Authenticate Lambda Requests with ALB and Google OAuth: Part 2

Authenticate Lambda requests with an Application Load Balancer with Infrastructure as Code.

General Architecture

This article is the second part of a series that explains how to build an AWS application that authenticates requests to its Lambda services by using an Application Load Balancer (ALB). The goal of this application is to authenticate Lambda requests with an HTTPS ALB instead of API Gateway using an Infrastructure as Code (IaC) approach. You can follow along with the code in this tutorial by cloning this repository.

In a previous article, we registered a domain name through Route53, created a valid TLS/SSL certificate for that domain, and built an OpenID Connect-compliant authorization client (Google’s OAuth). In this article, we will use those components along with the serverless framework to build the rest of our application.

If you didn’t follow along with the last article but have those three things, this tutorial is for you. It’s worth noting that any OpenID Connect (OIDC) compliant identity provider will work for this example — you’ll just need the Client ID and Client Secret.

In this tutorial, we will create an HTTPS Application Load Balancer that will authenticate requests made to Lambda services (much…