Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Synopsis
- data LambdaAuthorizerConfig = LambdaAuthorizerConfig' {}
- newLambdaAuthorizerConfig :: Text -> LambdaAuthorizerConfig
- lambdaAuthorizerConfig_authorizerResultTtlInSeconds :: Lens' LambdaAuthorizerConfig (Maybe Natural)
- lambdaAuthorizerConfig_identityValidationExpression :: Lens' LambdaAuthorizerConfig (Maybe Text)
- lambdaAuthorizerConfig_authorizerUri :: Lens' LambdaAuthorizerConfig Text
Documentation
data LambdaAuthorizerConfig Source #
A LambdaAuthorizerConfig
specifies how to authorize AppSync API access
when using the AWS_LAMBDA
authorizer mode. Be aware that an AppSync
API can have only one Lambda authorizer configured at a time.
See: newLambdaAuthorizerConfig
smart constructor.
LambdaAuthorizerConfig' | |
|
Instances
newLambdaAuthorizerConfig Source #
Create a value of LambdaAuthorizerConfig
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:authorizerResultTtlInSeconds:LambdaAuthorizerConfig'
, lambdaAuthorizerConfig_authorizerResultTtlInSeconds
- The number of seconds a response should be cached for. The default is 5
minutes (300 seconds). The Lambda function can override this by
returning a ttlOverride
key in its response. A value of 0 disables
caching of responses.
$sel:identityValidationExpression:LambdaAuthorizerConfig'
, lambdaAuthorizerConfig_identityValidationExpression
- A regular expression for validation of tokens before the Lambda function
is called.
$sel:authorizerUri:LambdaAuthorizerConfig'
, lambdaAuthorizerConfig_authorizerUri
- The Amazon Resource Name (ARN) of the Lambda function to be called for
authorization. This can be a standard Lambda ARN, a version ARN
(.../v3
), or an alias ARN.
Note: This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
lambdaAuthorizerConfig_authorizerResultTtlInSeconds :: Lens' LambdaAuthorizerConfig (Maybe Natural) Source #
The number of seconds a response should be cached for. The default is 5
minutes (300 seconds). The Lambda function can override this by
returning a ttlOverride
key in its response. A value of 0 disables
caching of responses.
lambdaAuthorizerConfig_identityValidationExpression :: Lens' LambdaAuthorizerConfig (Maybe Text) Source #
A regular expression for validation of tokens before the Lambda function is called.
lambdaAuthorizerConfig_authorizerUri :: Lens' LambdaAuthorizerConfig Text Source #
The Amazon Resource Name (ARN) of the Lambda function to be called for
authorization. This can be a standard Lambda ARN, a version ARN
(.../v3
), or an alias ARN.
Note: This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction