API Gateway LAMBDA AUTHORIZER (Custom Authorizer) | REST APIs | .NET ON AWS | AWS Serverless
Вставка
- Опубліковано 14 лип 2024
- Hey 👋🏽When building serverless APIs with AWS Lambda and API Gateway, one of the most critical questions is how to secure the API.
Lambda Authorizers are a feature provided by API Gateway that helps us separate the authentication logic from our business logic in our function code.
In this video, we will learn about Lambda Authorizers in Amazon API Gateway, how to build one using .NET and how to set it up with API Endpoints. We will look into the different types of custom authorizers, how to cache authorizer responses, and also how to pass data from the authorizer to our Functions containing business logic.
This video is sponsored by AWS and is part of the .NET on AWS Series.
00:00 - Introduction
03:51 - Lambda Authorizer
04:43 - Adding Lambda Function
09:49 - Setup API Lambda Authorizer
13:08 - Validate Request Headers
15:41 - Validate Token In Lamda Function
23:52 - Test Authorizer
25:10 - Authorize POST Endpoint
27:09 - Caching
29:45 - Caching & Policy Conflicts
32:18 - Context Parameters
37:34 - Request Authorizer Type
41:53 - Conclusion
🔗Blog Post - www.rahulpnath.com/blog/aws-d...
🔗Lambda Authorizers - docs.aws.amazon.com/apigatewa...
🔗 Postman - www.postman.com/
🔗JSON Web Token Builder - jwtbuilder.jamiekurtz.com/
Additional Watching
📹API Gateway REST API - Lambda Integration • AWS LAMBDA Proxy Integ...
📹Amazon API GATEWAY - Introduction To REST APIs - • Amazon API GATEWAY - I...
📹AWS API Gateway - HTTP API - • Amazon API GATEWAY - H...
📹AWS Lambda - • AWS LAMBDA For The .NE...
📹AWS DynamoDB - • AWS DynamoDB For The ....
📹AWS Series - • .NET on AWS
📹ASP NET Core Series - • ASP.NET Core
Come say hi! ✋
🌍 Blog - rahulpnath.com/
✉ Subscribe to my Newsletter - www.rahulpnath.com/subscribe
🐦Twitter - / rahulpnath
📸Instagram - / rahulpnath
🛠️ Uses rahulpnath.com/uses
🎥 Recording Setup and Workflow - www.rahulpnath.com/blog/youtu... - Навчання та стиль
Great video. Everything related to the custom authorizer is explained in detail with the demo.
Thank you Shivangi! Do check out the full AWS Series here bit.ly/aws-net-series
Hi raul, as always, your videos are impeccable. They last long enough to include all the dirty details that often are what make something work or not. Congratulations!
Thank you very much! 😀
Thank you. This is exactly what I was looking for
Glad it was helpful!
Hi Rahul, I have been following your videos and they are awesome. Gaining good knowledge and they are vary useful. Thank you.
Thank you Pardhasaradhi and glad they are helping. I also have associated blog posts over at www.rahulpnath.com . Do let know if you have topic suggestions or feedback.
Hey Rahul, once again awesome video, enough content
Glad you liked it!
Great knowledge article Rahul, thanks for sharing it
Glad you liked it! Hope you are enjoying the AWS Series bit.ly/aws-net-series
Hi, would be nice to see Cognito example. Thank you
Good suggestion, have it in my list. 👍
Can a Lambda authorizer work with scopes? Like, don't authorize the request if the scope doesn't match the allowed scope for a resource?
Do you believe that lambda authoriser along with a lambda for business code would double the cold start issue? Any workaround if you can suggest would be helpful
Hi rahul great video cheers .. Can I pass token from authorizer to lambda?
Glad you liked it Vinayak. I think the same request gets passed on, so you should be able to. What are you trying to achieve?
Do checkout the full AWS Series here bit.ly/aws-net-series
For Http API gateway I ran into issue when $request.header.Authorization from "Identity Source" is not passed to request.AuthorizationToken of APIGatewayCustomAuthorizerRequest request object.
In postman I setup header (base64 basic auth)
"Authorization": "Basic xxxxxxx..."
In Authorizer settings on aws portal I have $request.header.Authorization
Appreciate any hint
Hello, thanks for your videos, Can I use the api keys from the api gateway plus a custom authorizer?
One is for the web app and the custom authorizer for the JWT validation.
When I add the custom authorizer it does not need the api key anymore.
yes in the custom authorizer you can ignore authorizing if request already has a api key. Does that help you?
@@RahulNath thanks for your help, my custom authorizer was not set properly. After fixing it, it need to pass both to proceed. It works as expected.
@@andrescastillodf Glad you sorted it out!
Hi its great video,
Can any one from your side create API for my RDS?
Is it possible to use lambda authorizer with fargate based API gateway?
Not sure about that, I haven't used it for that.
Hi, missed your videos for some time, now I see you did a course, usually I buy for 10-12$
Can you make a coupon code for this price?
Thank you Denys - Here's a coupon that gives 33% off. www.udemy.com/course/aws-lambda-dotnet/?couponCode=AWS-LAMBDA-JULY
Hope that takes it to that range?
@@RahulNath Thank you, will leave a good feedback
I have a business account from job, but course is not available there.. would be nice
@@cloud_architector Thank you !! I guess that's a Udemy thing to pick/choose courses into the Business account business-support.udemy.com/hc/en-us/articles/115005228467-How-do-I-Suggest-a-Course-
Thank you for buying and leaving a review 👍😀