diff --git a/apigw-http-api-lambda-python/apigw-rest-regional-lambda.code-workspace b/apigw-http-api-lambda-python/apigw-rest-regional-lambda.code-workspace new file mode 100644 index 000000000..c2e4e8f99 --- /dev/null +++ b/apigw-http-api-lambda-python/apigw-rest-regional-lambda.code-workspace @@ -0,0 +1,11 @@ +{ + "folders": [ + { + "path": "../apigw-rest-regional-lambda" + }, + { + "path": ".." + } + ], + "settings": {} +} \ No newline at end of file diff --git a/apigw-websocket-mapping-template-authorizer/README.md b/apigw-websocket-mapping-template-authorizer/README.md new file mode 100644 index 000000000..7e4872e2c --- /dev/null +++ b/apigw-websocket-mapping-template-authorizer/README.md @@ -0,0 +1,108 @@ +# AWS API Gateway Websocket API to AWS Lambda with authorization and mapping template + +This pattern will create an AWS API Gateway Websocket API protected by a Lambda authorizer. The websocket is integrated with a Lambda function through a mapping template that passes the main informations of the request. + +Learn more about this pattern at Serverless Land Patterns: https://serverlessland.com/patterns/apigw-websocket-mapping-template-authorizer + +Important: this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the [AWS Pricing page](https://aws.amazon.com/pricing/) for details. You are responsible for any AWS costs incurred. No warranty is implied in this example. + +## Requirements + +* [Create an AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources. +* [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) installed and configured +* [Git Installed](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) +* [AWS Serverless Application Model](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install.html) (AWS SAM) installed +* [Install NPM](https://www.npmjs.com/get-npm). + +## Deployment Instructions + +1. Create a new directory, navigate to that directory in a terminal and clone the GitHub repository: + ``` + git clone https://github.com/aws-samples/serverless-patterns + ``` +1. Change directory to the pattern directory: + ``` + cd apigw-websocket-mapping-template-authorizer + ``` +1. From the command line, use AWS SAM to deploy the AWS resources for the pattern as specified in the template.yml file: + ``` + sam deploy --guided + ``` +1. During the prompts: + * Enter a stack name + * Enter the desired AWS Region + * Allow SAM CLI to create IAM roles with the required permissions. + + Once you have run `sam deploy --guided` mode once and saved arguments to a configuration file (samconfig.toml), you can use `sam deploy` in future to use these defaults. + +1. Note the outputs from the SAM deployment process. These contain the resource names and/or ARNs which are used for testing. + +## How it works + +The architecture uses proxy integration for the `$connect` and `$disconnect` routes, each linked to their respective AWS Lambda functions. The `sendmessage` route uses non-proxy integration with a backend Lambda function, incorporating a mapping template to pass essential data such as the message body and connection ID. + + +The Mapping Template used is this one : +``` + { + "requestContext": { + "routeKey": "$context.routeKey", + "messageId": "$context.messageId", + "auth": "$context.authorizer.principalId", + "token": "$context.authorizer.token", + "eventType": "$context.eventType", + "extendedRequestId": "$context.extendedRequestId", + "requestTime": "$context.requestTime", + "messageDirection": "$context.messageDirection", + "stage": "$context.stage", + "connectedAt": "$context.connectedAt", + "requestTimeEpoch": "$context.requestTimeEpoch", + "sourceIp": "$context.identity.sourceIp", + "requestId": "$context.requestId", + "domainName": "$context.domainName", + "connectionId": "$context.connectionId", + "apiId": "$context.apiId" + }, + "body": "$util.escapeJavaScript($input.body)", + "isBase64Encoded": "$context.isBase64Encoded" + } +``` +The