IoT / Client / create_authorizer

create_authorizer#

IoT.Client.create_authorizer(**kwargs)#

Creates an authorizer.

Requires permission to access the CreateAuthorizer action.

See also: AWS API Documentation

Request Syntax

response = client.create_authorizer(
    authorizerName='string',
    authorizerFunctionArn='string',
    tokenKeyName='string',
    tokenSigningPublicKeys={
        'string': 'string'
    },
    status='ACTIVE'|'INACTIVE',
    tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    signingDisabled=True|False,
    enableCachingForHttp=True|False
)
Parameters:

  • authorizerName (string) –

    [REQUIRED]

    The authorizer name.

  • authorizerFunctionArn (string) –

    [REQUIRED]

    The ARN of the authorizer’s Lambda function.

  • tokenKeyName (string) – The name of the token key used to extract the token from the HTTP headers.

  • tokenSigningPublicKeys (dict) –

    The public keys used to verify the digital signature returned by your custom authentication service.

    • (string) –

      • (string) –

  • status (string) – The status of the create authorizer request.

  • tags (list) –

    Metadata which can be used to manage the custom authorizer.

    Note

    For URI Request parameters use format: …key1=value1&key2=value2…

    For the CLI command-line parameter use format: &&tags “key1=value1&key2=value2…”

    For the cli-input-json file use format: “tags”: “key1=value1&key2=value2…”

    • (dict) –

      A set of key/value pairs that are used to manage the resource.

      • Key (string) – [REQUIRED]

        The tag’s key.

      • Value (string) –

        The tag’s value.

  • signingDisabled (boolean) – Specifies whether IoT validates the token signature in an authorization request.

  • enableCachingForHttp (boolean) –

    When true , the result from the authorizer’s Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds . This value does not affect authorization of clients that use MQTT connections.

    The default value is false .

Return type:

dict

Returns:

Response Syntax

{
    'authorizerName': 'string',
    'authorizerArn': 'string'
}

Response Structure

  • (dict) –

    • authorizerName (string) –

      The authorizer’s name.

    • authorizerArn (string) –

      The authorizer ARN.

Exceptions

  • IoT.Client.exceptions.ResourceAlreadyExistsException

  • IoT.Client.exceptions.InvalidRequestException

  • IoT.Client.exceptions.LimitExceededException

  • IoT.Client.exceptions.ThrottlingException

  • IoT.Client.exceptions.UnauthorizedException

  • IoT.Client.exceptions.ServiceUnavailableException

  • IoT.Client.exceptions.InternalFailureException