Closed
Description
Use case
I'm working on a project that integrates AWS Transfer Family with Custom Identity Providers like: Auth0, Okta and others. To make this possible, you should have a Lambda in the middle that will receive the event from Transfer Family and then you do whatever logic you need to authenticate or not the client.
Payload
The payload looks like this, the only thing special about this payload is because the password cannot be sent if the user is authenticating using public keys, so, must make it optional.
{
"username": "value",
"password": "value",
"protocol": "SFTP",
"serverId": "s-abcd123456",
"sourceIp": "192.168.0.100"
}Response
In order to authenticate the customer or not, the Lambda must reply a json like this:
{
"Role":"arn:aws:iam::123456789012:role/example-role",
"PosixProfile":{
"Gid":1000,
"Uid":5000
},
"HomeDirectoryDetails":[
{
"Entry":"/home/jsmith",
"Target":"/efs/users/jsmith"
}
],
"HomeDirectoryType":"LOGICAL"
}This feature request must create a factory to facilitate the response of this authentication.
Solution/User Experience
from aws_lambda_powertools.utilities.data_classes import event_source, AWSTransferFamily
@event_source(data_class=AWSTransferFamily)
def lambda_handler(event: AWSTransferFamily, context):
if event.username == 'blablabla' and event.password == 'valid':
return event.build_response(role='', gid=''....)Alternative solutions
Acknowledgment
- This feature request meets Powertools for AWS Lambda (Python) Tenets
- Should this be considered in other Powertools for AWS Lambda languages? i.e. Java, TypeScript, and .NET
Metadata
Metadata
Assignees
Type
Projects
Status
Shipped