backend Lambda function `SendMessageFunction` operates independently by retrieving the endpoint and DynamoDB table name from environment variables. The API stage name is defined in the Lambda environment variables. To modify the stage name, you can either update the environment variable or extract it from the mapping template in the event sent to Lambda. + +This implementation includes security through a Lambda REQUEST Authorizer. The authorizer function validates the header `token`, granting access only when the token value is "hello". Requests with invalid tokens receive a 401 Unauthorized response. + +All Lambda functions use Node.js 22 with ".mjs" files and implement ES module import syntax. To send responses to clients, the Lambda function constructs the endpoint URL using environment variables: +`"https://" + process.env.API_ID + ".execute-api." + process.env.AWS_REGION + ".amazonaws.com/" + process.env.STAGE + "/"` and the command `PostToConnectionCommand` from the client [`ApiGatewayManagementApiClient`](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/apigatewaymanagementapi/). + +## Testing + +Once the template deployed, you would need to use a websocket client, I would recommend either Postman ior wscat. + +1. Install wscat: + ``` + $ npm install -g wscat + ``` + +1. Connect to the WebSocket with the following command: + ``` + $ wscat --header token:hello -c wss:// + ``` +If you don't put the header and its value, you will get `Unauthorized` + +You can then send the Json Payload to the `sendmessage` route: +``` +> {"action": "sendmessage","message" : "hey queen"} +< good job on deploying this template, keep slaying!! +``` + +## Cleanup + +1. Delete the stack + ```bash + sam delete + ``` + +---- +Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + +SPDX-License-Identifier: MIT-0 diff --git a/apigw-websocket-mapping-template-authorizer/apigw-websocket-mapping-template-authorizer.json b/apigw-websocket-mapping-template-authorizer/apigw-websocket-mapping-template-authorizer.json new file mode 100644 index 000000000..f1cfa5e05 --- /dev/null +++ b/apigw-websocket-mapping-template-authorizer/apigw-websocket-mapping-template-authorizer.json @@ -0,0 +1,86 @@ +{ + "title": "Websocket API Gateway with an AWS Lambda Authorizer and mapping template", + "description": "Create a Websocket API with a Lambda Authorizer and an AWS Lambda in the back-end.", + "language": "Node.js", + "level": "200", + "framework": "AWS SAM", + "introBox": { + "headline": "How it works", + "text": [ + "This projects demonstrates how to use a WebSocket API with an AWS Lambda Authorizer", + "The WebSocket API does not have a Proxy integration with the back-end Lambda Function written NodeJs 22, instead it is using a mapping template that forwards the main information of the request.", + "The Connection ID is stored in a Amazon DynamoDB table and the Lambda Function sends a response to the websocket API through the endpoint URL" + ] + }, + "gitHub": { + "template": { + "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/apigw-websocket-mapping-template-authorizer", + "templateURL": "serverless-patterns/apigw-websocket-mapping-template-authorizer", + "projectFolder": "apigw-websocket-mapping-template-authorizer", + "templateFile": "template.yaml" + } + }, + "resources": { + "bullets": [ + { + "text": "Invoke a Webscoket API with wscat", + "link": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-wscat.html" + }, + { + "text": "Integration request in Websocket API Gateway", + "link": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-integration-requests.html" + }, + { + "text": "Control access to WebSocket APIs with AWS Lambda REQUEST authorizers", + "link": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-lambda-auth.html" + } + ] + }, + "deploy": { + "text": ["sam