How to access Cognito User Pool Arn as a function authorizer?

luckyvalentine · October 16, 2019, 8:40pm

SOLVED.

I was able to reference an explicitly declared authorizer. In my cognito-user-pool.yml file I added the MyApiGatewayAuthorizer section, ending up with

CognitoUserPool:
    Type: AWS::Cognito::UserPool
    Properties:
      UserPoolName: company-${self:custom.stage}-user-pool

      UsernameAttributes:
        - email
      AutoVerifiedAttributes:
        - email

  MyApiGatewayAuthorizer: 
    Type: AWS::ApiGateway::Authorizer
    Properties: 
      AuthorizerResultTtlInSeconds: 10
      IdentitySource: method.request.header.Authorization
      Name: MyCognitoAuthorizer
      RestApiId: 
        Ref: ApiGatewayRestApi
      Type: COGNITO_USER_POOLS
      ProviderARNs: 
        - {"Fn::Join": ["", ["arn:aws:cognito-idp:", {Ref: "AWS::Region"}, ":", {Ref: "AWS::AccountId"}, ":userpool/", Ref: CognitoUserPool]]}

and in my function event definition, I specified the authorizer as such:

events:
  - http:
      path: target
      method: get
      cors: true
      authorizer:
        type: COGNITO_USER_POOLS
        authorizerId: { Ref: MyApiGatewayAuthorizer }

This worked for me. I hope it can help someone else!

Topic		Replies	Views
User Pool Authorizer from Resource? Serverless Framework aws	2	571	January 30, 2019
How to reference userpool arn from function Serverless Framework aws	0	593	November 7, 2019
API Authentication with Cognito Serverless Framework aws	7	12843	December 18, 2018
Custom authorizer with cognito user pool service Serverless Framework aws	2	11246	February 13, 2018
Anyone have a good modern example of using a cognito user pool authorizer? Serverless Framework	4	3932	August 9, 2020

How to access Cognito User Pool Arn as a function authorizer?

Related Topics