(api-gateway): Ability to set Per-key cache invalidation attributes

[parencik]

Description

It would be great to be able to set Per-key cache invalidation (enabled/disabled) and sub-attributes - Require authorization (true/false) and Handle unauthorized requests (1 from 3 options) globally - per stage and per method in API.

Use Case

I'm regularly deploying 20+ APIs to 3 stages and have to manually set Per-key cache invalidation behavior manually for each method separately, thats annoying.

Proposed Solution

Would be great if added these options to interface StageOptions and MethodDeploymentOptions

Other information

No response

Acknowledge

• I may be able to implement this feature request
• This feature might incur a breaking change

[otaviomacedo]

Hi, @parencik. I'm not sure if I fully understand this feature request.

You can already define caching per key on the integration level. For example:

new apigateway.LambdaIntegration(someLambdaFunction, {
  cacheKeyParameters: /* ... */
});

And to define which methods need authorization and what authorization mechanism to apply, you can use authorizers on the method level.

But I presume you mean something different. Can you share some examples of what the API would look like?

[bruno-roussel]

I have the same issue, I can't find a way to configure the cache invalidation

from this issue aws/serverless-application-model#788

[parencik]

@otaviomacedo
Bruno's print screen shows what i meant

[unitypark]

are there any progress on this issue?

[Naumel]

This issue is a p2, which means that we are unable to work on this immediately.

We use +1s to help prioritize work, and are happy to reevaluate this issue based on community feedback ( number of 👍 on issue description).

[github-actions]

This issue has received a significant amount of attention so we are automatically upgrading its priority. A member of the community will see the re-prioritization and provide an update on the issue.

[otaviomacedo]

This is not supported in CloudFormation. I've opened a ticket internally to understand what can be done.

[erikfinnman]

Stumbled recently upon this myself and the best workaround I've come up with is to use the AWS CLI as part of the CI/CD pipeline and remove this property from the API:
aws apigateway update-stage --rest-api-id [api-id] --stage-name [stage_name] --patch-operations \ op="replace",path="'the_resource_path/GET/caching/requireAuthorizationForCacheControl'",value="false"

I have seen some posts where people use wildcards to update multiple resources at the same time, but I didn't get that to work.

Note that the "path" must be escaped according to the instructions here: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/apigateway/client/update_stage.html

[gqe3red]

Please enable the feature Per-key cache invalidation along with Require authorization and Handle unauthorized requests for caching feature

[paul-uz]

+1

I've just encountered this issue. It gets enabled by default it seems, and no way to set it in the Cloudformation config