amazonka-apigateway-1.4.5: Amazon API Gateway SDK.

Copyright(c) 2013-2016 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay@gmail.com>
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellNone
LanguageHaskell2010

Network.AWS.APIGateway.CreateAuthorizer

Contents

Description

Adds a new Authorizer resource to an existing RestApi resource.

AWS CLI

Synopsis

Creating a Request

createAuthorizer Source #

Arguments

:: Text

caRestAPIId

-> Text

caName

-> AuthorizerType

caType

-> Text

caIdentitySource

-> CreateAuthorizer 

Creates a value of CreateAuthorizer with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

data CreateAuthorizer Source #

Request to add a new Authorizer to an existing RestApi resource.

See: createAuthorizer smart constructor.

Instances

Eq CreateAuthorizer Source # 
Data CreateAuthorizer Source # 

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> CreateAuthorizer -> c CreateAuthorizer #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c CreateAuthorizer #

toConstr :: CreateAuthorizer -> Constr #

dataTypeOf :: CreateAuthorizer -> DataType #

dataCast1 :: Typeable (* -> *) t => (forall d. Data d => c (t d)) -> Maybe (c CreateAuthorizer) #

dataCast2 :: Typeable (* -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c CreateAuthorizer) #

gmapT :: (forall b. Data b => b -> b) -> CreateAuthorizer -> CreateAuthorizer #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> CreateAuthorizer -> r #

gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> CreateAuthorizer -> r #

gmapQ :: (forall d. Data d => d -> u) -> CreateAuthorizer -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> CreateAuthorizer -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> CreateAuthorizer -> m CreateAuthorizer #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> CreateAuthorizer -> m CreateAuthorizer #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> CreateAuthorizer -> m CreateAuthorizer #

Read CreateAuthorizer Source # 
Show CreateAuthorizer Source # 
Generic CreateAuthorizer Source # 
Hashable CreateAuthorizer Source # 
ToJSON CreateAuthorizer Source # 
NFData CreateAuthorizer Source # 

Methods

rnf :: CreateAuthorizer -> () #

AWSRequest CreateAuthorizer Source # 
ToPath CreateAuthorizer Source # 
ToHeaders CreateAuthorizer Source # 
ToQuery CreateAuthorizer Source # 
type Rep CreateAuthorizer Source # 
type Rs CreateAuthorizer Source # 

Request Lenses

caAuthorizerURI :: Lens' CreateAuthorizer (Maybe Text) Source #

Required
Specifies the authorizer's Uniform Resource Identifier (URI).

caIdentityValidationExpression :: Lens' CreateAuthorizer (Maybe Text) Source #

A validation expression for the incoming identity.

caProviderARNs :: Lens' CreateAuthorizer [Text] Source #

A list of the Cognito Your User Pool authorizer's provider ARNs.

caAuthorizerResultTtlInSeconds :: Lens' CreateAuthorizer (Maybe Int) Source #

The TTL of cached authorizer results.

caAuthType :: Lens' CreateAuthorizer (Maybe Text) Source #

Optional customer-defined field, used in Swagger imports/exports. Has no functional impact.

caAuthorizerCredentials :: Lens' CreateAuthorizer (Maybe Text) Source #

Specifies the credentials required for the authorizer, if any.

caRestAPIId :: Lens' CreateAuthorizer Text Source #

The RestApi identifier under which the Authorizer will be created.

caName :: Lens' CreateAuthorizer Text Source #

Required
The name of the authorizer.

caType :: Lens' CreateAuthorizer AuthorizerType Source #

Required
The type of the authorizer.

caIdentitySource :: Lens' CreateAuthorizer Text Source #

Required
The source of the identity in an incoming request.

Destructuring the Response

authorizer :: Authorizer Source #

Creates a value of Authorizer with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

  • aAuthorizerURI - [Required] Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN authorizers, this must be a well-formed Lambda function URI, for example, arn:aws:apigateway:us-west-2:lambda:path2015-03-31functionsarn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}invocations . In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api} , where {region} is the same as the region hosting the Lambda function, path indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial / . For Lambda functions, this is usually of the form 2015-03-31functions[FunctionARN]invocations.
  • aIdentityValidationExpression - A validation expression for the incoming identity. For TOKEN authorizers, this value should be a regular expression. The incoming token from the client is matched against this expression, and will proceed if the token matches. If the token doesn't match, the client receives a 401 Unauthorized response.
  • aProviderARNs - A list of the provider ARNs of the authorizer. For an TOKEN authorizer, this is not defined. For authorizers of the COGNITO_USER_POOLS type, each element corresponds to a user pool ARN of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id} .
  • aName - [Required] The name of the authorizer.
  • aId - The identifier for the authorizer resource.
  • aAuthorizerResultTtlInSeconds - The TTL in seconds of cached authorizer results. If greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.
  • aAuthType - Optional customer-defined field, used in Swagger imports/exports. Has no functional impact.
  • aType - [Required] The type of the authorizer. Currently, the valid type is TOKEN for a Lambda function or COGNITO_USER_POOLS for an Amazon Cognito user pool.
  • aIdentitySource - [Required] The source of the identity in an incoming request. For a TOKEN authorizer, this value is a mapping expression with the same syntax as integration parameter mappings. The only valid source for tokens is header, so the expression should match 'method.request.header.[headerName]'. The value of the header '[headerName]' will be interpreted as the incoming token. For COGNITO_USER_POOLS authorizers, this property is used.
  • aAuthorizerCredentials - Specifies the credentials required for the authorizer, if any. Two options are available. To specify an IAM role for Amazon API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.

