Events RequestContext missing certificate information for new API Gateway mTLS functionality #337
Comments
|
Certificate information is now present in struct information from APIGatewayCustomAuthorizerRequestTypeRequestIdentity and APIGatewayV2HTTPRequestContext. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
API Gateway now includes the ability to use mTLS (Mutual TLS) and provides the PEM for the client certificate presented to the Gateway to the Custom Authorizer so additional checks can be considered before authorization. As of v1.20.0 the Events Structs do not include this new information.
Request to add struct information to APIGatewayCustomAuthorizerRequestTypeRequestIdentity and APIGatewayV2HTTPRequestContext so it can be used for CRL checks and other validation on the request prior to authorization.
I have been able to test the addition of this information to the Events APIGatewayCustomAuthorizerRequestTypeRequestIdentity struct definitions and will be submitting a pull request as soon as I can test the APIGatewayV2HTTPRequestContext changes as well.
Information about the new context information can be found at the announcement link bellow.
https://aws.amazon.com/blogs/compute/introducing-mutual-tls-authentication-for-amazon-api-gateway/
The text was updated successfully, but these errors were encountered: