I have the same issue described in this stack overflow post:
I wish to authentify requests, using AWS_IAM.
I can use the AWS Gateway API console, and change each method request from none to AWS_IAM. By hand, I can make it work.
However, I would rather change the serverless.yml file in my Serverless services.
I tried to add an authorizationType field like so:
http:
path: greet
method: get
authorizationType: AWS_IAM
but it did not update the authorization settings of API Gateway, and unauthorized requests are still accepted.
Any idea if the serverless.yml file can be set to use AWS_IAM?
There isn’t a clean way of doing this yet that I’m aware of. There is a bit of a dirty way though. After you’ve deployed your application lookup the name of the AWS::ApiGateway::Method for your method (the way I do this is by looking within cloudfromation’s stack template for my api). Then using that name, within serverless.yml under Resources drop in something like this…
PostMethodApigEventCreateaccountAccountCreate: #<- that is my AWS::ApiGateway::Method's name
Properties:
AuthorizationType: AWS_IAM
Yup definitely something we want to support in the future. With our latest release (and on master) the name of the Method has changed though, so make sure to update your custom resources so they still work then.
@flomotlik I’ve noticed that since 1.0.2 version this does not work:
resources:
Resources:
ApiGatewayMethodV1UsersUseridTestPost: // My post method.
Properties:
AuthorizationType: AWS_IAM
I get an error saying that a resource type is need.
So I tried this (format is not being applied by the forum here):
resources:
Resources:
ApiGatewayMethodV1UsersUseridTestPost: //My post method.
Type: AWS::ApiGateway::Method
Properties:
AuthorizationType: AWS_IAM
But it does not work. It produces the following output and the application does not exit.
I must to press ctrl+c in order to cancel and the next time I try to deploy the api I got a “The specified bucket does not exist” which can be solved by deleted the stack task from Cloudformation console.
@flomotlik thanks, but I’ve just tried 1.03 version and unfortunately it does not work.
This configuration:
resources:
Resources:
ApiGatewayMethodV1UsersUseridTestPost:
Type: AWS::ApiGateway::Method # Is this line correct? It does not work
Properties:
AuthorizationType: AWS_IAM
Produces this error:
An error occurred while provisioning your stack: ApiGatewayMethodV1UsersUseridTestPost
- Property HttpMethod cannot be empty.
I am getting the same error as @endymion as well “Property HttpMethod cannot be empty” and I am using a path parameter as well as he mentioned in the github issue.
I have also noticed that the people who have gotten this working seem to be using lambda integration as opposed to lambda-proxy integration, would that be a requirement for getting this to work?
I used below syntax in serverless.yml and it worked for me. Key thing was to identify correct name “ApiGatewayMethodHelloGet”. I figured that out from cloud formation template from S3, sls deploys code in S3 for every service if you drill down thos S3 bucket you will see cloud formation template created by sls.
You helped me 100% find the answer this was make or break for me. If you set it manually in the UI as soon as you do any update it will reset it to 0. You have to find the name in the json in the s3 bucket.
