aws-cdk-lib.aws_appsync.CfnGraphQLApi.LambdaAuthorizerConfigProperty

interface LambdaAuthorizerConfigProperty

LanguageType name
.NETAmazon.CDK.AWS.AppSync.CfnGraphQLApi.LambdaAuthorizerConfigProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsappsync#CfnGraphQLApi_LambdaAuthorizerConfigProperty
Javasoftware.amazon.awscdk.services.appsync.CfnGraphQLApi.LambdaAuthorizerConfigProperty
Pythonaws_cdk.aws_appsync.CfnGraphQLApi.LambdaAuthorizerConfigProperty
TypeScript aws-cdk-lib » aws_appsync » CfnGraphQLApi » LambdaAuthorizerConfigProperty

Configuration for AWS Lambda function authorization.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_appsync as appsync } from 'aws-cdk-lib';
const lambdaAuthorizerConfigProperty: appsync.CfnGraphQLApi.LambdaAuthorizerConfigProperty = {
  authorizerResultTtlInSeconds: 123,
  authorizerUri: 'authorizerUri',
  identityValidationExpression: 'identityValidationExpression',
};

Properties

NameTypeDescription
authorizerResultTtlInSeconds?numberThe number of seconds a response should be cached for.
authorizerUri?stringThe ARN of the Lambda function to be called for authorization.
identityValidationExpression?stringA regular expression for validation of tokens before the Lambda function is called.

authorizerResultTtlInSeconds?

Type: number (optional)

The number of seconds a response should be cached for.

The default is 0 seconds, which disables caching. If you don't specify a value for authorizerResultTtlInSeconds , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a ttlOverride key in its response.


authorizerUri?

Type: string (optional)

The ARN of the Lambda function to be called for authorization.

This may be a standard Lambda ARN, a version ARN ( .../v3 ) or alias ARN.

Note : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To do so with the AWS CLI , run the following:

aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction


identityValidationExpression?

Type: string (optional)

A regular expression for validation of tokens before the Lambda function is called.