Authorizers cache

endymion · January 17, 2017, 12:01am

Hi,

I’m wondering if the property “resultTtlInSeconds” can be set as global in serverless.yml file.
Also as I see amazon allows to configure the property “Results ttl in seconds” inside the authorizers section in apigateway console but the function only appears one time although is being used in some endpoints (with custom authorizer) and this property seems to be global so I think it is not possible to set a value for every authenticated endpoint. Am I right?

getCognitoIdentityIdForUser:
    handler: functions/auth_handler.getCognitoIdentityIdForUser
    events:
        - http:
            path: ${self:custom.authPath}/identity
            method: get
            authorizer:
              name: jwtAuthorizerAuth
              resultTtlInSeconds: 0
              identitySource: method.request.header.Authorization
              #identityValidationExpression: someRegex
            cors: ${self:custom.cors}
            integration: lambda

ssb17 · November 1, 2017, 6:11pm

Yes. It appears to be the case for me as well. If that is so (yet to be confirmed) then the question is why the authorizer configuration set at endpoint level when it really should be at api level.

iscofield · March 15, 2018, 3:39am

I’m running into this same situation. Is there a way to do this globally? I don’t see an answer in the docs to add resultTtlInSeconds to the authorizer function, just the expanded object per method.

bill · March 18, 2018, 4:52pm

I did this with custom variables and apply it to all event methods.

custom:
  resultTtlInSeconds: 0

getCognitoIdentityIdForUser:
    handler: functions/auth_handler.getCognitoIdentityIdForUser
    events:
        - http:
            path: ${self:custom.authPath}/identity
            method: get
            authorizer:
              name: jwtAuthorizerAuth
              resultTtlInSeconds: ${self:custom.resultTtlInSeconds}

skunkwerk · January 20, 2019, 8:04pm

Same issue here. I have a custom authorizer defined, with a cache setting of 3600 seconds in API Gateway. Do I also need to specify the resultTtlInSeconds for every serverless function that uses that authorizer?

eczajk · June 3, 2019, 6:36pm

You can override the authorizer resource that gets created for your authorizer function:

JwtAuthorizerAuthApiGatewayAuthorizer:
  Type: AWS::ApiGateway::Authorizer
  Properties:
    AuthorizerResultTtlInSeconds: 0

See the docs for how to Override AWS CloudFormation Resource.

Topic		Replies	Views
Api gateway custom authorizer caching problems Serverless Framework	2	5531	January 18, 2021
Custom Authorizer configuration for multiple endpoints in the same API Serverless Framework aws	1	2765	November 2, 2017
Custom authorizer cache with detailed permission system Serverless Framework aws , lambda , api-gateway	1	1474	September 6, 2018
Longer TTL for lambda authorizer? Serverless Framework aws , lambda	0	852	March 7, 2021
Rest API with custom authorizer: How are you dealing with authorization and policy cache? Serverless Framework aws	5	15395	August 16, 2019

Authorizers cache

Related topics