Stack Overflow Asked on December 9, 2021
I would like to know how to set up a Lambda Function (AdminFunction) so that it can only be invoked by users in a specified group (AdminUserGroup). My YAML is:
AdminUserGroup:
Type: AWS::Cognito::UserPoolGroup
Properties:
GroupName: "AdminUserGroup"
Description: Contains Staff Users
Precedence: 0
UserPoolId:
Ref: UserPool
AdminFunction:
Type: AWS::Serverless::Function
Properties:
Description: admin functions
CodeUri: admin/
Handler: index.lambdaHandler
Runtime: nodejs12.x
Environment:
Variables:
USERPOOL_ID: !Ref UserPool
VALUE_A: !Ref SomePropA
VALUE_B: !Ref SomePropB
USER_GROUP_ADMIN: !Ref AdminUserGroup
TABLE_NAME: !Ref DynamoTable
Policies:
- DynamoDBCrudPolicy:
TableName: !Ref DynamoTable
Events:
Users:
Type: Api
Properties:
Path: /admin/{proxy+}
Method: ANY
Auth:
Authorizer: << ONLY ADMIN USERS >>
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP