Copyright | (c) 2013-2016 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay <brendan.g.hay@gmail.com> |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | None |
Language | Haskell2010 |
Adds a new Authorizer
resource to an existing RestApi
resource.
- createAuthorizer :: Text -> Text -> AuthorizerType -> Text -> CreateAuthorizer
- data CreateAuthorizer
- caAuthorizerURI :: Lens' CreateAuthorizer (Maybe Text)
- caIdentityValidationExpression :: Lens' CreateAuthorizer (Maybe Text)
- caProviderARNs :: Lens' CreateAuthorizer [Text]
- caAuthorizerResultTtlInSeconds :: Lens' CreateAuthorizer (Maybe Int)
- caAuthType :: Lens' CreateAuthorizer (Maybe Text)
- caAuthorizerCredentials :: Lens' CreateAuthorizer (Maybe Text)
- caRestAPIId :: Lens' CreateAuthorizer Text
- caName :: Lens' CreateAuthorizer Text
- caType :: Lens' CreateAuthorizer AuthorizerType
- caIdentitySource :: Lens' CreateAuthorizer Text
- authorizer :: Authorizer
- data Authorizer
- aAuthorizerURI :: Lens' Authorizer (Maybe Text)
- aIdentityValidationExpression :: Lens' Authorizer (Maybe Text)
- aProviderARNs :: Lens' Authorizer [Text]
- aName :: Lens' Authorizer (Maybe Text)
- aId :: Lens' Authorizer (Maybe Text)
- aAuthorizerResultTtlInSeconds :: Lens' Authorizer (Maybe Int)
- aAuthType :: Lens' Authorizer (Maybe Text)
- aType :: Lens' Authorizer (Maybe AuthorizerType)
- aIdentitySource :: Lens' Authorizer (Maybe Text)
- aAuthorizerCredentials :: Lens' Authorizer (Maybe Text)
Creating a Request
Creates a value of CreateAuthorizer
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
caAuthorizerURI
- [Required] Specifies the authorizer's Uniform Resource Identifier (URI).caIdentityValidationExpression
- A validation expression for the incoming identity.caProviderARNs
- A list of the Cognito Your User Pool authorizer's provider ARNs.caAuthorizerResultTtlInSeconds
- The TTL of cached authorizer results.caAuthType
- Optional customer-defined field, used in Swagger imports/exports. Has no functional impact.caAuthorizerCredentials
- Specifies the credentials required for the authorizer, if any.caRestAPIId
- TheRestApi
identifier under which theAuthorizer
will be created.caName
- [Required] The name of the authorizer.caType
- [Required] The type of the authorizer.caIdentitySource
- [Required] The source of the identity in an incoming request.
data CreateAuthorizer Source #
Request to add a new Authorizer
to an existing RestApi
resource.
See: createAuthorizer
smart constructor.
Request Lenses
caAuthorizerURI :: Lens' CreateAuthorizer (Maybe Text) Source #
- Required
- Specifies the authorizer's Uniform Resource Identifier (URI).
caIdentityValidationExpression :: Lens' CreateAuthorizer (Maybe Text) Source #
A validation expression for the incoming identity.
caProviderARNs :: Lens' CreateAuthorizer [Text] Source #
A list of the Cognito Your User Pool authorizer's provider ARNs.
caAuthorizerResultTtlInSeconds :: Lens' CreateAuthorizer (Maybe Int) Source #
The TTL of cached authorizer results.
caAuthType :: Lens' CreateAuthorizer (Maybe Text) Source #
Optional customer-defined field, used in Swagger imports/exports. Has no functional impact.
caAuthorizerCredentials :: Lens' CreateAuthorizer (Maybe Text) Source #
Specifies the credentials required for the authorizer, if any.
caRestAPIId :: Lens' CreateAuthorizer Text Source #
The RestApi
identifier under which the Authorizer
will be created.
caType :: Lens' CreateAuthorizer AuthorizerType Source #
- Required
- The type of the authorizer.
caIdentitySource :: Lens' CreateAuthorizer Text Source #
- Required
- The source of the identity in an incoming request.
Destructuring the Response
authorizer :: Authorizer Source #
Creates a value of Authorizer
with the minimum fields required to make a request.
