Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

DIfferent Cognito Pool Authorizer by Api Gateway Stages

We have 3 stages on our API Gateway (Development, Testing, Production) they use a Cognito User Pool Authorizer for authorization, each one of the stages has a different User Pool so this configuration must be dynamic.

The problem: How do i configure the Auhtorizer for my API so that each API stage checks the authorization in the correct user pool?

PS: The Authorizer isn't a custom lambda function, it's the default Cognito authorizer.

like image 491
vitors Avatar asked Feb 27 '18 20:02

vitors


People also ask

Which types of custom authorizer are supported by API gateway?

You can use custom authorizers in API Gateway to support any bearer token. This allows you to authorize access to your APIs using tokens from an OAuth flow or SAML assertions. Further, you can leverage all of the variables available to IAM policies without setting up your API to use IAM authorization.

Which option allows you to assign the user pool to API?

Answer: Instead of using the API Gateway console, you can also enable an Amazon Cognito user pool on a method by specifying an OpenAPI definition file and importing the API definition into API Gateway.


1 Answers

According to this thread, AWS doesn't currently support this.

Your best bet seems to be a multi-stack solution, where instead of stages you have separate APIs for the different environments.

like image 179
Tomty Avatar answered Oct 20 '22 14:10

Tomty