Skip to content

Add NotResource field for custom authorizer IAM policy #2165

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 29, 2025
Merged

Add NotResource field for custom authorizer IAM policy #2165

merged 3 commits into from
Oct 29, 2025
+90 −4

Conversation

@RWcoder
Copy link

@RWcoder RWcoder commented Oct 28, 2025
edited
Loading

Issue #, if available: n/a

Description of changes:
Added the option to use NotResource in the policy returned by a custom lambda authorizer for API Gateway. I have a use case where I am caching an API policy for multiple resources as described here: https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.caching

And I would like to return a policy which uses Deny with NotResource

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@normj normj changed the base branch from master to dev October 28, 2025 18:58
@normj normj changed the base branch from dev to master October 28, 2025 18:58
@normj normj changed the base branch from master to dev October 28, 2025 19:02
@normj normj changed the base branch from dev to master October 28, 2025 19:02
@normj normj changed the base branch from master to dev October 28, 2025 19:54
normj
normj reviewed Oct 28, 2025
View reviewed changes
Copy link
Member

@normj normj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR looks good. Can you add a change file which will trigger the version bump and change log generation. Here in the contributor page explains the change file. I would suggest this as Patch for type of change. https://github.com/aws/aws-lambda-dotnet/blob/master/CONTRIBUTING.md#adding-a-change-file-to-your-contribution-branch

peterrsongg
peterrsongg approved these changes Oct 28, 2025
View reviewed changes
Copy link
Contributor

@peterrsongg peterrsongg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good, approving assuming what norm asks for will be added.

normj
normj requested changes Oct 28, 2025
View reviewed changes
@normj normj merged commit d966740 into aws:dev Oct 29, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@normj normj normj approved these changes

@peterrsongg peterrsongg peterrsongg approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@RWcoder @normj @peterrsongg