问题描述
我对jwt授权者lambda函数的策略大小有问题,所以我想通过配置serverless.yml文件来减小策略大小,以使用通配符(*)生成策略。是否可以为serverless.yml中的所有功能设置全局授权者。
这是我基于资源的策略的示例
{
"Sid": "1","Effect": "Allow","Principal": {
"Service": "apigateway.amazonaws.com"
},"Action": "lambda:InvokeFunction","Resource": "arn:aws:lambda:ap-southeast-1-jwtAuthorizer","Condition": {
"ArnLike": {
"AWS:SourceArn": "arn:aws:execute-api:ap-southeast-1-abcdefg123"
}
}
},{
"Sid": "2","Condition": {
"ArnLike": {
"AWS:SourceArn": "arn:aws:execute-api:ap-southeast-1-abcdefg456"
}
}
},我想这样更改它。
{
"Sid": "1","Condition": {
"ArnLike": {
"AWS:SourceArn": "arn:aws:execute-api:ap-southeast-1-*"
}
}
}
serverless.yml文件的示例。 我为每个功能设置了授权者。 我想将其更改为全局。
functions:
searchByProvince:
handler: handler.searchByProvince
reservedConcurrency: 10
events:
- http:
path: /
method: get
cors:
origin: "*"
authorizer:
arn: arn:aws:lambda:${self:provider.region}:${self:custom.accountId}:jwtAuthorizer
province:
handler: handler.province
reservedConcurrency: 10
events:
- http:
path: /provinces
method: get
cors:
origin: "*"
authorizer:
arn: arn:aws:lambda:${self:provider.region}:${self:custom.accountId}:-${self:provider.stage}-jwtAuthorizer
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)