-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement AWS_IAM Authorizers #802
Comments
Is the idea that it would look something like:
and the serverless macro would transform that into specifying AWS_IAM for the auth type and add the policy to the resource policy on the API? |
or possibly
And the macro would create an IAM Role named NOT_AN_ARN and substitute that Role ARN where applicable in the previous comment? |
Hey @brettstack, I would like to start working on this since this feature is needed for my job. |
Absolutely! We look forward to a PR. ❤️ |
Hey @brettstack, My PR #827 is just ready for review! |
Thanks @horike37! This has been merged to develop and we'll get it out to production asap. |
Great! Can't wait to release 😄 |
Released with SAM v1.11.0! |
Based on the RFC #781, we need to implement the AWS_IAM Authorizers feature.
Requirements:
Some code areas to get started for any interested contributors:
InvokeRole
as a valid property ofAuth
https://github.com/awslabs/serverless-application-model/blob/master/samtranslator/model/api/api_generator.py#L20AWS_IAM
DefaultAuthorizer
here https://github.com/awslabs/serverless-application-model/blob/master/samtranslator/model/api/api_generator.py#L321securityDefinitions
if it's defined as DefaultAuthorizer or if it is specified on any of the Methods https://github.com/awslabs/serverless-application-model/blob/master/samtranslator/swagger/swagger.py#L289The text was updated successfully, but these errors were encountered: