AWS SAM :: AWS::Serverless::Api "Invalid value for 'Auth' property"

AWS SAM :: AWS::Serverless::Api "Invalid value for 'Auth' property"

我通过描述模板中的所有内容并且没有 OpenApi 定义,设法为通过(专用)ApiKey 验证的 API GW 背后的 Lambda 定义了一个模板。

在尝试引入 Lambda 集成来完成映射时出现了问题:它们似乎只能在 OpenAPI 文档中定义,当然,我无法完成工作。因为 SAM 验证失败抱怨 Auth 部分。

Template provided at '/Users/cionzo/PycharmProjects/my_project/template.yaml' was invalid SAM Template.
Error: [InvalidResourceException('ApiGateway', "Invalid value for 'Auth' property")] ('ApiGateway', "Invalid value for 'Auth' property")

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
  myToyApp POC
  SAM Template for myToyApp POC

# ====================================
# PARAMETERS SETUP
# ====================================
Parameters:
  StageParam:
    Type: String
    Default: dev
    Description: (Required) Enter dev, test, prod. Default is dev.
    AllowedValues:
      - dev
      - test
      - prod
  ProjectName:
    Type: String
    Default: myToyApp
    Description: (Required) The name of the project
    MinLength: 3
    MaxLength: 50
    AllowedPattern: ^[A-Za-z_-]+$
    ConstraintDescription: "Required. Can be characters, hyphen, and underscore only. No numbers or special characters allowed."

Mappings:
  Stage2Settings:
    LoggingLevel:
      dev: "INFO"
      test: "INFO"
      prod: "ERROR"

Globals:
  Function:
    Timeout: 60

Resources:
  ApiGateway:
    Type: AWS::Serverless::Api
    Properties:
      Name: !Sub "${ProjectName}_${StageParam}"
      StageName: !Ref StageParam
      MethodSettings:
        - LoggingLevel: !FindInMap [ Stage2Settings, "LoggingLevel", !Ref StageParam ]
          ResourcePath: '/*'      # allows for logging on any resource
          HttpMethod: '*'         # allows for logging on any method
          DataTraceEnabled: true  # Put logs into cloudwatch
          MetricsEnabled: true    # Enable detailed metrics (error 404, latence, ...)
      Auth:
        ApiKeyRequired: true
        UsagePlan:
          CreateUsagePlan: PER_API
          Description: Usage plan for this API
        DefinitionBody:
          openapi: 3.0.0
          info:
            title: "Hello Api"
            version: 0.3.0
            description: "This is an example OpenAPI specification"
            termsOfService: "http://example.com/tos"
            contact:
              email: "example@example.com"
          x-amazon-apigateway-request-validators:
            all:
              validateRequestBody: true
              validateRequestParameters: true
            params:
              validateRequestBody: true
              validateRequestParameters: true
            body:
              validateRequestBody: true
              validateRequestParameters: false
          paths:
            /processData:
              post:
                operationId: processData
                description: Test sam local functionality with API Gateway & Open API



  myToyAppPOCFunction:
    Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
    Properties:
      CodeUri: myLambdaCodeFolder/
      Handler: app.lambda_handler
      Runtime: python3.8
      FunctionName: !Sub "${ProjectName}_DataProcessor_${StageParam}"
      Events:
        HelloWorld:
          Type: Api # More info about API Event Source: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api
          Properties:
            Path: /processData
            Method: POST
            RestApiId: !Ref ApiGateway





Outputs:
  # ServerlessRestApi is an implicit API created out of Events key under Serverless::Function
  # Find out more about other implicit resources you can reference within SAM
  # https://github.com/awslabs/serverless-application-model/blob/master/docs/internals/generated_resources.rst#api
  myToyAppPOCApi:
    Description: "API Gateway endpoint URL for myToyAppPOCFunction"
    Value: !Sub "https://${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com/${StageParam}/processData/"


  myToyAppPOCFunction:
    Description: "myToyAppPOCFunction Lambda Function ARN"
    Value: "myToyAppPOCFunction"
  myToyAppPOCFunctionIamRole:
    Description: "Implicit IAM Role created for Hello World function"
    Value: !GetAtt myToyAppPOCFunctionRole.Arn

您的 Auth 属性 语法包含 DefinitionBody 的不正确 属性。

要修复您列出的错误,取消 DefinitionBody 块的缩进,使其父级为 Properties,而不是 Auth

ApiGateway:
  Type: AWS::Serverless::Api
  Properties:
    Name: !Sub "${ProjectName}_${StageParam}"
    StageName: !Ref StageParam
    MethodSettings:
      - LoggingLevel: !FindInMap [ Stage2Settings, "LoggingLevel", !Ref StageParam ]
        ResourcePath: '/*'      # allows for logging on any resource
        HttpMethod: '*'         # allows for logging on any method
        DataTraceEnabled: true  # Put logs into cloudwatch
        MetricsEnabled: true    # Enable detailed metrics (error 404, latence, ...)
    Auth:
      ApiKeyRequired: true
      UsagePlan:
        CreateUsagePlan: PER_API
        Description: Usage plan for this API
    DefinitionBody:
      openapi: 3.0.0
      info:
        title: "Hello Api"
        version: 0.3.0
        description: "This is an example OpenAPI specification"
        termsOfService: "http://example.com/tos"
        contact:
          email: "example@example.com"
      x-amazon-apigateway-request-validators:
        all:
          validateRequestBody: true
          validateRequestParameters: true
        params:
          validateRequestBody: true
          validateRequestParameters: true
        body:
          validateRequestBody: true
          validateRequestParameters: false
      paths:
        /processData:
          post:
            operationId: processData
            description: Test sam local functionality with API Gateway & Open API

有关正确语法的更多信息,请查看文档: