def _get_permission(self, authorizer_name, authorizer_lambda_function_arn):
"""Constructs and returns the Lambda Permission resource allowing the Authorizer to invoke the function.
:returns: the permission resource
:rtype: model.lambda_.LambdaPermission
"""
rest_api = ApiGatewayRestApi(self.logical_id,
depends_on=self.depends_on)
api_id = rest_api.get_runtime_attr('rest_api_id')
partition = ArnGenerator.get_partition_name()
resource = '${__ApiId__}/authorizers/*'
source_arn = fnSub(
ArnGenerator.generate_arn(partition=partition,
service='execute-api',
resource=resource),
{"__ApiId__": api_id})
lambda_permission = LambdaPermission(self.logical_id +
authorizer_name +
'AuthorizerPermission')
lambda_permission.Action = 'lambda:invokeFunction'
lambda_permission.FunctionName = authorizer_lambda_function_arn
lambda_permission.Principal = 'apigateway.amazonaws.com'
lambda_permission.SourceArn = source_arn
return lambda_permission
def _get_permission(self, authorizer_name, authorizer_lambda_function_arn):
"""Constructs and returns the Lambda Permission resource allowing the Authorizer to invoke the function.
:returns: the permission resource
:rtype: model.lambda_.LambdaPermission
"""
rest_api = ApiGatewayRestApi(self.logical_id, depends_on=self.depends_on, attributes=self.resource_attributes)
api_id = rest_api.get_runtime_attr("rest_api_id")
partition = ArnGenerator.get_partition_name()
resource = "${__ApiId__}/authorizers/*"
source_arn = fnSub(
ArnGenerator.generate_arn(partition=partition, service="execute-api", resource=resource),
{"__ApiId__": api_id},
)
lambda_permission = LambdaPermission(
self.logical_id + authorizer_name + "AuthorizerPermission", attributes=self.passthrough_resource_attributes
)
lambda_permission.Action = "lambda:InvokeFunction"
lambda_permission.FunctionName = authorizer_lambda_function_arn
lambda_permission.Principal = "apigateway.amazonaws.com"
lambda_permission.SourceArn = source_arn
return lambda_permission
def _construct_rest_api(self):
"""Constructs and returns the ApiGateway RestApi.
:returns: the RestApi to which this SAM Api corresponds
:rtype: model.apigateway.ApiGatewayRestApi
"""
rest_api = ApiGatewayRestApi(self.logical_id, depends_on=self.depends_on)
rest_api.BinaryMediaTypes = self.binary_media
if self.endpoint_configuration:
self._set_endpoint_configuration(rest_api, self.endpoint_configuration)
elif not RegionConfiguration.is_apigw_edge_configuration_supported():
# Since this region does not support EDGE configuration, we explicitly set the endpoint type
# to Regional which is the only supported config.
self._set_endpoint_configuration(rest_api, "REGIONAL")
if self.definition_uri and self.definition_body:
raise InvalidResourceException(self.logical_id,
"Specify either 'DefinitionUri' or 'DefinitionBody' property and not both")
self._add_cors()
self._add_auth()
if self.definition_uri:
rest_api.BodyS3Location = self._construct_body_s3_dict()
elif self.definition_body:
rest_api.Body = self.definition_body
if self.name:
rest_api.Name = self.name
return rest_api
def _construct_rest_api(self):
"""Constructs and returns the ApiGateway RestApi.
:returns: the RestApi to which this SAM Api corresponds
:rtype: model.apigateway.ApiGatewayRestApi
"""
rest_api = ApiGatewayRestApi(self.logical_id,
depends_on=self.depends_on,
attributes=self.resource_attributes)
# NOTE: For backwards compatibility we need to retain BinaryMediaTypes on the CloudFormation Property
# Removing this and only setting x-amazon-apigateway-binary-media-types results in other issues.
rest_api.BinaryMediaTypes = self.binary_media
rest_api.MinimumCompressionSize = self.minimum_compression_size
if self.endpoint_configuration:
self._set_endpoint_configuration(rest_api,
self.endpoint_configuration)
elif not RegionConfiguration.is_apigw_edge_configuration_supported():
# Since this region does not support EDGE configuration, we explicitly set the endpoint type
# to Regional which is the only supported config.
self._set_endpoint_configuration(rest_api, "REGIONAL")
if self.definition_uri and self.definition_body:
raise InvalidResourceException(
self.logical_id,
"Specify either 'DefinitionUri' or 'DefinitionBody' property and not both."
)
if self.open_api_version:
if not SwaggerEditor.safe_compare_regex_with_string(
SwaggerEditor.get_openapi_versions_supported_regex(),
self.open_api_version):
raise InvalidResourceException(
self.logical_id,
"The OpenApiVersion value must be of the format '3.0.0'.")
self._add_cors()
self._add_auth()
self._add_gateway_responses()
self._add_binary_media_types()
self._add_models()
if self.definition_uri:
rest_api.BodyS3Location = self._construct_body_s3_dict()
elif self.definition_body:
# # Post Process OpenApi Auth Settings
self.definition_body = self._openapi_postprocess(
self.definition_body)
rest_api.Body = self.definition_body
if self.name:
rest_api.Name = self.name
if self.description:
rest_api.Description = self.description
return rest_api
def _get_permission(self, authorizer_name, authorizer_lambda_function_arn):
"""Constructs and returns the Lambda Permission resource allowing the Authorizer to invoke the function.
:returns: the permission resource
:rtype: model.lambda_.LambdaPermission
"""
rest_api = ApiGatewayRestApi(self.logical_id, depends_on=self.depends_on)
api_id = rest_api.get_runtime_attr('rest_api_id')
partition = ArnGenerator.get_partition_name()
resource = '${__ApiId__}/authorizers/*'
source_arn = fnSub(ArnGenerator.generate_arn(partition=partition, service='execute-api', resource=resource),
{"__ApiId__": api_id})
lambda_permission = LambdaPermission(self.logical_id + authorizer_name + 'AuthorizerPermission')
lambda_permission.Action = 'lambda:invokeFunction'
lambda_permission.FunctionName = authorizer_lambda_function_arn
lambda_permission.Principal = 'apigateway.amazonaws.com'
lambda_permission.SourceArn = source_arn
return lambda_permission
def _construct_rest_api(self):
"""Constructs and returns the ApiGateway RestApi.
:returns: the RestApi to which this SAM Api corresponds
:rtype: model.apigateway.ApiGatewayRestApi
"""
rest_api = ApiGatewayRestApi(self.logical_id, depends_on=self.depends_on)
rest_api.BinaryMediaTypes = self.binary_media
if self.endpoint_configuration:
self._set_endpoint_configuration(rest_api, self.endpoint_configuration)
elif not RegionConfiguration.is_apigw_edge_configuration_supported():
# Since this region does not support EDGE configuration, we explicitly set the endpoint type
# to Regional which is the only supported config.
self._set_endpoint_configuration(rest_api, "REGIONAL")
if self.definition_uri and self.definition_body:
raise InvalidResourceException(self.logical_id,
"Specify either 'DefinitionUri' or 'DefinitionBody' property and not both")
self._add_cors()
if self.definition_uri:
rest_api.BodyS3Location = self._construct_body_s3_dict()
elif self.definition_body:
rest_api.Body = self.definition_body
if self.name:
rest_api.Name = self.name
return rest_api