- [ ] Swagger/Open API models
- [ ] [Authorizers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-authorizer.html)
- [ ] Method options:
RequestValidatorId,RequestModels,RequestParameters,MethodResponses - [x] [Custom domains](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html): #3103
- [x] [API keys](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html)
- [ ] [Base path mapping](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-basepathmapping.html)
- [ ] [Client certificates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-clientcertificate.html)
- [ ] Documentation (part and version)
- [x] [Model](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-model.html)
- [x] [Request validators](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-requestvalidator.html)
- [x] [Usage plans](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html)
- [ ] [VPC Links](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-vpclink.html)
eladb
All 23 comments
Looks like VPC Links were added in https://github.com/awslabs/aws-cdk/pull/1541 but perhaps there is more to that feature?
SpainTrain
on 9 Feb 2019
Since the feature for MethodResponse is missing, Is there another way to add a method response to an API via .net core? I found this:
https://stackoverflow.com/questions/52752201/enabling-cors-for-aws-api-gateway-with-the-aws-cdk
but I'm not finding a way to translate that into .net core.. the closest i've gotten is this:
using AGW = Amazon.CDK.AWS.APIGateway;
//....jumping to the relevant part......
AGW.HttpIntegrationProps hip = new AGW.HttpIntegrationProps();
AGW.HttpIntegration awsHttpinteg = new AGW.HttpIntegration("http://some_api_here",hip);
AGW.CfnMethod.MethodResponseProperty mp = new AGW.CfnMethod.MethodResponseProperty();
var methd = api.Root.AddMethod("GET",awsHttpinteg,methOps);
var rps =new Dictionary
rps.Add("Access-Control-Allow-Origin", "'*'");
mp.ResponseParameters = rps;
mp.StatusCode = "200";
// now how do i attach that to the method? :(
// i.e. is there a workaround until the feature gets implemented?
// or do I have to go in manually and add it?
dswhitener
on 13 Feb 2019
For the record, I found this.. you can use the AWS cli to add a new method response,
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-settings-method-response.html
for anyone stuck by the feature not being available in the CDK.
(so much easier to migrate when it's a reproducible command / code instead of directions for point-click in a UI)
dswhitener
on 20 Feb 2019
@dswhitener Did you find the solution for the CORS? I'm able to set the CORS for the OPTIONS method, but for instance if I want to add a GET method which integrates with a Lambda I'm not able to enable CORS.
AlexRex
on 7 May 2019
Not sure everything was fixed with the PR :) ?
ranguard
on 28 May 2019
@ranguard Correct, only api keys and usage plans.
orangewise
on 28 May 2019
What about domain names? Someone find out how to do it?
AlexRex
on 30 May 2019
What about Swagger/Open API models?
abbottdev
on 4 Jun 2019
I know that this isn't a support forum, but this issue is one of the top results on Google. If it's inappropriate, please move it or let me know where to post.
For anyone who is looking to use the CDK, but got bitten by one of these missing features. There is an official way to work around these issues. Basically we can alter the CloudFormation resources directly. Similar concept to boto3 clients.
Here is an example of how to add an Authorizer in Python.
Assume we have an API Gateway and a POST a method:
api_gw = aws_apigateway.RestApi(self, 'MyApp')
post_method = api_gw.root.add_method(http_method='POST')
Set the authorizer using a low level CfnResource:
api_gw_authorizer = aws_apigateway.CfnAuthorizer(
scope=self,
id='my_authorizer',
rest_api_id=api_gw.rest_api_id,
name='MyAuth',
type='COGNITO_USER_POOLS',
identity_source='method.request.header.name.Authorization',
provider_arns=[
'arn:aws:cognito-idp:eu-west-1:123456789012:userpool/'
'eu-west-1_MyCognito'])
Get the underlying CfnResource for the POST method created above:
post_method_resource = post_method.node.find_child('Resource')
Set the POST method to use the authorizer by adding the required CloudFormation properties to the low level resource:
post_method_resource.add_property_override('AuthorizationType',
'COGNITO_USER_POOLS')
post_method_resource.add_property_override(
'AuthorizerId',
{"Ref": api_gw_authorizer.logical_id})
Take note of the second instruction, that's a dictionary. It needs to be, so that the AuthorizedId property is added correctly, like:
AuthorizerId:
Ref: myauthorizer
instead of something like:
AuthorizerId: "Ref: myauthorizer"
As of 0.35.0, the above should output a template containing:
MyAppPOST853D1BB4:
Type: AWS::ApiGateway::Method
Properties:
