feat(apigatewayv2): http api - default authorizer options

packages/@aws-cdk/aws-apigatewayv2-authorizers/README.md

@@ -28,6 +28,37 @@ classified into Lambda Authorizers, JWT authorizers and standard AWS IAM roles a
 available at [Controlling and managing access to an HTTP
 API](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-access-control.html).
 
+Authorizers, and scopes can either be applied to the Gateway (applied to all routes) or specifically for each route.
+
+The example below applies the authorizer to all routes.
+
+```ts
+const authorizer = new HttpJwtAuthorizer({
+  jwtAudience: ['3131231'],
+  jwtIssuer: 'https://test.us.auth0.com',
+});
+
+const api = new HttpApi(stack, 'HttpApi', {
+  defaultAuthorizer: authorizer,
+  defaultAuthorizationScopes: ['read:books']
+});
+
+api.addRoutes({
+  integration: new HttpProxyIntegration({
+    url: 'https://add-books-proxy.myproxy.internal',
+  }),
+  path: '/books', // This route will inherit the authorizer and scopes from the gateway
+});
+
+api.addRoutes({
+  integration: new HttpProxyIntegration({
+    url: 'https://get-books-proxy.myproxy.internal',
+  }),
+  path: '/books', 
+  authorizer: new NoneAuthorizer(), // This route will remove the default authorizer from the gateway
+});
+```
+
 ## JWT Authorizers
 
 JWT authorizers allow the use of JSON Web Tokens (JWTs) as part of [OpenID Connect](https://openid.net/specs/openid-connect-core-1_0.html) and [OAuth 2.0](https://oauth.net/2/) frameworks to allow and restrict clients from accessing HTTP APIs.

packages/@aws-cdk/aws-apigatewayv2-authorizers/test/http/integ.user-pool.expected.json

@@ -54,14 +54,29 @@
         }
       }
     },
+    "MyHttpApiGETHttpIntegration6f095b8469365f72e33fa33d9711b140516EBE31": {
+      "Type": "AWS::ApiGatewayV2::Integration",
+      "Properties": {
+        "ApiId": {
+          "Ref": "MyHttpApi8AEAAC21"
+        },
+        "IntegrationType": "AWS_PROXY",
+        "IntegrationUri": {
+          "Fn::GetAtt": [
+            "lambda8B5974B5",
+            "Arn"
+          ]
+        },
+        "PayloadFormatVersion": "2.0"
+      }
+    },
     "MyHttpApiGETE0EFC6F8": {
       "Type": "AWS::ApiGatewayV2::Route",
       "Properties": {
         "ApiId": {
           "Ref": "MyHttpApi8AEAAC21"
         },
         "RouteKey": "GET /",
-        "AuthorizationScopes": [],
         "AuthorizationType": "JWT",
         "AuthorizerId": {
           "Ref": "MyHttpApiUserPoolAuthorizer8754262B"
@@ -79,22 +94,6 @@
         }
       }
     },
-    "MyHttpApiGETHttpIntegration6f095b8469365f72e33fa33d9711b140516EBE31": {
-      "Type": "AWS::ApiGatewayV2::Integration",
-      "Properties": {
-        "ApiId": {
-          "Ref": "MyHttpApi8AEAAC21"
-        },
-        "IntegrationType": "AWS_PROXY",
-        "IntegrationUri": {
-          "Fn::GetAtt": [
-            "lambda8B5974B5",
-            "Arn"
-          ]
-        },
-        "PayloadFormatVersion": "2.0"
-      }
-    },
     "MyHttpApiUserPoolAuthorizer8754262B": {
       "Type": "AWS::ApiGatewayV2::Authorizer",
       "Properties": {

packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/integ.alb.expected.json