deploy"] + }, + "testing": { + "text": ["See the GitHub repo for detailed testing instructions."] + }, + "cleanup": { + "text": ["Delete the stack: sam delete."] + }, + "authors": [ + { + "name": "Alice Goumain", + "image": "https://media.licdn.com/dms/image/v2/C4E03AQFu1xnGt76xzg/profile-displayphoto-shrink_200_200/profile-displayphoto-shrink_200_200/0/1662636937225?e=2147483647&v=beta&t=f4IFRXMLweHD9WieD3X1D3YkZO3Hf-bdTXHAfYcFpbo", + "bio": "Cloud Support Engineer in Serverless @ AWS", + "linkedin": "alice-goumain/" + } + ], + "patternArch": { + "icon1": { + "x": 20, + "y": 50, + "service": "apigw", + "label": "API Gateway WebSocket" + }, + "icon2": { + "x": 50, + "y": 50, + "service": "lambda", + "label": "AWS Lambda" + }, + "icon3": { + "x": 80, + "y": 50, + "service": "dynamodb", + "label": "Amazon DynamoDB" + }, + "line1": { + "from": "icon1", + "to": "icon2", + "label": "" + }, + "line2": { + "from": "icon2", + "to": "icon3", + "label": "" + } + } +} diff --git a/apigw-websocket-mapping-template-authorizer/example-pattern.json b/apigw-websocket-mapping-template-authorizer/example-pattern.json new file mode 100644 index 000000000..e1ad9325b --- /dev/null +++ b/apigw-websocket-mapping-template-authorizer/example-pattern.json @@ -0,0 +1,62 @@ +{ + "title": "AWS Websocket API Gateway with an AWS Lambda Authorizer and mapping template", + "description": "Create a Websocket API with a Lambda authorizer and a Lambda in the back-end.", + "language": "NodeJs", + "level": "200", + "framework": "SAM", + "introBox": { + "headline": "How it works", + "text": [ + "This projects demonstrates how to use an AWS WebSocket API with an AWS Lambda Authorizer", + "The WebSocket API does not have a Proxy integration with the back-end Lambda Function written NodeJs 22, instead it is using a mapping template that forwards the main information of the request.", + "The Connection ID is stored in an AWS DynamoDB table and the Lambda Function sends a response to the websocket API through the endpoint URL" + ] + }, + "gitHub": { + "template": { + "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/apigw-websocket-mapping-template-authorizer", + "templateURL": "serverless-patterns/apigw-websocket-mapping-template-authorizer", + "projectFolder": "apigw-websocket-mapping-template-authorizer", + "templateFile": "apigw-websocket-mapping-template-authorizer/template.yaml" + } + }, + "resources": { + "bullets": [ + { + "text": "Invoke a Webscoket API with wscat", + "link": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-how-to-call-websocket-api-wscat.html" + }, + { + "text": "Integration request in Websocket API Gateway", + "link": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-integration-requests.html" + }, + { + "text": "Control access to WebSocket APIs with AWS Lambda REQUEST authorizers", + "link": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-lambda-auth.html" + } + ] + }, + "deploy": { + "text": [ + "sam deploy" + ] + }, + "testing": { + "text": [ + "See the GitHub repo for detailed testing instructions." + ] + }, + "cleanup": { + "text": [ + "Delete the stack: sam delete." + ] + }, + "authors": [ + { + "name": "Alice Goumain", + "image": "https://media.licdn.com/dms/image/v2/C4E03AQFu1xnGt76xzg/profile-displayphoto-shrink_200_200/profile-displayphoto-shrink_200_200/0/1662636937225?e=2147483647&v=beta&t=f4IFRXMLweHD9WieD3X1D3YkZO3Hf-bdTXHAfYcFpbo", + "bio": "Cloud Support Engineer in Serverless @ AWS", + "linkedin": "https://www.linkedin.com/in/alice-goumain/" + } + ] +} diff --git a/apigw-websocket-mapping-template-authorizer/src/authorizer.mjs b/apigw-websocket-mapping-template-authorizer/src/authorizer.mjs new file mode 100644 index 000000000..9143e7f7f --- /dev/null +++ b/apigw-websocket-mapping-template-authorizer/src/authorizer.mjs @@ -0,0 +1,32 @@ +export const handler = function(event, context, callback) { + console.log('Received event:', JSON.stringify(event, null, 2)); + // Retrieve request parameters from the Lambda function input: + var headers = event.headers; + if (headers.token === "hello"){ + callback(null, generateAllow('me', event.methodArn)); + } else { + callback("Unauthorized"); + } +} +// Help function to generate an IAM policy +var generatePolicy = function(principalId, effect, resource) { + // Required output: + var authResponse = {}; + authResponse.principalId = principalId; + if (effect && resource) { + var policyDocument = {}; + policyDocument.Version = '2012-10-17'; // default version + policyDocument.Statement = []; + var statementOne = {}; + statementOne.Action = 'execute-api:Invoke'; // default action + statementOne.Effect = effect; + statementOne.Resource = resource; + policyDocument.Statement[0] = statementOne; + authResponse.policyDocument = policyDocument; + } + return authResponse; +} + +var generateAllow = function(principalId, resource) { + return generatePolicy(principalId, 'Allow', resource); +} \ No newline at end of file diff --git a/apigw-websocket-mapping-template-authorizer/src/onconnect.mjs b/apigw-websocket-mapping-template-authorizer/src/onconnect.mjs new file mode 100644 index 000000000..cf0808ec2 --- /dev/null +++ b/apigw-websocket-mapping-template-authorizer/src/onconnect.mjs @@ -0,0 +1,24 @@ +import { DynamoDBClient, PutItemCommand } from "@aws-sdk/client-dynamodb"; +const client = new DynamoDBClient({ region: process.env.AWS_REGION }); + +export const handler = async (event) => { + const connectionId = event.requestContext.connectionId; + console.log("connection ID:", JSON.stringify(connectionId, null, 2) ); // Print the connection ID + const putParams = { + "Item": { + "connectionId": { + "S": connectionId + }, + }, + "TableName": process.env.TABLE_NAME + }; + try { + const command = new PutItemCommand(putParams); + const response = await client.send(command); + console.log("put command:", JSON.stringify(response, null, 2)); // Print the response + } catch (err) { + return { statusCode: 500, body: "Failed to connect: " + JSON.stringify(err) }; + } + + return { statusCode: 200, body: "Connected." }; +}; \ No newline at end of file diff --git a/apigw-websocket-mapping-template-authorizer/src/ondisconnect.mjs b/apigw-websocket-mapping-template-authorizer/src/ondisconnect.mjs new file mode 100644 index 000000000..95e6761cf --- /dev/null +++ b/apigw-websocket-mapping-template-authorizer/src/ondisconnect.mjs @@ -0,0 +1,23 @@ +import { DynamoDBClient, DeleteItemCommand } from "@aws-sdk/client-dynamodb"; +const client = new DynamoDBClient({ region: process.env.AWS_REGION }); + +export const handler = async (event) => { + const connectionId = event.requestContext.connectionId; + const deleteParams = { + "Key": { + "connectionId": { + "S": connectionId + }, + }, + "TableName": process.env.TABLE_NAME + }; + + try { + const command = new DeleteItemCommand(deleteParams); + await client.send(command); + } catch (err) { + return { statusCode: 500, body: "Failed to disconnect: " + JSON.stringify(err) }; + } + + return { statusCode: 200, body: "Disconnected." }; +}; \ No newline at end of file diff --git a/apigw-websocket-mapping-template-authorizer/src/sendmessage.mjs b/apigw-websocket-mapping-template-authorizer/src/sendmessage.mjs new file mode 100644 index 000000000..2e0a69df1 --- /dev/null +++ b/apigw-websocket-mapping-template-authorizer/src/sendmessage.mjs @@ -0,0 +1,42 @@ +import { DynamoDBClient, ScanCommand, DeleteItemCommand } from "@aws-sdk/client-dynamodb"; +import { ApiGatewayManagementApiClient, PostToConnectionCommand } from "@aws-sdk/client-apigatewaymanagementapi"; +const ddbClient = new DynamoDBClient({ region: process.env.AWS_REGION }); + +export const handler = async (event) => { + let connectionData; + + //scanning DB table to get the