# AWS : aws-cli > 2.0 # CREATE AUTHORIZER !!! # authorizer-name: Assign an authorizer name # api-id: Http APIGateway ID # audience: audience specified by the authorizer # Issuer: Authorizer URL aws apigatewayv2 create-authorizer \ --name authorizer-name \ --api-id api-id \ --authorizer-type JWT \ --identity-source '$request.header.Authorization' \ --jwt-configuration Audience=audience,Issuer=https://cognito-idp.us-east-2.amazonaws.com/userPoolID # ADD LAMBDA (CUSTOM) AUTHORIZER TO ROUTE !!! # api-id: Http APIGateway ID # route-id: Gateway Route ID # authorizer-id: You authorizer ID created by above command aws apigatewayv2 update-route \ --api-id $api_id \ --route-id $route_id \ --authorization-type "CUSTOM" \ --authorizer-id $auth_id # ADD JWT AUTHORIZER TO ROUTE !!! # api-id: Http APIGateway ID # route-id: Gateway Route ID # authorizer-id: You authorizer ID created by above command # authorization-scopes: if authorizer requires extra scopes aws apigatewayv2 update-route \ --api-id api-id \ --route-id route-id \ --authorization-type JWT \ --authorizer-id authorizer-id \ --authorization-scopes user.email