I have a lambda function with an authorizer sitting within an API gateway.
I notice that when I call the lambda function, on the first request the authorizer is invoked as expected, authorization passes, IAM role is assumed and grants access to the lambda function.
However, on subsequent requests, the authorizer is not invoked.
I assume this is due to authorization caching.
However, in the AWS console, in API gateway > Authorizers the authorizer has the following configuration:
Authorizer ID: iiii2l
Lambda Function
foo-authorizerV1-dev-authorizer (eu-west-1)
Lambda Invoke Role
arn:aws:iam::0000000:role/foo-authorizerV1-dev-AuthorizerRole-AAAAAAA
Lambda Event Payload
Request
Identity Sources
deviceID (header)
Authorization Caching
Authorization not cached
I would have thought Authorization Caching being set to Authorization not cached would mean that the authorizer would be invoked on every request.
Am I missing something here?
If caching is not enabled then API Gateway will call the authorizer on each request.
If you've made a change to the API Gateway in the console but haven't yet deployed the API it might seem like you have one thing configuration but behavior for another. I would check that the current configuration is deployed and retest.