Login/Register
How to enable "ApiKeyRequired" property in SAM without explicit swagger definition?
Asked Answered
Solved aws-api-gatewayaws-sam-cliaws-serverlessaws-sam
M

1

4

In cloudformation, AWS::ApiGateway::Method has a boolean property ApiKeyRequired . How can i achieve the same in SAM ?

I know that we can enable using explicit swagger Configuration. which is like this

    {
    "swagger": "2.0",
    "info": {
        "version": "1.0",
        "title": {
              "Ref": "AWS::StackName"
            }
    },
    "x-amazon-apigateway-api-key-source": "HEADER",
    "paths": {
        "/": {
            "get": {
                "x-amazon-apigateway-integration": {
                    "httpMethod": "POST",
                    "type": "aws_proxy",
                    "uri": {
                    "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHelloWorld.Arn}/invocations"
                  }
                },
                "responses": {},
                "security": [
                    {
                        "api_key": []
                    }
                ]
            }
        }
    },
    "securityDefinitions": {
        "api_key": {
            "type": "apiKey",
            "name": "x-api-key",
            "in": "header"
        }
    }
}

Cant it possible with implicit API call in SAM rather than explicitly passing the AWS::Serverless::Api ? Because the swagger code is okay for less endpoints and becomes complex once endpoints got increased. Is there any flag like APIkeyRequired like we have in Cloudformation ?

Any help is appreciated Thanks

Melina answered 22/10, 2018 at 19:2 Comment(3)
I haven't tried this but have you looked at docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/…. My guess is that if you specify it, it will look for an API key. Then the question would be where do you specify the key? Maybe you still might need to add it to the swagger.Mucor
Thanks @ASR for responding. The above code is just a swagger definition , i am including this in my SAM template in which i am defining API keys and usage plans. I tested it and it worked perfectly. For achieving this i had created my own Swagger Definition and passed explicitly. But usually SAM has implicit API which will create a Swagger definition for us. So, in that i am trying to find out equivalent parameter of APIkeyRequired like we have in CFN .Melina
Ah. ok. Actually I am did the same thing. I don't think an equivalent exists, as there's no mention of it here - github.com/awslabs/serverless-application-model/blob/master/…. However, if you find a solution, please do post.Mucor
D
0

Now ApiKeyRequired is supported at both the AWS::Serverless::Api and AWS::Serverless::Function level in SAM.

Here is an example from the AWS Documentation:

Resources:
  MyApi:
    Type: AWS::Serverless::Api
    Properties:
      StageName: Prod
      Auth:
        ApiKeyRequired: true # sets for all methods

  MyFunction:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: .
      Handler: index.handler
      Runtime: nodejs8.10
      Events:
        ApiKey:
          Type: Api
          Properties:
            RestApiId: !Ref MyApi
            Path: /
            Method: get
            Auth:
              ApiKeyRequired: true

You can also learn about this from the following resources:

  • AWS Official Documentation here.
  • This walkthrough blog post by Sarthak Jain.
Diastase answered 27/5, 2020 at 17:51 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.