Authorizer
Creates and manages an AWS IoT Authorizer.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as std from "@pulumi/std";
const example = new aws.iot.Authorizer("example", {
name: "example",
authorizerFunctionArn: exampleAwsLambdaFunction.arn,
signingDisabled: false,
status: "ACTIVE",
tokenKeyName: "Token-Header",
tokenSigningPublicKeys: {
Key1: std.file({
input: "test-fixtures/iot-authorizer-signing-key.pem",
}).then(invoke => invoke.result),
},
tags: {
Name: "example",
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
import pulumi_std as std
example = aws.iot.Authorizer("example",
name="example",
authorizer_function_arn=example_aws_lambda_function["arn"],
signing_disabled=False,
status="ACTIVE",
token_key_name="Token-Header",
token_signing_public_keys={
"Key1": std.file(input="test-fixtures/iot-authorizer-signing-key.pem").result,
},
tags={
"Name": "example",
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Iot.Authorizer("example", new()
{
Name = "example",
AuthorizerFunctionArn = exampleAwsLambdaFunction.Arn,
SigningDisabled = false,
Status = "ACTIVE",
TokenKeyName = "Token-Header",
TokenSigningPublicKeys =
{
{ "Key1", Std.File.Invoke(new()
{
Input = "test-fixtures/iot-authorizer-signing-key.pem",
}).Apply(invoke => invoke.Result) },
},
Tags =
{
{ "Name", "example" },
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iot"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "test-fixtures/iot-authorizer-signing-key.pem",
}, nil)
if err != nil {
return err
}
_, err = iot.NewAuthorizer(ctx, "example", &iot.AuthorizerArgs{
Name: pulumi.String("example"),
AuthorizerFunctionArn: pulumi.Any(exampleAwsLambdaFunction.Arn),
SigningDisabled: pulumi.Bool(false),
Status: pulumi.String("ACTIVE"),
TokenKeyName: pulumi.String("Token-Header"),
TokenSigningPublicKeys: pulumi.StringMap{
"Key1": pulumi.String(invokeFile.Result),
},
Tags: pulumi.StringMap{
"Name": pulumi.String("example"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iot.Authorizer;
import com.pulumi.aws.iot.AuthorizerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Authorizer("example", AuthorizerArgs.builder()
.name("example")
.authorizerFunctionArn(exampleAwsLambdaFunction.arn())
.signingDisabled(false)
.status("ACTIVE")
.tokenKeyName("Token-Header")
.tokenSigningPublicKeys(Map.of("Key1", StdFunctions.file(FileArgs.builder()
.input("test-fixtures/iot-authorizer-signing-key.pem")
.build()).result()))
.tags(Map.of("Name", "example"))
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:iot:Authorizer
properties:
name: example
authorizerFunctionArn: ${exampleAwsLambdaFunction.arn}
signingDisabled: false
status: ACTIVE
tokenKeyName: Token-Header
tokenSigningPublicKeys:
Key1:
fn::invoke:
function: std:file
arguments:
input: test-fixtures/iot-authorizer-signing-key.pem
return: result
tags:
Name: exampleContent copied to clipboard
Import
Using pulumi import, import IOT Authorizers using the name. For example:
$ pulumi import aws:iot/authorizer:Authorizer example exampleContent copied to clipboard
Properties
Link copied to clipboard
The ARN of the authorizer's Lambda function.
Link copied to clipboard
Specifies whether the HTTP caching is enabled or not. Default: false.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Specifies whether AWS IoT validates the token signature in an authorization request. Default: false.
Link copied to clipboard
The name of the token key used to extract the token from the HTTP headers. This value is required if signing is enabled in your authorizer.
Link copied to clipboard
The public keys used to verify the digital signature returned by your custom authentication service. This value is required if signing is enabled in your authorizer.