-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathoverride.ts
108 lines (98 loc) · 3.86 KB
/
override.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
// // This file is used to override the REST API resources configuration
// import { AmplifyApiRestResourceStackTemplate, AmplifyProjectInfo } from '@aws-amplify/cli-extensibility-helper';
// export function override(resources: AmplifyApiRestResourceStackTemplate, amplifyProjectInfo: AmplifyProjectInfo) {
// // Change the default CORS response header Access-Control-Allow-Origin from "'*'" to the API's domain
// // resources.restApi.body.paths['/items'].options['x-amazon-apigateway-integration'].responses.default.responseParameters['method.response.header.Access-Control-Allow-Origin'] = { 'Fn::Sub': "'https://${ApiId}.execute-api.${AWS::Region}.amazonaws.com'" };
// // Replace the following with your Function resource name
// const functionResourcename = "apiAuthorizer";
// const functionArnParameter = "FunctionArn";
// // Adding parameter to your Cloud Formation Template for Authorizer function arn
// resources.addCfnParameter(
// {
// type: "String",
// description: "The ARN of an existing Lambda Function to authorize requests",
// default: "NONE",
// },
// functionArnParameter,
// { "Fn::GetAtt": [`function${functionResourcename}`, "Outputs.Arn"], }
// );
// // Create the authorizer using the functionArnParameter parameter defined above
// resources.restApi.addPropertyOverride("Body.securityDefinitions", {
// Lambda: {
// type: "apiKey",
// name: "Authorization",
// in: "header",
// "x-amazon-apigateway-authtype": "oauth2",
// "x-amazon-apigateway-authorizer": {
// type: "token",
// authorizerUri:
// {
// 'Fn::Join': [
// '',
// [
// "arn:aws:apigateway:",
// { Ref: 'AWS::Region' },
// ":lambda:path/2015-03-31/functions/",
// { Ref: functionArnParameter },
// "/invocations"
// ]
// ],
// },
// authorizerResultTtlInSeconds: 0
// },
// },
// });
// // Adding Resource Based policy to Lambda authorizer function
// resources.addCfnResource(
// {
// type: "AWS::Lambda::Permission",
// properties: {
// Action: "lambda:InvokeFunction",
// FunctionName: {Ref: functionArnParameter},
// Principal: "apigateway.amazonaws.com",
// SourceArn:{
// "Fn::Join": [
// "",
// [
// "arn:aws:execute-api:",
// {
// "Ref": "AWS::Region"
// },
// ":",
// {
// "Ref": "AWS::AccountId"
// },
// ":",
// {
// "Ref": "movie"
// },
// "/*/*"
// ]
// ]
// }
// }
// },
// "LambdaAuthorizerResourceBasedPolicy"
// );
// for (const path in resources.restApi.body.paths) {
// // Add the Authorization header as a parameter to requests
// resources.restApi.addPropertyOverride(
// `Body.paths.${path}.x-amazon-apigateway-any-method.parameters`,
// [
// ...resources.restApi.body.paths[path]["x-amazon-apigateway-any-method"]
// .parameters,
// {
// name: "Authorization",
// in: "header",
// required: false,
// type: "string",
// },
// ]
// );
// // Use your new Lambda authorizer for security
// resources.restApi.addPropertyOverride(
// `Body.paths.${path}.x-amazon-apigateway-any-method.security`,
// [ { Lambda: [], }, ]
// );
// }
// }