In AWS i need to access a lambda function only if you send a signed client certificate but also access the certificate information (Common Name mostly) in the lambda function.
I have followed the below blog post from AWS that allows you to secure with mTLS your API Gateway. The certificates are self-signed by a CA that was created by me and everything works fine, i can access my lambda function only if i send the correct certificates signed by the CA
Now, the client certificate has the CN information in it and i want this information to be passed into my lambda function. Unfortunately i wasn't able to find how can i do this, neither with lambda authorizers nor with any other way so far.
Does anyone know a way to do this or has an example of doing it?
One option would be to write your own Lambda Authorizer. Assuming the data you need is in the lambda authorizer payload described in the blog post you linked, you can pass values down into your lambda via the "context" object, see (https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html). The values will be in the Lambda event here: event.requestContext.authorizer.