HttpMethod: POST
ResourceId:
Fn::GetAtt:
- MyApp3CE31C26
- RootResourceId
RestApiId:
Ref: MyApp3CE31C26
AuthorizationType: COGNITO_USER_POOLS
AuthorizerId:
Ref: myauthorizer
Integration:
Type: MOCK
myauthorizer:
Type: AWS::ApiGateway::Authorizer
Properties:
RestApiId:
Ref: MyApp3CE31C26
Type: COGNITO_USER_POOLS
IdentitySource: method.request.header.name.Authorization
Name: MyAuth
ProviderARNs:
- arn:aws:cognito-idp:eu-west-1:123456789012:userpool/eu-west-1_MyCognito
(removed Metadata for brevity)
bgdnlp
on 23 Jun 2019
@bgdnlp well, actually it's even a bit easier as you don't need to override anything, at least in Typescript:
const apiGateway = new RestApi(this, 'apiGateway', {
restApiName: `api name`
});
const apiGatewayRole = new Role(this, 'RestApiRole', {
assumedBy: new ServicePrincipal('apigateway.amazonaws.com')
});
const authorizerUri = `arn:aws:apigateway:${this.props.region}:lambda:path/2015-03-31/functions/${
this.authHandler.functionArn // lambda function of the authorizer
}/invocations`;
const authorizer = new CfnAuthorizer(this, 'LambdaAuthorizer', {
authorizerCredentials: apiGatewayRole.roleArn,
authorizerUri,
identitySource: 'method.request.header.Authorization',
name: `rest-api-authorizer`,
restApiId: apiGateway.restApiId,
type: 'TOKEN',
identityValidationExpression: 'Bearer (.*)',
authorizerResultTtlInSeconds: 0
});
const userResource = apiGateway.root.addResource('user');
userResource
.addMethod('POST', new LambdaIntegration(this.createUserHandler), {
authorizationType: AuthorizationType.Custom,
authorizerId: authorizer.authorizerId
});
That doesn't (shouldn't?) work any more in 0.35.0. Method's authorizerId property is gone, replaced with authorizer.
Edit: I can only speak for Python, but even if you try to set authorizer, it will not do anything, it will simply ignore it. In 0.35.0. The escape hatch works though.
Anyway, the authorizer is just an example. Your code works/worked for addMethod, but might not work for other methods. The override should work for all of them, as far as I understand.
bgdnlp
on 24 Jun 2019
Hi @bgdnlp ,
You're correct, even in typescript the authorizerId approach described above does not work in the 0.35.0 release.
I'm using typescript and have adopted the method you described in 0.35.0, works fine thanks for the tip.
johncrn
on 25 Jun 2019
Re 0.35/typescript:
This one seems to be working (at least the stack has been created):
authorizer: {
authorizerId: authorizer.refAsString
}
vlajos
on 25 Jun 2019
And 0.36/typescript:
authorizer: {
authorizerId: authorizer.ref
}
@eladb not everything done on this list please reopen (please also tick off those things that have been done as the list is getting much shorter!) - thank you :)
lapair
on 27 Jun 2019
And 0.36/typescript:
authorizer: { authorizerId: authorizer.ref }
Can confirm this works fine in Typescript 0.36.0, thank you!
johncrn
on 28 Jun 2019
for cognito auth.... her is the link
ghost
on 29 Aug 2019
In 1.6.1 authorizerId still not available in Python (authorizer=)? This comment here is working in Python, noticed I did not have to override the AuthorizationType property, it is being set correctly from the add_method() call.
Is this the right (or good) issue to track for that?
gadams999
on 3 Sep 2019
For documentationPart is there any update on this ?
hanstf
on 22 Sep 2019
For documentationPart is there any update on this ?
@Jerry-AWS
SomayaB
on 25 Sep 2019
@hanstf I'll have a look at the documentation angle.
Jerry-AWS
on 25 Sep 2019
Is Swagger/Open API Models still on the roadmap to implement? I would love to be able to build API gateway endpoints by feeding a swagger file to CDK.
ghost
on 11 Dec 2019
For the remaining items on this list, I've opened and/or linked separate issues to track them
- Swagger/Open API models - https://github.com/aws/aws-cdk/issues/5391
- Authorizers
- Cognito user pool authorizer - https://github.com/aws/aws-cdk/issues/5618
- Lambda request authorizer - https://github.com/aws/aws-cdk/issues/5617
- Method options - https://github.com/aws/aws-cdk/issues/6250
- Base path mapping - https://github.com/aws/aws-cdk/issues/6248
- Client certificates - https://github.com/aws/aws-cdk/issues/6249
- Documentation - https://github.com/aws/aws-cdk/issues/6057
I'm closing this in favour of these smaller ones. With a large issue such as this, it's difficult to track everything that's going on in the comments, associate which features we're getting the聽馃憤 reaction and estimate effort.
If you're interested or waiting for any of these, please +1 the individual issues one more time. Apologies for the churn.
nija-at
on 12 Feb 2020
Related issues
eladb
路
52Comments
jaapvanblaaderen
路
27Comments
eladb
路
33Comments
rix0rrr
路
61Comments
juhofriman
路
33Comments
Most helpful comment
What about Swagger/Open API models?