API Gateway Authoriser - Name is optional, but still required

[gvhuyssteen]

Creating an Api Gateway Cognito Authoriser results in an error if the name parameter is not passed in.

I added a working solution to indicate that the name is indeed

Reproduction Steps

#!/usr/bin/env node
import * as apigateway from '@aws-cdk/aws-apigateway';
import * as cognito from '@aws-cdk/aws-cognito';
import * as lambda from '@aws-cdk/aws-lambda';
import * as cdk from '@aws-cdk/core';

export class AuthoriserNameRequiredStack extends cdk.Stack {
  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    const api = new apigateway.RestApi(this, 'api');

    const demo = api.root.addResource('demo');

    const pool = new cognito.UserPool(this, 'pool', { userPoolName: 'authoriser-name-required-userpool' });

    const cognitoAuthorizer = new apigateway.CfnAuthorizer(this, 'cfnAuth', {
      restApiId: api.restApiId,
      type: 'COGNITO_USER_POOLS',
      identitySource: 'method.request.header.Authorization',
      providerArns: [pool.userPoolArn],
    });

    const lambdaFunction = new lambda.Function(this, 'lambda-demo', {
      code: new lambda.AssetCode('src'),
      handler: 'demo.handler',
      runtime: lambda.Runtime.NODEJS_12_X
    });

    const lambdaFunctionIntegration = new apigateway.LambdaIntegration(lambdaFunction);

    demo.addMethod('GET', lambdaFunctionIntegration, {
      authorizationType: apigateway.AuthorizationType.COGNITO,
      authorizer: {
        authorizerId: cognitoAuthorizer.ref
      }
    });

  }
}

const app = new cdk.App();
new AuthoriserNameRequiredStack(app, 'AuthoriserNameRequiredStack', {env: {region: 'eu-west-1'}});

Working Solution

...
    const cognitoAuthorizer = new apigateway.CfnAuthorizer(this, 'cfnAuth', {
      restApiId: api.restApiId,
      name: 'cognito-authoriser',   // Added name
      type: 'COGNITO_USER_POOLS',
      identitySource: 'method.request.header.Authorization',
      providerArns: [pool.userPoolArn],
    });
...

Error Log

  9/16 
      | 10:14:19 PM
      | CREATE_IN_PROGRESS
      | AWS::ApiGateway::Authorizer
      | cfnAuth
 10/16
      | 10:14:19 PM
      | CREATE_FAILED 
      | AWS::ApiGateway::Authorizer
      | cfnAuth 1 validation error detected: Value null at 'createAuthorizerInput.name' failed to satisfy constraint:
        Member must not be null (Service: AmazonApiGateway; Status Code: 400; Error Code: ValidationException; )

Environment

• CLI Version: 1.39.0 (build 5d727c1)
• OS : macOS Catalina 10.15.4
• Language : Typescript

Other

AWS::ApiGateway::Authorizer name

PR making the name property optional

---

This is 🐛 Bug Report

[nija-at]

This is a bug in the CloudFormation spec which reports that the Name property is optional.
Internal ref: i/CFN-32071

We can however patch this on our end by adding a new patch file here - https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/cfnspec/spec-source.

[github-actions]

This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

[peterwoodworth]

name is specified as required now in resource spec

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.