问题描述
通过描述模板中的所有内容并且没有 OpenApi 定义,我设法为通过(专用)ApiKey 进行身份验证的 API GW 后面的 Lambda 定义了一个模板。
尝试引入 Lambda 集成以完成映射时出现问题:似乎只能在 OpenAPI 文档中定义它们,当然,我无法设法进行工作。因为 SAM 验证失败,抱怨 Auth 部分。
Template provided at '/Users/cionzo/PycharmProjects/tatabrain/template.yaml' was invalid SAM Template.
Error: [InvalidResourceException('ApiGateway',"Invalid value for 'Auth' property")] ('ApiGateway',"Invalid value for 'Auth' property")
AWstemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
myToyApp POC
SAM Template for myToyApp POC
# ====================================
# ParaMETERS SETUP
# ====================================
Parameters:
StageParam:
Type: String
Default: dev
Description: (required) Enter dev,test,prod. Default is dev.
AllowedValues:
- dev
- test
- prod
ProjectName:
Type: String
Default: myToyApp
Description: (required) The name of the project
MinLength: 3
MaxLength: 50
AllowedPattern: ^[A-Za-z_-]+$
ConstraintDescription: "required. Can be characters,hyphen,and underscore only. No numbers or special characters allowed."
Mappings:
Stage2Settings:
LoggingLevel:
dev: "INFO"
test: "INFO"
prod: "ERROR"
Globals:
Function:
Timeout: 60
Resources:
ApiGateway:
Type: AWS::Serverless::Api
Properties:
Name: !Sub "${ProjectName}_${StageParam}"
StageName: !Ref StageParam
MethodSettings:
- LoggingLevel: !FindInMap [ Stage2Settings,"LoggingLevel",!Ref StageParam ]
ResourcePath: '/*' # allows for logging on any resource
HttpMethod: '*' # allows for logging on any method
DataTraceEnabled: true # Put logs into cloudwatch
MetricsEnabled: true # Enable detailed metrics (error 404,latence,...)
Auth:
ApiKeyrequired: true
UsagePlan:
CreateUsagePlan: PER_API
Description: Usage plan for this API
DeFinitionBody:
openapi: 3.0.0
info:
title: "Hello Api"
version: 0.3.0
description: "This is an example OpenAPI specification"
termsOfService: "http://example.com/tos"
contact:
email: "example@example.com"
x-amazon-apigateway-request-validators:
all:
validateRequestBody: true
validateRequestParameters: true
params:
validateRequestBody: true
validateRequestParameters: true
body:
validateRequestBody: true
validateRequestParameters: false
paths:
/processData:
post:
operationId: processData
description: Test sam local functionality with API Gateway & Open API
myToyAppPOCFunction:
Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
Properties:
CodeUri: myLambdaCodeFolder/
Handler: app.lambda_handler
Runtime: python3.8
FunctionName: !Sub "${ProjectName}_DataProcessor_${StageParam}"
Events:
HelloWorld:
Type: Api # More info about API Event Source: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api
Properties:
Path: /processData
Method: POST
RestApiId: !Ref ApiGateway
Outputs:
# ServerlessRestApi is an implicit API created out of Events key under Serverless::Function
# Find out more about other implicit resources you can reference within SAM
# https://github.com/awslabs/serverless-application-model/blob/master/docs/internals/generated_resources.rst#api
myToyAppPOCApi:
Description: "API Gateway endpoint URL for myToyAppPOCFunction"
Value: !Sub "https://${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com/${StageParam}/processData/"
myToyAppPOCFunction:
Description: "myToyAppPOCFunction Lambda Function ARN"
Value: "myToyAppPOCFunction"
myToyAppPOCFunctionIamRole:
Description: "Implicit IAM Role created for Hello World function"
Value: !GetAtt myToyAppPOCFunctionRole.Arn
解决方法
您的 Auth
属性语法包含不正确的 DefinitionBody
属性。
要修复您列出的错误,请取消缩进 DefinitionBody
块,使其父项为 Properties
,而不是 Auth
ApiGateway:
Type: AWS::Serverless::Api
Properties:
Name: !Sub "${ProjectName}_${StageParam}"
StageName: !Ref StageParam
MethodSettings:
- LoggingLevel: !FindInMap [ Stage2Settings,"LoggingLevel",!Ref StageParam ]
ResourcePath: '/*' # allows for logging on any resource
HttpMethod: '*' # allows for logging on any method
DataTraceEnabled: true # Put logs into cloudwatch
MetricsEnabled: true # Enable detailed metrics (error 404,latence,...)
Auth:
ApiKeyRequired: true
UsagePlan:
CreateUsagePlan: PER_API
Description: Usage plan for this API
DefinitionBody:
openapi: 3.0.0
info:
title: "Hello Api"
version: 0.3.0
description: "This is an example OpenAPI specification"
termsOfService: "http://example.com/tos"
contact:
email: "example@example.com"
x-amazon-apigateway-request-validators:
all:
validateRequestBody: true
validateRequestParameters: true
params:
validateRequestBody: true
validateRequestParameters: true
body:
validateRequestBody: true
validateRequestParameters: false
paths:
/processData:
post:
operationId: processData
description: Test sam local functionality with API Gateway & Open API
有关正确语法的更多信息,请查看文档:
- AWS::Serverless::Api,https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html#sam-resource-api-syntax
- ApiAuth(Auth 属性):https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-apiauth.html#sam-property-api-apiauth-syntax