Connection ID + const scanParams = { + TableName: process.env.TABLE_NAME, + ProjectionExpression: "connectionId", + }; + + const scanCommand = new ScanCommand(scanParams); + const responseDynamo = await ddbClient.send(scanCommand); + connectionData = responseDynamo.Items; + const connectionId = connectionData[0].connectionId.S; + console.log("connectionData:", connectionData); // print info about the DB connection + + //building endpoint from env variables, can also be buit from request parameters + const endpoint = "https://" + process.env.API_ID + ".execute-api." + process.env.AWS_REGION + ".amazonaws.com/" + process.env.STAGE + "/"; + + const apigwManagementApi = new ApiGatewayManagementApiClient({ apiVersion: "2018-11-29", + endpoint: endpoint, + }); + + //parameters to post response to the connectionId + const postParams = { + ConnectionId: connectionId, + Data: "good job on deploying this template, keep slaying!!", + }; + + try{ + const postCommand = new PostToConnectionCommand(postParams); + const responseApi = await apigwManagementApi.send(postCommand); + console.log("response:", responseApi); //print the response + } catch (err) { + return { statusCode: 500, body: "Failed to connect: " + JSON.stringify(err) }; + } + + return { statusCode: 200, body: "Data sent" }; +}; \ No newline at end of file diff --git a/apigw-websocket-mapping-template-authorizer/template.yaml b/apigw-websocket-mapping-template-authorizer/template.yaml new file mode 100644 index 000000000..2afa7b0f5 --- /dev/null +++ b/apigw-websocket-mapping-template-authorizer/template.yaml @@ -0,0 +1,246 @@ +AWSTemplateFormatVersion: '2010-09-09' +Transform: AWS::Serverless-2016-10-31 +Description: SAM template for a websocket API with a mapping template and a Lambda integration + +Resources: + WebsocketApi: + Type: AWS::ApiGatewayV2::Api + Properties: + Name: Websocket-api-mapping-template + ProtocolType: WEBSOCKET + RouteSelectionExpression: $request.body.action + + LambdaAuthorizer: + Type: AWS::ApiGatewayV2::Authorizer + Properties: + ApiId: !Ref WebsocketApi + AuthorizerType: REQUEST + AuthorizerUri: + Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${AuthFunction.Arn}/invocations + Name: lambda-authorizer-request + IdentitySource: + - route.request.header.token + + ConnectRoute: + Type: AWS::ApiGatewayV2::Route + Properties: + ApiId: + Ref: WebsocketApi + RouteKey: $connect + Target: + Fn::Join: + - / + - - integrations + - Ref: ConnectInteg + AuthorizationType: CUSTOM + AuthorizerId: !Ref LambdaAuthorizer + + ConnectInteg: + Type: AWS::ApiGatewayV2::Integration + Properties: + ApiId: !Ref WebsocketApi + IntegrationType: AWS_PROXY + IntegrationUri: + Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${OnConnectFunction.Arn}/invocations + + DisconnectRoute: + Type: AWS::ApiGatewayV2::Route + Properties: + ApiId: + Ref: WebsocketApi + RouteKey: $disconnect + Target: + Fn::Join: + - / + - - integrations + - Ref: DisconnectInteg + DisconnectInteg: + Type: AWS::ApiGatewayV2::Integration + Properties: + ApiId: + Ref: WebsocketApi + IntegrationType: AWS_PROXY + IntegrationUri: + Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${OnDisconnectFunction.Arn}/invocations + + SendRoute: + Type: AWS::ApiGatewayV2::Route + Properties: + ApiId: + Ref: WebsocketApi + RouteKey: sendmessage + Target: + Fn::Join: + - / + - - integrations + - Ref: SendInteg + + SendInteg: + Type: AWS::ApiGatewayV2::Integration + Properties: + ApiId: + Ref: WebsocketApi + Description: Send Integration + IntegrationType: AWS + IntegrationUri: + Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${SendMessageFunction.Arn}/invocations + RequestTemplates: + application/json: | + { + "requestContext": { + "routeKey": "$context.routeKey", + "messageId": "$context.messageId", + "auth": "$context.authorizer.principalId", + "token": "$context.authorizer.token", + "eventType": "$context.eventType", + "extendedRequestId": "$context.extendedRequestId", + "requestTime": "$context.requestTime", + "messageDirection": "$context.messageDirection", + "stage": "$context.stage", + "connectedAt": "$context.connectedAt", + "requestTimeEpoch": "$context.requestTimeEpoch", + "sourceIp": "$context.identity.sourceIp", + "requestId": "$context.requestId", + "domainName": "$context.domainName", + "connectionId": "$context.connectionId", + "apiId": "$context.apiId" + }, + "body": "$util.escapeJavaScript($input.body)", + "isBase64Encoded": "$context.isBase64Encoded" + } + + Deployment: + Type: AWS::ApiGatewayV2::Deployment + DependsOn: + - ConnectRoute + - SendRoute + - DisconnectRoute + Properties: + ApiId: + Ref: WebsocketApi + + Stage: + Type: AWS::ApiGatewayV2::Stage + Properties: + StageName: stage + DeploymentId: + Ref: Deployment + ApiId: + Ref: WebsocketApi + + ConnectionsTable: + Type: AWS::Serverless::SimpleTable + Properties: + PrimaryKey: + Name: connectionId + Type: String + TableName: connection_table + + AuthFunction: + Type: AWS::Serverless::Function + Properties: + Handler: authorizer.handler + MemorySize: 256 + CodeUri: ./src + Runtime: nodejs22.x + + LambdaAuthPermission: + Type: AWS::Lambda::Permission + DependsOn: + - WebsocketApi + Properties: + Action: lambda:InvokeFunction + FunctionName: + Ref: AuthFunction + Principal: apigateway.amazonaws.com + SourceArn: !Sub 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${WebsocketApi}/*' + + + OnConnectFunction: + Type: AWS::Serverless::Function + Properties: + Handler: onconnect.handler + CodeUri: ./src + Runtime: nodejs22.x + Environment: + Variables: + TABLE_NAME: !Ref ConnectionsTable + Policies: + - DynamoDBCrudPolicy: + TableName: !Ref ConnectionsTable + + OnConnectPermission: + Type: AWS::Lambda::Permission + DependsOn: + - WebsocketApi + Properties: + Action: lambda:InvokeFunction + FunctionName: + Ref: OnConnectFunction + Principal: apigateway.amazonaws.com + SourceArn: !Sub 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${WebsocketApi}/*' + + OnDisconnectFunction: + Type: AWS::Serverless::Function + Properties: + Handler: ondisconnect.handler + CodeUri: ./src + Runtime: nodejs22.x + Environment: + Variables: + TABLE_NAME: !Ref ConnectionsTable + Policies: + - DynamoDBCrudPolicy: + TableName: !Ref ConnectionsTable + + OnDisconnectPermission: + Type: AWS::Lambda::Permission + DependsOn: + - WebsocketApi + Properties: + Action: lambda:InvokeFunction + FunctionName: + Ref: OnDisconnectFunction + Principal: apigateway.amazonaws.com + SourceArn: !Sub 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${WebsocketApi}/*' + + SendMessageFunction: + Type: AWS::Serverless::Function + DependsOn: + - WebsocketApi + Properties: + Handler: sendmessage.handler + CodeUri: ./src + Runtime: nodejs22.x + Environment: + Variables: + TABLE_NAME: !Ref ConnectionsTable + API_ID: !Ref WebsocketApi + STAGE: "stage" + Policies: + - DynamoDBCrudPolicy: + TableName: !Ref ConnectionsTable + - Statement: + - Effect: Allow + Action: + - execute-api:ManageConnections + Resource: + - Fn::Sub: arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${WebsocketApi}/* + + SendMessagePermission: + Type: AWS::Lambda::Permission + DependsOn: + - WebsocketApi + Properties: + Action: lambda:InvokeFunction + FunctionName: !Ref SendMessageFunction + Principal: apigateway.amazonaws.com + SourceArn: !Sub 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${WebsocketApi}/*' + +Outputs: + WebSocketCommand: + Description: "The WSS command to use to connect" + Value: !Join [ '', [ 'wscat --header token:hello -c wss://', !Ref WebsocketApi, '.execute-api.',!Ref 'AWS::Region','.amazonaws.com/',!Ref 'Stage'] ] + PayloadJson: + Description: "The Json payload you can send to try the sendmessage route" + Value: '{"action": "sendmessage","message" : "hey queen"}'