Are API keys still not supported?
Opened this issue · 1 comments
jkatagi commented
Hi, I know that when we want to add an API key to an API Gateway method, we can do so by passing apiKeyRequired: true
to addMethod
in @aws-cdk/aws-apigateway.
declare const integration: apigateway.LambdaIntegration;
const api = new apigateway.RestApi(this, 'hello-api');
const v1 = api.root.addResource('v1');
const echo = v1.addResource('echo');
const echoMethod = echo.addMethod('GET', integration, { apiKeyRequired: true });
const plan = api.addUsagePlan('UsagePlan', {
name: 'Easy',
throttle: {
rateLimit: 10,
burstLimit: 2
}
});
const key = api.addApiKey('ApiKey');
plan.addApiKey(key);
But I couldn't find the same way in this library.
Are API keys still not supported?
It would be wonderful if we could do the following.
new openapix.Api(scope, 'SomeApi', {
source: 'path/to/yaml',
paths: {
'/some': {
get: new openapix.LambdaIntegration(scope, lambdaFn, {
apiKeyRequired: true
}),
},
},
....
Here is the sample from the Open API document, however, this was not enough to set the API key.
openapi: 3.0.0
paths:
/something:
get:
# Operation-specific security:
security:
- ApiKeyAuth: []
responses:
'200':
description: OK (successfully authenticated)
# 1) Define the key name and location
components:
securitySchemes:
ApiKeyAuth: # arbitrary name for the security scheme
type: apiKey
in: header # can be "header", "query" or "cookie"
name: X-API-KEY # name of the header, query parameter or cookie
# 2) Apply the API key globally to all operations
security:
- ApiKeyAuth: [] # use the same name as under securitySchemes