data Authorizer Source #

Represents an authorization layer for methods. If enabled on a method, API Gateway will activate the authorizer when a client calls the method.

Enable custom authorization

See: authorizer smart constructor.

Instances

Eq Authorizer Source # 
Data Authorizer Source # 

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> Authorizer -> c Authorizer #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c Authorizer #

toConstr :: Authorizer -> Constr #

dataTypeOf :: Authorizer -> DataType #

dataCast1 :: Typeable (* -> *) t => (forall d. Data d => c (t d)) -> Maybe (c Authorizer) #

dataCast2 :: Typeable (* -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c Authorizer) #

gmapT :: (forall b. Data b => b -> b) -> Authorizer -> Authorizer #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> Authorizer -> r #

gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> Authorizer -> r #

gmapQ :: (forall d. Data d => d -> u) -> Authorizer -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> Authorizer -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> Authorizer -> m Authorizer #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> Authorizer -> m Authorizer #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> Authorizer -> m Authorizer #

Read Authorizer Source # 
Show Authorizer Source # 
Generic Authorizer Source # 

Associated Types

type Rep Authorizer :: * -> * #

Methods

from :: Authorizer -> Rep Authorizer x #

to :: Rep Authorizer x -> Authorizer #

Hashable Authorizer Source # 
FromJSON Authorizer Source # 
NFData Authorizer Source # 

Methods

rnf :: Authorizer -> () #

type Rep Authorizer Source # 

Response Lenses

aAuthorizerURI :: Lens' Authorizer (Maybe Text) Source #

Required
Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN authorizers, this must be a well-formed Lambda function URI, for example, arn:aws:apigateway:us-west-2:lambda:path2015-03-31functionsarn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}invocations . In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api} , where {region} is the same as the region hosting the Lambda function, path indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial / . For Lambda functions, this is usually of the form 2015-03-31functions[FunctionARN]invocations.

aIdentityValidationExpression :: Lens' Authorizer (Maybe Text) Source #

A validation expression for the incoming identity. For TOKEN authorizers, this value should be a regular expression. The incoming token from the client is matched against this expression, and will proceed if the token matches. If the token doesn't match, the client receives a 401 Unauthorized response.

aProviderARNs :: Lens' Authorizer [Text] Source #

A list of the provider ARNs of the authorizer. For an TOKEN authorizer, this is not defined. For authorizers of the COGNITO_USER_POOLS type, each element corresponds to a user pool ARN of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id} .

aName :: Lens' Authorizer (Maybe Text) Source #

Required
The name of the authorizer.

aId :: Lens' Authorizer (Maybe Text) Source #

The identifier for the authorizer resource.

aAuthorizerResultTtlInSeconds :: Lens' Authorizer (Maybe Int) Source #

The TTL in seconds of cached authorizer results. If greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.

aAuthType :: Lens' Authorizer (Maybe Text) Source #

Optional customer-defined field, used in Swagger imports/exports. Has no functional impact.

aType :: Lens' Authorizer (Maybe AuthorizerType) Source #

Required
The type of the authorizer. Currently, the valid type is TOKEN for a Lambda function or COGNITO_USER_POOLS for an Amazon Cognito user pool.

aIdentitySource :: Lens' Authorizer (Maybe Text) Source #

Required
The source of the identity in an incoming request. For a TOKEN authorizer, this value is a mapping expression with the same syntax as integration parameter mappings. The only valid source for tokens is header, so the expression should match 'method.request.header.[headerName]'. The value of the header '[headerName]' will be interpreted as the incoming token. For COGNITO_USER_POOLS authorizers, this property is used.

aAuthorizerCredentials :: Lens' Authorizer (Maybe Text) Source #

Specifies the credentials required for the authorizer, if any. Two options are available. To specify an IAM role for Amazon API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.