Add support for externally managed websocket event authorizers #12344
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Externally managed authorizers (like cross account) for a Websocket $connect route seems to create an invalid permission, causing deployment to fail. I found out that this is the case because although the documentation seems to suggest that cross-account lambda authorizers are supported with websocket, they currently aren't. The code always creates permissions instead of skipping them as is done with http api.
This small PR adds code to not generate a warning anymore when you use "managedExternally" in "authorizers" since it exists now as well as code to detect that property and skip creating permissions. It also adds a documentation update to reflect that this is supported now more clearly.
I tried my best to follow CONTRIBUTING.md. If I did something wrong please let me know. I thought that this bug fix was simple enough to not warrant an issue. I consider it a bug fix because the documentation seems to imply that this is normally possible, but it wasn't:
I ran
npm run prettify:update
to only prettify the changed code, andnpm run lint
.Oh, btw, I ran
npm test
and saw a bunch of output saying that certain tests were skipped due to not being able to create symlinks because no admin privileges. I actually work on a Win11 machine, and so admin privileges are no longer needed with Windows 11. This article also claims this to be true: https://www.howtogeek.com/16226/complete-guide-to-symbolic-links-symlinks-on-windows-or-linux/So I'm guessing those tests do something like
if ANY_WINDOWS && NO_ADMIN_PRIVS
and just give up when those are true at the same time.