问题描述
我有一个对方法使用 Cognito 授权的 API,但作为一项新要求,我必须为不使用 Cognito 进行身份验证的外部应用程序公开 API 资源,因此我尝试为CloudFormation 中该资源中的方法。
- 在云形成的 Auth 部分添加 ApiKeyrequired,但这将添加我不想要的所有方法所需的 api 密钥。
- 在 API 安全定义中添加 API 密钥,然后在方法安全性文件中使用它,这对我不起作用。
- 添加 Auth: ApiKeyrequired: true on serverless::function 事件映射,我在使用 API 时没有在云形成中使用过:
ApiKey:
Type: 'AWS::ApiGateway::ApiKey'
Properties:
Name: TestApiKey
Description: CloudFormation API Key V1
Enabled: 'true'
Metadata:
'AWS::CloudFormation::Designer':
id: cefbfee8-1c94-4626-8edb-f06948b8c8b1
UsagePlan:
Type: 'AWS::ApiGateway::UsagePlan'
Properties:
Throttle:
RateLimit: 100
BurstLimit: 200
UsagePlanName: Api-connector-UsagePlan
Description: Customer ABC's usage plan
Quota:
Limit: 5000
Period: MONTH
Metadata:
'AWS::CloudFormation::Designer':
id: 8bb85635-49a3-43ae-8608-77504515b9d4
UsagePlanKey:
Type: 'AWS::ApiGateway::UsagePlanKey'
Properties:
KeyType: API_KEY
KeyId: !Ref ApiKey
UsagePlanId: !Ref UsagePlan
Metadata:
'AWS::CloudFormation::Designer':
id: 4a12254b-0688-4700-a970-aa9df3c4363c
ConfiguratorAPI:
Type: 'AWS::Serverless::Api'
Properties:
Name: configurator
StageName: !Ref Stage
DeFinitionBody:
swagger: '2.0'
info:
version: '2017-11-22T12:00:06Z'
title: !Ref 'AWS::StackName'
schemes:
- https
paths:
'/<path>':
get:
produces:
- application/json
responses:
'200':
description: 200 response
schema:
$ref: '#/deFinitions/Empty'
headers:
Access-Control-Allow-Origin:
type: string
security:
- api_key: []
x-amazon-apigateway-integration:
uri: !Sub >-
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${Lambda.Arn}:${Stage}/invocations
responses:
default:
statusCode: '200'
responseParameters:
method.response.header.Access-Control-Allow-Origin: '''*'''
passthroughBehavior: when_no_match
httpMethod: POST
contentHandling: CONVERT_TO_TEXT
type: aws_proxy
securityDeFinitions:
NONE: []
api_key:
type: apiKey
name: !Ref ApiKey
in: header
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)