: MyAuth Authorizer: !Ref MyAuth InvokeRole: CALLER_CREDENTIALS MyApi: Type: AWS::Serverless::HttpApi Properties: DefinitionBody: info: version: '1.0' title: Ref: AWS::StackName paths: {} openapi: 3.0.1 MyApi2: Type: AWS::Serverless::HttpApi Properties: Auth: Authorizers: OAuth2: AuthorizationScopes: - scope4 JwtConfiguration: issuer: https://www.example.com/v1/connect/oidc audience: - MyApi IdentitySource: $request.querystring.param DefaultAuthorizer: OAuth2 DefinitionBody: info: version: '1.0' title: Ref: AWS::StackName paths: {} openapi: 3.0.1 MyApi3: Type: AWS::Serverless::HttpApi Properties: Auth: Authorizers: OAuth2: AuthorizationScopes: - scope4 JwtConfiguration: issuer: https://www.example.com/v1/connect/oidc audience: - MyApi IdentitySource: $request.querystring.param DefinitionBody: info: version: '1.0' title: Ref: AWS::StackName paths: {} openapi: 3.0.1 MyApi4: Type: AWS::Serverless::HttpApi Properties: Auth: Authorizers: OAuth2: AuthorizationScopes: - scope4 JwtConfiguration: issuer: https://www.example.com/v1/connect/oidc audience: - MyApi IdentitySource: $request.querystring.param DefinitionBody: info: version: '1.0' title: Ref: AWS::StackName paths: {} openapi: 3.0.1 MyApi5: Type: AWS::Serverless::HttpApi Properties: Auth: Authorizers: OIDC: OpenIdConnectUrl: https://example.com/url AuthorizationScopes: - scope4 JwtConfiguration: issuer: https://www.example.com/v1/connect/oidc audience: - MyApi IdentitySource: $request.querystring.param DefinitionBody: info: version: '1.0' title: Ref: AWS::StackName paths: {} openapi: 3.0.1 NonStringAuthFunctionApi: Type: AWS::Serverless::HttpApi Properties: Auth: Authorizers: MyAuth: JwtConfiguration: audience: https://test-sam.com issuer: https://test-sam.com IdentitySource: $request.header.Authorization