Creates a value of CreateAuthorizer with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

• caIdentityValidationExpression
• caAuthorizerResultTtlInSeconds
• caAuthorizerCredentials
• caRestAPIId
• caName
• caType
• caAuthorizerURI
• caIdentitySource

See: createAuthorizer smart constructor.

A validation expression for the incoming identity.

The TTL of cached authorizer results.

Specifies the credentials required for the authorizer, if any.

Undocumented member.

Required

The name of the authorizer.

Required

The type of the authorizer.

Required

Specifies the authorizer's Uniform Resource Identifier (URI).

Required

The source of the identity in an incoming request.

Creates a value of Authorizer with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

• aAuthorizerURI
• aIdentityValidationExpression
• aName
• aId
• aAuthorizerResultTtlInSeconds
• aType
• aIdentitySource
• aAuthorizerCredentials

Represents an authorization layer for methods. If enabled on a method, API Gateway will activate the authorizer when a client calls the method.

See: authorizer smart constructor.

Required

Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN authorizers, this must be a well-formed Lambda function URI. The URI should be of the form 'arn:aws:apigateway:{region}:lambda:path/{service_api}'. Region is used to determine the right endpoint. In this case, path is used to indicate that the remaining substring in the URI should be treated as the path to the resource, including the initial \/. For Lambda functions, this is usually of the form /2015-03-31/functions/[FunctionARN]/invocations

A validation expression for the incoming identity. For TOKEN authorizers, this value should be a regular expression. The incoming token from the client is matched against this expression, and will proceed if the token matches. If the token doesn't match, the client receives a 401 Unauthorized response.

Required

The name of the authorizer.

The identifier for the authorizer resource.

The TTL in seconds of cached authorizer results. If greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.

Required

The type of the authorizer. Currently, the only valid type is TOKEN.

Required

The source of the identity in an incoming request. For TOKEN authorizers, this value is a mapping expression with the same syntax as integration parameter mappings. The only valid source for tokens is 'header', so the expression should match 'method.request.header.[headerName]'. The value of the header '[headerName]' will be interpreted as the incoming token.

Specifies the credentials required for the authorizer, if any. Two options are available. To specify an IAM Role for Amazon API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.