IoT / Client / create_authorizer

create_authorizer#

IoT.Client.create_authorizer(**kwargs)#

Creates an authorizer.

Requires permission to access the CreateAuthorizer action.

See also: AWS API Documentation

Request Syntax

response = client.create_authorizer(
    authorizerName='string',
    authorizerFunctionArn='string',
    tokenKeyName='string',
    tokenSigningPublicKeys={
        'string': 'string'
    },
    status='ACTIVE'|'INACTIVE',
    tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    signingDisabled=True|False,
    enableCachingForHttp=True|False
)
Parameters:

  • authorizerName (string) –

    [REQUIRED]

    The authorizer name.

  • authorizerFunctionArn (string) –

    [REQUIRED]

    The ARN of the authorizer’s Lambda function.

  • tokenKeyName (string) – The name of the token key used to extract the token from the HTTP headers.

  • tokenSigningPublicKeys (dict) –

    The public keys used to verify the digital signature returned by your custom authentication service.

    • (string) –

      • (string) –

  • status (string) – The status of the create authorizer request.

  • tags (list) –

    Metadata which can be used to manage the custom authorizer.

    Note

    For URI Request parameters use format: …key1=value1&key2=value2…

    For the CLI command-line parameter use format: &&tags “key1=value1&key2=value2…”

    For the cli-input-json file use format: “tags”: “key1=value1&key2=value2…”

    • (dict) –

      A set of key/value pairs that are used to manage the resource.

      • Key (string) – [REQUIRED]

        The tag’s key.

      • Value (string) –

        The tag’s value.

  • signingDisabled (boolean) – Specifies whether IoT validates the token signature in an authorization request.

  • enableCachingForHttp (boolean) –

    When true, the result from the authorizer’s Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in refreshAfterInSeconds. This value does not affect authorization of clients that use MQTT connections.

    The default value is false.

Return type:

dict

Returns:

Response Syntax

{
    'authorizerName': 'string',
    'authorizerArn': 'string'
}

Response Structure

  • (dict) –

    • authorizerName (string) –

      The authorizer’s name.

    • authorizerArn (string) –

      The authorizer ARN.

Exceptions

  • IoT.Client.exceptions.ResourceAlreadyExistsException

  • IoT.Client.exceptions.InvalidRequestException

  • IoT.Client.exceptions.LimitExceededException

  • IoT.Client.exceptions.ThrottlingException

  • IoT.Client.exceptions.UnauthorizedException

  • IoT.Client.exceptions.ServiceUnavailableException

  • IoT.Client.exceptions.InternalFailureException