Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to enable “ApiKeyRequired” property in SAM ? #633

Closed
Private-SO opened this issue Oct 22, 2018 · 5 comments
Closed

How to enable “ApiKeyRequired” property in SAM ? #633

Private-SO opened this issue Oct 22, 2018 · 5 comments
Labels
area/resource/api type/feature

Comments

@Private-SO
Copy link

Private-SO commented Oct 22, 2018
edited
Loading

In cloudformation, AWS::ApiGateway::Method has a boolean property ApiKeyRequired . How can i achieve the same in SAM ?

Even tried enabling in the SWAGGER which is like this

Resources:
  GetHelloWorld:
    Type: AWS::Serverless::Function
    Properties:
      Handler: index.get
      Runtime: nodejs8.10
      Role:
        Fn::ImportValue:
          !Join ['-', [!Ref 'ProjectId', !Ref 'AWS::Region', 'LambdaTrustRole']]
      Events:
        GetEvent:
          Type: Api
          Properties:
            Path: /
            Method: get
    ServerlessRestApi: 
       Type: AWS::ApiGateway::RestApi
       Properties: 
       Body: 
        swagger: "2.0"
        info: 
         version: "1.0"
         title: !Ref 'AWS::StackName'
        x-amazon-apigateway-api-key-source: "HEADER"
        paths: 
         "/": 
          get: 
           x-amazon-apigateway-integration: 
            httpMethod: POST
            type: aws_proxy
            uri: 
             !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHelloWorld.Arn}/invocations
           responses: null
           security: 
            - api_key: []
        securityDefinitions: 
         api_key: 
          type: "apiKey"
          name: "x-api-key"
          in: "header"

But Still the changes are not applied in the processed Cloudformation template .
The processed template is like this

"ServerlessRestApi": {
      "Type": "AWS::ApiGateway::RestApi",
      "Properties": {
        "Body": {
          "info": {
            "version": "1.0",
            "title": {
              "Ref": "AWS::StackName"
            }
          },
          "paths": {
            "/": {
              "get": {
                "x-amazon-apigateway-integration": {
                  "httpMethod": "POST",
                  "type": "aws_proxy",
                  "uri": {
                    "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHelloWorld.Arn}/invocations"
                  }
                },
                "responses": {}
              }
            }
          },
          "swagger": "2.0"
        }
      }
    }

Am i missing anything ?

I have tried using the AWS::ApiGateway::Method in SAM where in the required properties it has ResourceId for which i dont have any resource property created in SAM .

Any help is appreciated.

Thanks
@Private-SO Private-SO changed the title How to enable “ApiKeyRequired” property in SAM without Swagger? How to enable “ApiKeyRequired” property in SAM ? Oct 22, 2018
@Private-SO
Copy link
Author

Private-SO commented Oct 24, 2018
edited
Loading

I have resolved the above issue with external swagger Configuration. Below is the code

{
	"swagger": "2.0",
	"info": {
		"version": "1.0",
		"title": {
              "Ref": "AWS::StackName"
            }
	},
	"x-amazon-apigateway-api-key-source": "HEADER",
	"paths": {
		"/": {
			"get": {
				"x-amazon-apigateway-integration": {
					"httpMethod": "POST",
					"type": "aws_proxy",
					"uri": {
                    "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHelloWorld.Arn}/invocations"
                  }
				},
				"responses": {},
				"security": [
					{
						"api_key": []
					}
				]
			}
		}
	},
	"securityDefinitions": {
		"api_key": {
			"type": "apiKey",
			"name": "x-api-key",
			"in": "header"
		}
	}
}

Cant it possible with implicit API call in SAM rather than explicitly passing the AWS::Serverless::Api ?Because the swagger code is okay for less endpoints and becomes complex once endpoints got increased. Is there any flag like APIkeyRequired like we have in Cloudformation ?

Any help is appreciated
Thanks

@mvanbaak
Copy link

I would like to see this in SAM as well. The swagger way is not really an option, as we would like to continue using the AWS::Serverless::Function with the Event configuration.

Adding it to those would be the best option.

@hilotter hilotter mentioned this issue Dec 21, 2018
Closed
@Grigol
Copy link

Grigol commented Feb 23, 2019

@Private-SO , your approach worked well here. I gave up using implicit API on SAM for now.
Thanks.

@keetonian
Copy link
Contributor

We've commented about how to implement this in #547, and I agree that it would be better if it could work with the Event configuration in Serverless::Function. Closing this issue in favor of #547

@komikoni
Copy link

komikoni commented Jun 2, 2020

I had the same problem.

I've tried changing to Cloudformation's API gateway, but I've noticed something good.
OAS (Swagger)
x-amazon-apigateway-api-key-source: AUTHORIZER

It works with both OpenAPI 2.0 and OpenAPI 3.0.
Let's set it to the top level!

https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-api-key-source.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/resource/api type/feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@Grigol @mvanbaak @komikoni @keetonian @Private-SO