我不明白为什么在部署此模板后,我在 AWS 控制台的“授权者”选项卡下看不到此 API 的任何授权者。
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
Description here
Globals:
Function:
Timeout: 3
Resources:
ProductGet:
Type: AWS::Serverless::Function
Properties:
CodeUri: ./
Handler: product-get.lambda_handler
Runtime: python3.8
Role: "particular role here"
Events:
ProductGet:
Type: Api
Properties:
Path: /product-get
Method: post
Auth:
Authorizers:
MyCognitoAuth:
UserPoolArn: "user pool arn here"
AuthType: "COGNITO_USER_POOLS"
DefaultAuthorizer: MyCognitoAuth
想通了。 您无法在“事件”部分定义授权者。 如果您的 API 需要授权者,您必须将该 API 定义为单独的资源,并使用 APIid 将其链接到事件。
下面是示例代码。
MyApi:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
Auth:
DefaultAuthorizer: MyCognitoAuth # OPTIONAL
Authorizers:
MyCognitoAuth:
Type: COGNITO_USER_POOLS
# Can also accept an array
UserPoolArn: "user pool arn here"
ProductGet:
Type: AWS::Serverless::Function
Properties:
CodeUri: ./
Handler: product-get.lambda_handler
Runtime: python3.8
Role: 'role ARN here'
Events:
ProductGet:
Type: Api
Properties:
Path: /product-get
Method: post
RestApiId: !Ref MyApi #This is how you need to refer to your API
Auth:
Authorizer: MyCognitoAuth