Use one of the following lenses to modify other fields as desired:
aAuthorizerURI
- [Required] Specifies the authorizer's Uniform Resource Identifier (URI). ForTOKEN
authorizers, this must be a well-formed Lambda function URI, for example,arn:aws:apigateway:us-west-2:lambda:path2015-03-31functionsarn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}invocations
. In general, the URI has this formarn:aws:apigateway:{region}:lambda:path/{service_api}
, where{region}
is the same as the region hosting the Lambda function,path
indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial/
. For Lambda functions, this is usually of the form 2015-03-31functions[FunctionARN]invocations.aIdentityValidationExpression
- A validation expression for the incoming identity. ForTOKEN
authorizers, this value should be a regular expression. The incoming token from the client is matched against this expression, and will proceed if the token matches. If the token doesn't match, the client receives a 401 Unauthorized response.aProviderARNs
- A list of the provider ARNs of the authorizer. For anTOKEN
authorizer, this is not defined. For authorizers of theCOGNITO_USER_POOLS
type, each element corresponds to a user pool ARN of this format:arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}
.aName
- [Required] The name of the authorizer.aId
- The identifier for the authorizer resource.aAuthorizerResultTtlInSeconds
- The TTL in seconds of cached authorizer results. If greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.aAuthType
- Optional customer-defined field, used in Swagger imports/exports. Has no functional impact.aType
- [Required] The type of the authorizer. Currently, the valid type isTOKEN
for a Lambda function orCOGNITO_USER_POOLS
for an Amazon Cognito user pool.aIdentitySource
- [Required] The source of the identity in an incoming request. For aTOKEN
authorizer, this value is a mapping expression with the same syntax as integration parameter mappings. The only valid source for tokens isheader
, so the expression should match 'method.request.header.[headerName]'. The value of the header '[headerName]' will be interpreted as the incoming token. ForCOGNITO_USER_POOLS
authorizers, this property is used.aAuthorizerCredentials
- Specifies the credentials required for the authorizer, if any. Two options are available. To specify an IAM role for Amazon API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.
data Authorizer Source #
Represents an authorization layer for methods. If enabled on a method, API Gateway will activate the authorizer when a client calls the method.
See: authorizer
smart constructor.
Response Lenses
aAuthorizerURI :: Lens' Authorizer (Maybe Text) Source #
- Required
- Specifies the authorizer's Uniform Resource Identifier (URI). For
TOKEN
authorizers, this must be a well-formed Lambda function URI, for example,arn:aws:apigateway:us-west-2:lambda:path2015-03-31functionsarn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}invocations
. In general, the URI has this formarn:aws:apigateway:{region}:lambda:path/{service_api}
, where{region}
is the same as the region hosting the Lambda function,path
indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial/
. For Lambda functions, this is usually of the form 2015-03-31functions[FunctionARN]invocations.
aIdentityValidationExpression :: Lens' Authorizer (Maybe Text) Source #
A validation expression for the incoming identity. For TOKEN
authorizers, this value should be a regular expression. The incoming token from the client is matched against this expression, and will proceed if the token matches. If the token doesn't match, the client receives a 401 Unauthorized response.
aProviderARNs :: Lens' Authorizer [Text] Source #
A list of the provider ARNs of the authorizer. For an TOKEN
authorizer, this is not defined. For authorizers of the COGNITO_USER_POOLS
type, each element corresponds to a user pool ARN of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}
.
aAuthorizerResultTtlInSeconds :: Lens' Authorizer (Maybe Int) Source #
The TTL in seconds of cached authorizer results. If greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.
aAuthType :: Lens' Authorizer (Maybe Text) Source #
Optional customer-defined field, used in Swagger imports/exports. Has no functional impact.
aType :: Lens' Authorizer (Maybe AuthorizerType) Source #
- Required
- The type of the authorizer. Currently, the valid type is
TOKEN
for a Lambda function orCOGNITO_USER_POOLS
for an Amazon Cognito user pool.
aIdentitySource :: Lens' Authorizer (Maybe Text) Source #
- Required
- The source of the identity in an incoming request. For a
TOKEN
authorizer, this value is a mapping expression with the same syntax as integration parameter mappings. The only valid source for tokens isheader
, so the expression should match 'method.request.header.[headerName]'. The value of the header '[headerName]' will be interpreted as the incoming token. ForCOGNITO_USER_POOLS
authorizers, this property is used.
aAuthorizerCredentials :: Lens' Authorizer (Maybe Text) Source #
Specifies the credentials required for the authorizer, if any. Two options are available. To specify an IAM role for Amazon API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.