This pattern deploys an API Gateway REST API protected by a Lambda Authorizer supporting Basic HTTP Authentication.
Important: this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the AWS Pricing page for details. You are responsible for any AWS costs incurred. No warranty is implied in this example.
- Create an AWS account if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources.
- AWS CLI installed and configured
- Git Installed
- Node and NPM installed
- AWS Cloud Development Kit (AWS CDK) installed
-
Clone the project to your local working directory
git clone https://github.com/aws-samples/serverless-patterns
-
Change the working directory to this pattern's directory
cd apigw-lambda-authorizer-basic-cdk -
Install dependencies
npm install
-
Deploy the stack to your default AWS account and region. The output of this command should give you the HTTP API URL.
cdk deploy
Using a Lambda Authorizer the credentials provided in the Authorization header are decoded using Base64 and verified in a mock database.
Run the following commands using the API endpoint.
-
Positive testing - Check the output for a hello world message.
curl -u user1:password1 '<protected api endpoint>' -
Negative testing - Check the output for a not authorized error message.
curl -u user1:wrongPassword '<protected api endpoint>'
Run the given command to delete the resources that were created. It might take some time for the CloudFormation stack to get deleted.
cdk destroyCopyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: MIT-0