I have configured my api gateway to authorize via IAM and that works just fine. In my backend application (nodejs/elasticbealstalk) I would like to know which user the aws signature belongs to so I can implement conditional logic. Is that possible?
I am aware that I can parse the access token and invoke list users (then iterate until a match if found) using the AWS SDK. Is there a better way?
This is available in
$context.identity.useras mentioned in the documentation. You can just pass this in the request payload by using a mapping template or pass it as a parameter as mentioned here