8
votes

We have 3 stages on our API Gateway (Development, Testing, Production) they use a Cognito User Pool Authorizer for authorization, each one of the stages has a different User Pool so this configuration must be dynamic.

The problem: How do i configure the Auhtorizer for my API so that each API stage checks the authorization in the correct user pool?

PS: The Authorizer isn't a custom lambda function, it's the default Cognito authorizer.

1
If you've found a solution please add it as an answer. - Arsenii Fomin
I didn't found any solution... - vitors
I also haven't found any adequate one to have API Gateway + Lambda back end dev/prod stages where dev stage can be easily updated and prod would be like some manually pushed snapshot of dev. I ended up with having two API Gateways instances for dev and prod, using the same lambdas but without any parametrization (because the last requires manually setting permissions for every lambda). It relies on the idea that lambdas will be changed much more rapidly that API Gateway itself. And for dev $LATEST lamdas versions used, for prod manually selected ones. Lamdas get context by stage variables. - Arsenii Fomin

1 Answers

1
votes

According to this thread, AWS doesn't currently support this.

Your best bet seems to be a multi-stack solution, where instead of stages you have separate APIs for the different environments.