gpt4 book ai didi

amazon-web-services - 将授权者和 cors 添加到 CloudFormation json

转载 作者:行者123 更新时间:2023-12-03 07:27:06 26 4
gpt4 key购买 nike

我有这个资源:

"MyUserAuthorizer": {
"Type": "AWS::Serverless::Function",
"Properties": {
"Handler": "MyProject::MyProject.Functions::UserAuthorizer",
"Runtime": "dotnetcore3.1",
"CodeUri": "",
"Description": "authorizer",
"MemorySize": 256,
"Timeout": 30,
"Role": null,
"Policies": [
"AWSLambdaFullAccess"
]
}
}

我想添加一个将使用此 MyUserAuthorizer lambda 的 AWS::ApiGateway::Authorizer 资源。我试过这个:

"Auth": {
"Type" : "AWS::ApiGateway::Authorizer",
"Properties" : {
"AuthorizerCredentials" : null,
"AuthorizerResultTtlInSeconds" : 300,
"IdentitySource": "method.request.header.Authorization",
"Name" : "Auth",
"Type" : "TOKEN"
}
}

,如何将其连接到 lambda 授权者函数?我在 json 中只有其他 lambda 函数。我应该有 api 网关定义吗?如何为所有 lambda 函数添​​加 CORS 支持?

最佳答案

将您的函数与授权者连接:

            MYRestApiAuthorizer:
Type: AWS::ApiGateway::Authorizer
Properties:
RestApiId: !Ref HelloCORSRestApi
Name: "MyAuthorizer"
Type: TOKEN
IdentitySource: "method.request.header.Authorization"
AuthorizerUri: !GetAtt MyUserAuthorizer.Arn

启用 CORS:

    .....

HelloCORSRestApiResource:
Type: 'AWS::ApiGateway::Resource'
Properties:
RestApiId: !Ref HelloCORSRestApi
ParentId: !GetAtt
- HelloCORSRestApi
- RootResourceId
PathPart: hello


HelloCORSRestApiRequestGET:
Type: 'AWS::ApiGateway::Method'
Properties:
AuthorizationType: CUSTOM
AuthorizerId: !MYRestApiAuthorizer
HttpMethod: GET
Integration:
Type: AWS
IntegrationHttpMethod: POST
Uri: ....
IntegrationResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Methods: "'GET,POST,PUT,DELETE,OPTIONS'"
method.response.header.Access-Control-Allow-Origin: "'*'"

ResourceId: !Ref HelloCORSRestApiResource
RestApiId: !Ref HelloCORSRestApi
MethodResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: true
method.response.header.Access-Control-Allow-Methods: true
method.response.header.Access-Control-Allow-Origin: true

......

    OptionsMethod:
Type: AWS::ApiGateway::Method
Properties:
AuthorizationType: NONE
RestApiId: !Ref HelloCORSRestApi
ResourceId: !Ref: HelloCORSRestApiResource
HttpMethod: OPTIONS
Integration:
IntegrationResponses:
- StatusCode: 200
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
method.response.header.Access-Control-Allow-Methods: "'<UPDATE_HTTP_METHODS_HERE>'"
method.response.header.Access-Control-Allow-Origin: "'*'"
ResponseTemplates:
application/json: ''
PassthroughBehavior: when_no_match
RequestTemplates:
application/json: '{"statusCode": 200}'
Type: MOCK
MethodResponses:
- StatusCode: 200
ResponseModels:
application/json: 'Empty'
ResponseParameters:
method.response.header.Access-Control-Allow-Headers: false
method.response.header.Access-Control-Allow-Methods: false
method.response.header.Access-Control-Allow-Origin: false

如果您想查看的话,还有更多内容 here

关于amazon-web-services - 将授权者和 cors 添加到 CloudFormation json,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/65499806/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com