amazon-web-servicesaws-lambdaaws-api-gatewaycustom-authentication

Is it possible to instruct AWS Custom Authorizers to call AWS Lambdas based on Stage Variables?


I am mapping Lambda Integrations like this on API Gateway:

${stageVariables.ENV_CHAR}-somelambda

So I can have d-somelambda, s-somelambda, etc. Several versions for environments, all simultaneous. This works fine.

BUT, I am using Custom Authorizers, and I have d-authorizer-jwt and d-authorizer-apikey.

When I deploy the API in DEV stage, it's all ok. But when I deploy to PROD stage, all lambda calls are dynamically pointing properly to *p-lambdas*, except the custom authorizer, which is still pointing to "d" (DEV) and calling dev backend for needed validation (it caches, but sometimes checks the database).

Please note I don't want necessarily to pass the Stage Variables like others are asking, I just want to call the correct Lambda out of a proper configuration like Integration Request offers. By having access to Stage Variables as a final way of solving this, I would need to change my approach and have a single lambda for all envs, and dynamically touch the required backend based on Stage Variables... not that good.

Tks


Solution

  • Solved. It works just as I described. There are some caveats: a) You need to previously grant access to that lambda b) You can't test the authorizer due to a UI glitch ... it doesn't ask for the StageVar so you will never reach the lambda c) You need to deploy the API to get the Authorizers updated on a particular Stage

    Cannot tell why it didn't work on my first attempt.