403 forbidden from AWS

I have completed the Notes App tutorial on https://serverless-stack.com (the only change being that I am connecting to a MongoDB).
The Notes App was created by using the infrastructure ymls in Resources.
Everything is working.

I then decided to alter the serverless.yml and add back in the supplied ‘hello’ api (including adding the handler.js to the project).
This API simply returns a ‘hello’ message.
With that done I then executed $serverless deploy —stage dev
The Notes app continues to work.

Executing the ‘hello’ API in the Amazon API Gateway gives 200, ok.
When I run an ‘npx aws-api-gateway-cli-test’ with the ‘—path-template=‘/hello’’ it gives me a ’403 forbidden’.
When I run ‘npx aws-api-gateway-cli-test’ with the ‘—path-template=‘/notes’’ it gives me 200, ok.

I don’t understand why the call to ‘hello’ is 403 forbidden?

Aside: the reason I added the supplied ‘hello’ API back in is because I have also set up a new project (in the same way as the Notes app) that is having the same issue - I can’t call any of this new project’s APIs (which I have written ) as they all give ’403 forbidden’.

Here is the ‘hello’ API as defined in the serverless.yml:

handler: handler.hello
- http:
path: hello
method: get
authorizer: aws_iam

The only other difference from the tutorial is that as I am not connecting to Dynamo I don’t have any iamRoleStatements defined in the serverless.yml.

Any help greatly appreciated as I completely new to this. Thanks.

I would suggest confirming that the endpoint the test is calling is correct as API gateway will often return 403 when the path is invalid as, technically, you aren’t allowed to access any other path but those you’ve created.

‘npx aws-api-gateway-cli-test’ is being called with --path-template=’/hello’.
‘npx aws-api-gateway-cli-test’ defaults to GET.
The --invoke-url=‘https://“ID”.execute-api.us-east-2.amazonaws.com/dev’ looks ok too.
The path is defined in serverless.yml as ‘hello’ with a method of GET.
The handler is called handler.js and contains a function called hello (as supplied by the tutorial).
Checking in API Gateway > Stages > dev the Invoke URL is given as https://“ID”.execute-api.us-east-2.amazonaws.com/dev/hello.
(In both cases “ID” is replaced with the correct matching ID without quotes)