@@ -608,14 +608,31 @@
         "ProtocolType": "HTTP"
       }
     },
+    "HttpProxyPrivateApiDefaultRouteHttpIntegration1a580b19954e4317026ffbce1f7d5ade7A32685B": {
+      "Type": "AWS::ApiGatewayV2::Integration",
+      "Properties": {
+        "ApiId": {
+          "Ref": "HttpProxyPrivateApiA55E154D"
+        },
+        "IntegrationType": "HTTP_PROXY",
+        "ConnectionId": {
+          "Ref": "HttpProxyPrivateApiVpcLink190366CAE"
+        },
+        "ConnectionType": "VPC_LINK",
+        "IntegrationMethod": "ANY",
+        "IntegrationUri": {
+          "Ref": "lblistener657ADDEC"
+        },
+        "PayloadFormatVersion": "1.0"
+      }
+    },
     "HttpProxyPrivateApiDefaultRoute1BDCA252": {
       "Type": "AWS::ApiGatewayV2::Route",
       "Properties": {
         "ApiId": {
           "Ref": "HttpProxyPrivateApiA55E154D"
         },
         "RouteKey": "$default",
-        "AuthorizationScopes": [],
         "Target": {
           "Fn::Join": [
             "",
@@ -647,24 +664,6 @@
         "SecurityGroupIds": []
       }
     },
-    "HttpProxyPrivateApiDefaultRouteHttpIntegration1a580b19954e4317026ffbce1f7d5ade7A32685B": {
-      "Type": "AWS::ApiGatewayV2::Integration",
-      "Properties": {
-        "ApiId": {
-          "Ref": "HttpProxyPrivateApiA55E154D"
-        },
-        "IntegrationType": "HTTP_PROXY",
-        "ConnectionId": {
-          "Ref": "HttpProxyPrivateApiVpcLink190366CAE"
-        },
-        "ConnectionType": "VPC_LINK",
-        "IntegrationMethod": "ANY",
-        "IntegrationUri": {
-          "Ref": "lblistener657ADDEC"
-        },
-        "PayloadFormatVersion": "1.0"
-      }
-    },
     "HttpProxyPrivateApiDefaultStage18B3706E": {
       "Type": "AWS::ApiGatewayV2::Stage",
       "Properties": {

packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/integ.http-proxy.expected.json

@@ -94,14 +94,29 @@
         }
       }
     },
+    "LambdaProxyApiDefaultRouteHttpIntegration70df0ec52c3e3b6bbc96e64ce3a05f24EE575CBA": {
+      "Type": "AWS::ApiGatewayV2::Integration",
+      "Properties": {
+        "ApiId": {
+          "Ref": "LambdaProxyApi67594471"
+        },
+        "IntegrationType": "AWS_PROXY",
+        "IntegrationUri": {
+          "Fn::GetAtt": [
+            "AlwaysSuccess099EAB05",
+            "Arn"
+          ]
+        },
+        "PayloadFormatVersion": "2.0"
+      }
+    },
     "LambdaProxyApiDefaultRoute1EB30A46": {
       "Type": "AWS::ApiGatewayV2::Route",
       "Properties": {
         "ApiId": {
           "Ref": "LambdaProxyApi67594471"
         },
         "RouteKey": "$default",
-        "AuthorizationScopes": [],
         "Target": {
           "Fn::Join": [
             "",
@@ -115,22 +130,6 @@
         }
       }
     },
-    "LambdaProxyApiDefaultRouteHttpIntegration70df0ec52c3e3b6bbc96e64ce3a05f24EE575CBA": {
-      "Type": "AWS::ApiGatewayV2::Integration",
-      "Properties": {
-        "ApiId": {
-          "Ref": "LambdaProxyApi67594471"
-        },
-        "IntegrationType": "AWS_PROXY",
-        "IntegrationUri": {
-          "Fn::GetAtt": [
-            "AlwaysSuccess099EAB05",
-            "Arn"
-          ]
-        },
-        "PayloadFormatVersion": "2.0"
-      }
-    },
     "LambdaProxyApiDefaultStage07C38681": {
       "Type": "AWS::ApiGatewayV2::Stage",
       "Properties": {
@@ -148,27 +147,6 @@
         "ProtocolType": "HTTP"
       }
     },
-    "HttpProxyApiDefaultRoute8AF66B5C": {
-      "Type": "AWS::ApiGatewayV2::Route",
-      "Properties": {
-        "ApiId": {
-          "Ref": "HttpProxyApiD0217C67"
-        },
-        "RouteKey": "$default",
-        "AuthorizationScopes": [],
-        "Target": {
-          "Fn::Join": [
-            "",
-            [
-              "integrations/",
-              {
-                "Ref": "HttpProxyApiDefaultRouteHttpIntegration8eeecf9ecdb91f31bebf6bd54fb711a41921AB82"
-              }
-            ]
-          ]
-        }
-      }
-    },
     "HttpProxyApiDefaultRouteHttpIntegration8eeecf9ecdb91f31bebf6bd54fb711a41921AB82": {
       "Type": "AWS::ApiGatewayV2::Integration",
       "Properties": {
@@ -200,6 +178,26 @@
         "PayloadFormatVersion": "1.0"
       }
     },
+    "HttpProxyApiDefaultRoute8AF66B5C": {
+      "Type": "AWS::ApiGatewayV2::Route",
+      "Properties": {
+        "ApiId": {
+          "Ref": "HttpProxyApiD0217C67"
+        },
+        "RouteKey": "$default",
+        "Target": {
+          "Fn::Join": [
+            "",
+            [
+              "integrations/",
+              {
+                "Ref": "HttpProxyApiDefaultRouteHttpIntegration8eeecf9ecdb91f31bebf6bd54fb711a41921AB82"
+              }
+            ]
+          ]
+        }
+      }
+    },
     "HttpProxyApiDefaultStageA88F9DE3": {
       "Type": "AWS::ApiGatewayV2::Stage",
       "Properties": {

packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/integ.lambda-proxy.expected.json

@@ -94,14 +94,29 @@
         }
       }
     },
+    "LambdaProxyApiDefaultRouteHttpIntegration70df0ec52c3e3b6bbc96e64ce3a05f24EE575CBA": {
+      "Type": "AWS::ApiGatewayV2::Integration",
+      "Properties": {
+        "ApiId": {
+          "Ref": "LambdaProxyApi67594471"
+        },
+        "IntegrationType": "AWS_PROXY",
+        "IntegrationUri": {
+          "Fn::GetAtt": [
+            "AlwaysSuccess099EAB05",
+            "Arn"
+          ]
+        },
+        "PayloadFormatVersion": "2.0"
+      }
+    },
     "LambdaProxyApiDefaultRoute1EB30A46": {
       "Type": "AWS::ApiGatewayV2::Route",
       "Properties": {
         "ApiId": {
           "Ref": "LambdaProxyApi67594471"
         },
         "RouteKey": "$default",
-        "AuthorizationScopes": [],
         "Target": {
           "Fn::Join": [
             "",
@@ -115,22 +130,6 @@
         }
       }
     },
-    "LambdaProxyApiDefaultRouteHttpIntegration70df0ec52c3e3b6bbc96e64ce3a05f24EE575CBA": {
-      "Type": "AWS::ApiGatewayV2::Integration",
-      "Properties": {
-        "ApiId": {
-          "Ref": "LambdaProxyApi67594471"
-        },
-        "IntegrationType": "AWS_PROXY",
-        "IntegrationUri": {
-          "Fn::GetAtt": [
-            "AlwaysSuccess099EAB05",
-            "Arn"
-          ]
-        },
-        "PayloadFormatVersion": "2.0"
-      }
-    },
     "LambdaProxyApiDefaultStage07C38681": {
       "Type": "AWS::ApiGatewayV2::Stage",
       "Properties": {

packages/@aws-cdk/aws-apigatewayv2-integrations/test/http/integ.nlb.expected.json

@@ -573,14 +573,31 @@
         "ProtocolType": "HTTP"
       }
     },
+    "HttpProxyPrivateApiDefaultRouteHttpIntegration1a580b19954e4317026ffbce1f7d5ade7A32685B": {
+      "Type": "AWS::ApiGatewayV2::Integration",
+      "Properties": {
+        "ApiId": {
+          "Ref": "HttpProxyPrivateApiA55E154D"
+        },
+        "IntegrationType": "HTTP_PROXY",
+        "ConnectionId": {
+          "Ref": "HttpProxyPrivateApiVpcLink190366CAE"
+        },
+        "ConnectionType": "VPC_LINK",
+        "IntegrationMethod": "ANY",
+        "IntegrationUri": {
+          "Ref": "lblistener657ADDEC"
+        },
+        "PayloadFormatVersion": "1.0"
+      }
+    },
     "HttpProxyPrivateApiDefaultRoute1BDCA252": {
       "Type": "AWS::ApiGatewayV2::Route",
       "Properties": {
         "ApiId": {
           "Ref": "HttpProxyPrivateApiA55E154D"
         },
         "RouteKey": "$default",
-        "AuthorizationScopes": [],
         "Target": {
           "Fn::Join": [
             "",
@@ -612,24 +629,6 @@
         "SecurityGroupIds": []
       }
     },
-    "HttpProxyPrivateApiDefaultRouteHttpIntegration1a580b19954e4317026ffbce1f7d5ade7A32685B": {
-      "Type": "AWS::ApiGatewayV2::Integration",
-      "Properties": {
-        "ApiId": {
-          "Ref": "HttpProxyPrivateApiA55E154D"
-        },
-        "IntegrationType": "HTTP_PROXY",
-        "ConnectionId": {
-          "Ref": "HttpProxyPrivateApiVpcLink190366CAE"
-        },
-        "ConnectionType": "VPC_LINK",
-        "IntegrationMethod": "ANY",
-        "IntegrationUri": {
-          "Ref": "lblistener657ADDEC"
-        },
-        "PayloadFormatVersion": "1.0"
-      }
-    },
     "HttpProxyPrivateApiDefaultStage18B3706E": {
       "Type": "AWS::ApiGatewayV2::Stage",
       "Properties": {