Resources:
  RestApiFunction:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: s3://sam-demo-bucket/todo_list.zip
      Handler: index.restapi
      Runtime: nodejs12.x
      Policies: AmazonDynamoDBFullAccess
      Events:
        DefaultAuth:
          Type: HttpApi
          Properties:
            Path: /defaultauth
            Method: post
        NoneAuth:
          Type: HttpApi
          Properties:
            Path: /noneauth
            Method: post
            Auth:
              Authorizer: NONE
        ScopeOverride:
          Type: HttpApi
          Properties:
            Path: /scope3
            Method: post
            Auth:
              AuthorizationScopes:
              - scope3
        oauth2Path:
          Type: HttpApi
          Properties:
            Path: /oauth2
            Method: post
            Auth:
              Authorizer: oauth2Auth
        SimpleCase:
          Type: HttpApi

Globals:
  HttpApi:
    Auth:
      Authorizers:
        oauth2Auth:
          AuthorizationScopes:
          - scope4
          JwtConfiguration:
            issuer: https://www.example.com/v1/connect/oidc
            audience:
            - MyApi
          IdentitySource: $request.querystring.param
      DefaultAuthorizer: oauth2Auth