I have been using the shared authorizer approach for a while now, like the one stated here → Serverless Framework - AWS Lambda Events - API Gateway
I establish the custom auth as a lambda, and then output it as a resource with the API Gateway:
CustomGatewayAuthorizer:
handler: path/to/handler.authorizer
name:${self:provider.stage}-Gateway-Authorizer-Lambda
provisionedConcurrency: 1
warmup:
default:
concurrency: 1
enabled: true
concurrencyAutoscaling:
enabled: true
maximum: 50
minimum: 1
usage: 0.85
scaleInCooldown: 120
scaleOutCooldown: 360
Resources:
ApiGateway:
Type: AWS::ApiGateway::RestApi
Properties:
Name: ${self:provider.stage}-Gateway-ApiGateway
MinimumCompressionSize: 0 # Enabled for all responses.
APIGatewayAuthorizer:
Type: AWS::ApiGateway::Authorizer
Properties:
AuthorizerUri: 'arn:aws:apigateway:#{AWS::Region}:lambda:path/2015-03-31/functions/arn:aws:lambda:#{AWS::Region}:#{AWS::AccountId}:function:${self:provider.stage}-Gateway-Authorizer-Lambda/invocations'
Type: REQUEST
IdentitySource: method.request.header.User-Agent
AuthorizerResultTtlInSeconds: 1
Name: ApiGatewayAuthorizer
RestApiId:
Ref: NemlApiGateway
Outputs:
apiGatewayAuthorizer:
Description: Shared custom Gateway authorizer
Value:
Ref: APIGatewayAuthorizer
Export:
Name: ${self:provider.stage}-Gateway-Authorizer
Everything works fine, but when referencing several times the auth in my other endpoints, it stops attaching the API Gateway as a trigger, and therefore breaking the auth.
Does anyone knows if there is a limit to how many times can I reference the shared authorizer? I have not found any solution in documentation or other forums.