As for DefaultDashauthorizerLambdaFunction, my authorizer function name is default-authoriser, that’s why I need to use Dash instead of ‘-’. In your case you shoul use AuthorizerLambdaFunction
in a different package (stack) I import it in this way
I’ve managed to export the authorizer without serverless aws alias plugin and the export shows in Cloudformation to confirm that it’s been exported. This is my serverless.yml :
However, when i try to import it inside another service i have an error :
An error occurred: ApiGatewayMethodV1SomeGet - Invalid authorizer ID specified. Setting the authorization type to CUSTOM or COGNITO_USER_POOLS requires a valid authorizer. (Service: AmazonApiGateway; Status Code: 400; Error Code: BadRequestException).
I’ve tried to import it like this :
# inside some http get event
authorizer:
type: CUSTOM
authorizerId: ${cf:authorizer-apigateway-${self:provider.stage}.AuthorizerId}
Do you have any idea where this error could come from ?
It seems to me that you use AuthorizerId instead of an export name, so I think the right ref should be ${cf:authorizer-apigateway-${self:provider.stage}.authorizer-apigateway-${self:provider.stage}-AuthorizerId}, because the correct format is ${cf:STACK_NAME.EXPORT_VALUE_NAME}
Can you check it?
and also please try to use this approach
Thanks a lot for the answer but it doesn’t seems to work, i have the same error message
Nevertheless i might know where this error comes from. I used separate services (so separated api gateway) so the second service might not have the right to access the first service. If i export the restApiId of the first service and import it in the second service do you think it might work ?
Honestly, I don’t know (I assume that this will not help), but I would recommend trying a few things.
open your cloudformation console and take a look at your exported variables (here is an example https://take.ms/HBR2J), you will see your authorizer exported name.
1 Try to hardcode your auhorizerId import, you will have something like this authorizerId: !ImportValue authorizer-apigateway-stage-AuthorizerId, if it works - it means that your import ${cf:...} is not correct.
2. Try to hardcode a value (you will see it in the outputs tab), you will have authorizerId: d242dsf2, and you will be able to check if your authorizer works
if it doesn’t help - maybe we can talk via skype or another messenger, in this way, we will fix it much faster. but it’s up to you
provider:
# Next lines enable same api gateway usage but different cloudformation stacks
apiGateway:
restApiId:
Fn::ImportValue: authorizer-stack-${self:provider.stage}-restApiId
restApiRootResourceId:
Fn::ImportValue: authorizer-stack-${self:provider.stage}-rootResourceId
functions:
helloWorld:
handler: hello.handler
events:
- http:
path: hello-world
method: get
authorizer:
type: CUSTOM
authorizerId: !ImportValue authorizer-stack-${self:provider.stage}-authorizerId
Nevertheless this solution doesn’t fit my needs. I would like to have different Apis of ApiGateway sharing the same authorizer so when i change the configuration of the authorizer, all Apis are affected.
Do you think it could be possible, even inside the aws console ? Otherwise i will submit a feature request to AWS
In all cases, thanks for your very generous help !
Hi, haven’t seen your message. I don’t think that you can share authorizers between different api gateways. As you can see each gateway has its own list of authorizers and when you declare your authorizer you also need to set a RestApiId property.
As I can see you have a few options:
Use the same api gateway for all your services (you don’t want to do it )
Extract your authorizer code to a separate package and use this code in all your api gateways (you will have as many authorizers as many gateways you have), but when you change your authorizer code - you will need to redeploy all your api authorizers.
…
