How can I allow user to use api key to access my aws_iam protected aws api gateway rest endpoint?

api-gateway
lambda
iam

#1

Hi fellow serverless users,

I created a lambda function backed rest api on api gateway with using serverless framework.

In order to protect my api endpoint, I enabled aws_iam authorizers to allow only signed in user to access the endpoints.

I would also like to provide an alternative authorization solution with api gateway usage plan and api key, so that user could use the api key I provided to access my endpoints programmatically.

However, seems user can’t access my endpoints with api key with aws_am authorizers enabled, http request comes back "message": "Missing Authentication Token".

Is there any way I can make this to work? Or I have to define two separate functions with each has different authorization solution?

Here’s how my rest api defined in serverless yaml. Thank you in advance.

functions:
  http:
    handler: src/index.api
    timeout: 30
    events:
      - http:
          path: /{proxy+}
          method: any
          cors: true
          private: true
          authorizer: aws_iam