pietarinen
commented
8 months ago - succesfully implemented OPA as a Custom-Lambda-authorizer in AWS Api Gateway
- in the test-environment, a test-API is configured to require Authorization and an API-Key
- OPA, running as a Lambda function (written in GO), validates the incoming request based on an OPA policy (written in Rego) and permission data (json).
- succesfully authorized request gets as a response an IAM-policy allowing the execution of the API & an API-Key.
- TODO: a central database for all OPA-policies and API-Keys?