I would like to reuse the same COGNITO_USER_POOLS Authorizer across multiple micro-services as in the same format as the API Gateway using Resource Outputs.
I am able to successfully create the resource in the same serverless deployment as the apigateway. But having trouble loading it and making it available for separate micro-services…
I tried using the “name” I created in the original service in each micro-service. But I get the error:
"Function “CustomAuthorizerName” doesn’t exist in this Service…
possible to use the same authorizer across each micro-service? When I export the Authorizer Ref, I only get an Authorizer ID not ARN.
Any advice to share a COGNITO_USER_POOLS Authorizer across multiple services? Many thanks!!
You need to output from the arn for the user pool from the stack that creates it then set the authorizer in the other stack using that ARN. To get the ARN for a user pool you need to use
Thaks @buggy. Appreciate the help!!
As noted, I have the resource working just fine, it is attaching that resource to -http events on later microservices that is the problem.
I create the resource like this:
MyCognitoAuthorizer: # using this as authorizer for all endpoints
IdentityValidationExpression: Bearer (.*)
And that works great. The problem is when I run the next microservice, I cant reference
MyCognitoAuthorizer because it is not part of that service, I cant use the output because its only the authorizer ID. So the question is, how do I make the resource “known” to the other microservices. like in this example which is in a separate file/microservice:
authorizer: ###WHAT GOES HERE###
I tried placing the ARN of the user pool in the “###WHAT GOES HERE###” and it worked for the first service, the second service failed.
Long version: https://serverless.com/framework/docs/providers/aws/events/apigateway#share-authorizer
If I understand the docs correctly then the short version is:
YOUR-OTHER_STACK with the name of your other stack.
That is working now. I will love you forever.