From af8251017bd0cd09df5ae25a0eb2cfde29860ff8 Mon Sep 17 00:00:00 2001 From: Roger Zhang Date: Fri, 10 Apr 2026 15:33:13 -0700 Subject: [PATCH] fix: improve misleading authorizer log message for non-Lambda authorizers When an HttpApi uses AWS_IAM as DefaultAuthorizer, the log incorrectly shows 'authorizer None is unsupported or not found'. This fixes the log to use the actual authorizer name and differentiates known non-Lambda authorizers from truly missing ones. Fixes #7750 --- samcli/lib/providers/api_collector.py | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/samcli/lib/providers/api_collector.py b/samcli/lib/providers/api_collector.py index 8c01c6fb084..3c71bbcf075 100644 --- a/samcli/lib/providers/api_collector.py +++ b/samcli/lib/providers/api_collector.py @@ -17,6 +17,9 @@ class ApiCollector: + # Authorizer types that are valid but not Lambda-based, so cannot be emulated locally + _NON_LAMBDA_AUTHORIZERS = {"AWS_IAM", "NONE"} + def __init__(self) -> None: # Route properties stored per resource. self._route_per_resource: Dict[str, List[Route]] = defaultdict(list) @@ -108,11 +111,19 @@ def _link_authorizers(self) -> None: continue if not authorizer_object and authorizer_name_lookup: - LOG.info( - "Linking authorizer skipped for route '%s', authorizer '%s' is unsupported or not found", - route.path, - route.authorizer_name, - ) + if authorizer_name_lookup in self._NON_LAMBDA_AUTHORIZERS: + LOG.info( + "Authorizer '%s' for route '%s' is not supported for local emulation," + " requests will not be authorized", + authorizer_name_lookup, + route.path, + ) + else: + LOG.warning( + "Authorizer '%s' for route '%s' was not found, skipping", + authorizer_name_lookup, + route.path, + ) route.authorizer_name = None