Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. iot
  5. Authorizer

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native

aws-native.iot.Authorizer

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native

Creates an authorizer.

Create Authorizer Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Authorizer(name: string, args: AuthorizerArgs, opts?: CustomResourceOptions);
@overload
def Authorizer(resource_name: str,
               args: AuthorizerArgs,
               opts: Optional[ResourceOptions] = None)

@overload
def Authorizer(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               authorizer_function_arn: Optional[str] = None,
               authorizer_name: Optional[str] = None,
               enable_caching_for_http: Optional[bool] = None,
               signing_disabled: Optional[bool] = None,
               status: Optional[AuthorizerStatus] = None,
               tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
               token_key_name: Optional[str] = None,
               token_signing_public_keys: Optional[Mapping[str, str]] = None)
func NewAuthorizer(ctx *Context, name string, args AuthorizerArgs, opts ...ResourceOption) (*Authorizer, error)
public Authorizer(string name, AuthorizerArgs args, CustomResourceOptions? opts = null)
public Authorizer(String name, AuthorizerArgs args)
public Authorizer(String name, AuthorizerArgs args, CustomResourceOptions options)

type: aws-native:iot:Authorizer
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. AuthorizerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. AuthorizerArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. AuthorizerArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. AuthorizerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. AuthorizerArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Authorizer Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Authorizer resource accepts the following input properties:

AuthorizerFunctionArn This property is required. string
The authorizer's Lambda function ARN.
AuthorizerName string
The authorizer name.
EnableCachingForHttp bool
When true , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds . This value doesn't affect authorization of clients that use MQTT connections.
SigningDisabled bool
Specifies whether AWS IoT validates the token signature in an authorization request.
Status Pulumi.AwsNative.IoT.AuthorizerStatus

The status of the authorizer.

Valid values: ACTIVE | INACTIVE

Tags List<Pulumi.AwsNative.Inputs.Tag>

Metadata which can be used to manage the custom authorizer.

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

TokenKeyName string
The key used to extract the token from the HTTP headers.
TokenSigningPublicKeys Dictionary<string, string>
The public keys used to validate the token signature returned by your custom authentication service.
AuthorizerFunctionArn This property is required. string
The authorizer's Lambda function ARN.
AuthorizerName string
The authorizer name.
EnableCachingForHttp bool
When true , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds . This value doesn't affect authorization of clients that use MQTT connections.
SigningDisabled bool
Specifies whether AWS IoT validates the token signature in an authorization request.
Status AuthorizerStatus

The status of the authorizer.

Valid values: ACTIVE | INACTIVE

Tags TagArgs

Metadata which can be used to manage the custom authorizer.

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

TokenKeyName string
The key used to extract the token from the HTTP headers.
TokenSigningPublicKeys map[string]string
The public keys used to validate the token signature returned by your custom authentication service.
authorizerFunctionArn This property is required. String
The authorizer's Lambda function ARN.
authorizerName String
The authorizer name.
enableCachingForHttp Boolean
When true , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds . This value doesn't affect authorization of clients that use MQTT connections.
signingDisabled Boolean
Specifies whether AWS IoT validates the token signature in an authorization request.
status AuthorizerStatus

The status of the authorizer.

Valid values: ACTIVE | INACTIVE

tags List<Tag>

Metadata which can be used to manage the custom authorizer.

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

tokenKeyName String
The key used to extract the token from the HTTP headers.
tokenSigningPublicKeys Map<String,String>
The public keys used to validate the token signature returned by your custom authentication service.
authorizerFunctionArn This property is required. string
The authorizer's Lambda function ARN.
authorizerName string
The authorizer name.
enableCachingForHttp boolean
When true , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds . This value doesn't affect authorization of clients that use MQTT connections.
signingDisabled boolean
Specifies whether AWS IoT validates the token signature in an authorization request.
status AuthorizerStatus

The status of the authorizer.

Valid values: ACTIVE | INACTIVE

tags Tag[]

Metadata which can be used to manage the custom authorizer.

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

tokenKeyName string
The key used to extract the token from the HTTP headers.
tokenSigningPublicKeys {[key: string]: string}
The public keys used to validate the token signature returned by your custom authentication service.
authorizer_function_arn This property is required. str
The authorizer's Lambda function ARN.
authorizer_name str
The authorizer name.
enable_caching_for_http bool
When true , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds . This value doesn't affect authorization of clients that use MQTT connections.
signing_disabled bool
Specifies whether AWS IoT validates the token signature in an authorization request.
status AuthorizerStatus

The status of the authorizer.

Valid values: ACTIVE | INACTIVE

tags Sequence[TagArgs]

Metadata which can be used to manage the custom authorizer.

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

token_key_name str
The key used to extract the token from the HTTP headers.
token_signing_public_keys Mapping[str, str]
The public keys used to validate the token signature returned by your custom authentication service.
authorizerFunctionArn This property is required. String
The authorizer's Lambda function ARN.
authorizerName String
The authorizer name.
enableCachingForHttp Boolean
When true , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds . This value doesn't affect authorization of clients that use MQTT connections.
signingDisabled Boolean
Specifies whether AWS IoT validates the token signature in an authorization request.
status "ACTIVE" | "INACTIVE"

The status of the authorizer.

Valid values: ACTIVE | INACTIVE

tags List<Property Map>

Metadata which can be used to manage the custom authorizer.

For URI Request parameters use format: ...key1=value1&key2=value2...

For the CLI command-line parameter use format: &&tags "key1=value1&key2=value2..."

For the cli-input-json file use format: "tags": "key1=value1&key2=value2..."

tokenKeyName String
The key used to extract the token from the HTTP headers.
tokenSigningPublicKeys Map<String>
The public keys used to validate the token signature returned by your custom authentication service.

Outputs

All input properties are implicitly available as output properties. Additionally, the Authorizer resource produces the following output properties:

Arn string
The Amazon Resource Name (ARN) of the authorizer.
Id string
The provider-assigned unique ID for this managed resource.
Arn string
The Amazon Resource Name (ARN) of the authorizer.
Id string
The provider-assigned unique ID for this managed resource.
arn String
The Amazon Resource Name (ARN) of the authorizer.
id String
The provider-assigned unique ID for this managed resource.
arn string
The Amazon Resource Name (ARN) of the authorizer.
id string
The provider-assigned unique ID for this managed resource.
arn str
The Amazon Resource Name (ARN) of the authorizer.
id str
The provider-assigned unique ID for this managed resource.
arn String
The Amazon Resource Name (ARN) of the authorizer.
id String
The provider-assigned unique ID for this managed resource.

Supporting Types

AuthorizerStatus
, AuthorizerStatusArgs

Active
ACTIVE
Inactive
INACTIVE
AuthorizerStatusActive
ACTIVE
AuthorizerStatusInactive
INACTIVE
Active
ACTIVE
Inactive
INACTIVE
Active
ACTIVE
Inactive
INACTIVE
ACTIVE
ACTIVE
INACTIVE
INACTIVE
"ACTIVE"
ACTIVE
"INACTIVE"
INACTIVE

Tag
, TagArgs

Key This property is required. string
The key name of the tag
Value This property is required. string
The value of the tag
Key This property is required. string
The key name of the tag
Value This property is required. string
The value of the tag
key This property is required. String
The key name of the tag
value This property is required. String
The value of the tag
key This property is required. string
The key name of the tag
value This property is required. string
The value of the tag
key This property is required. str
The key name of the tag
value This property is required. str
The value of the tag
key This property is required. String
The key name of the tag
value This property is required. String
The value of the tag

Package Details

Repository
AWS Native pulumi/pulumi-aws-native
License
Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native