Skip to content

Commit 943b7dd

Browse files
bfreibergbfreiberg
authored
Add final pattern.json file
1 parent b71e550 commit 943b7dd

File tree

1 file changed

+97
-0
lines changed

1 file changed

+97
-0
lines changed

apigw-secretsmanager-apikey-cdk/apigws-secretsmanager-apikey-cdk.json

Lines changed: 97 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,97 @@
1+
{
2+
"title": "API Gateway, Lambda Authorizer & Secrets Manager for API Key Authentication",
3+
"description": "Implement a secure API key-based authorization system using Amazon API Gateway, Lambda Authorizer, and AWS Secrets Manager.",
4+
"language": "TypeScript",
5+
"level": "200",
6+
"framework": "CDK",
7+
"introBox": {
8+
"headline": "How it works",
9+
"text": [
10+
"This pattern demonstrates how to implement a secure API key-based authorization system using Amazon API Gateway, Lambda Authorizer, and AWS Secrets Manager.",
11+
"Each user/tenant has their own unique API key stored in Secrets Manager, which is validated by a Lambda authorizer when requests are made to protected API endpoints.",
12+
"The Lambda authorizer checks if the API key exists in Secrets Manager. If the key is valid, the associated tenant information is retrieved and included in the authorization context.",
13+
"The API Gateway then allows or denies access to the protected endpoint based on the policy returned by the authorizer."
14+
]
15+
},
16+
"gitHub": {
17+
"template": {
18+
"repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/apigw-secretsmanager-apikey-cdk",
19+
"templateURL": "serverless-patterns/apigw-secretsmanager-apikey-cdk",
20+
"projectFolder": "apigw-secretsmanager-apikey-cdk",
21+
"templateFile": "lib/apigw-secretsmanager-apikey-stack.ts"
22+
}
23+
},
24+
"resources": {
25+
"bullets": [
26+
{
27+
"text": "Lambda Authorizers for Amazon API Gateway",
28+
"link": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html"
29+
},
30+
{
31+
"text": "AWS Secrets Manager User Guide",
32+
"link": "https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html"
33+
},
34+
{
35+
"text": "Amazon API Gateway - REST APIs",
36+
"link": "https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-rest-api.html"
37+
}
38+
]
39+
},
40+
"deploy": {
41+
"text": [
42+
"npm install",
43+
"cdk deploy"
44+
]
45+
},
46+
"testing": {
47+
"text": [
48+
"Create an API key using the provided script: <code>./create_api_key.sh sample-tenant</code>",
49+
"Make a request to the protected endpoint using the valid API key: <code>curl -H \"x-api-key: CREATED_API_KEY\" https://REPLACE_WITH_CREATED_API_URL.amazonaws.com/prod/protected</code>",
50+
"If successful, you should receive a response: <code>{ \"message\": \"Access granted\" }</code>"
51+
]
52+
},
53+
"cleanup": {
54+
"text": [
55+
"Delete the CDK stack: <code>cdk destroy</code>",
56+
"Delete created SecretManager keys using the provided script: <code>./remove_secrets.sh</code>"
57+
]
58+
},
59+
"authors": [
60+
{
61+
"name": "Marco Jahn",
62+
"image": "https://sessionize.com/image/e99b-400o400o2-pqR4BacUSzHrq4fgZ4wwEQ.png",
63+
"bio": "Senior Solutions Architect - ISV, Amazon Web Services",
64+
"linkedin": "marcojahn"
65+
}
66+
],
67+
"patternArch": {
68+
"icon1": {
69+
"x": 20,
70+
"y": 50,
71+
"service": "apigw",
72+
"label": "API Gateway REST API"
73+
},
74+
"icon2": {
75+
"x": 50,
76+
"y": 50,
77+
"service": "lambda",
78+
"label": "AWS Lambda Authorizer"
79+
},
80+
"icon3": {
81+
"x": 80,
82+
"y": 50,
83+
"service": "secretsmanager",
84+
"label": "AWS Secrets Manager"
85+
},
86+
"line1": {
87+
"from": "icon1",
88+
"to": "icon2",
89+
"label": "Authorizer"
90+
},
91+
"line2": {
92+
"from": "icon2",
93+
"to": "icon3",
94+
"label": "Request secret"
95+
}
96+
}
97+
}

0 commit comments

Comments
 (0)