How can you create an IAM policy with execute-api:Invoke action for the API endpoint created by Serverless

Nosajool · November 27, 2017, 7:16pm

Suppose I want to create a policy that gives the execute-api:Invoke action permission to a role. What do I put as the {?} in order to reference the API created by serverless deploy :

          - PolicyName: invoke-api-gateway
            PolicyDocument:
              Version: '2012-10-17'
              Statement:
                - Effect: Allow
                  Action:
                    - execute-api:Invoke
                  Resource:
                    - Ref: {?}

Nosajool · November 27, 2017, 9:45pm

This seems to work:

Resource: { "Fn::Join" : ["", ["arn:aws:execute-api:",{"Ref":"AWS::Region"},":",{"Ref":"AWS::AccountId"},":",{"Ref":"ApiGatewayRestApi"},"/*"]]}

Topic		Replies	Views
API Gateway Policy in deployment/service account Serverless Framework aws	0	590	May 16, 2018
Pass Lambda Invoke Role through the serverless.yml file Serverless Framework aws , lambda , api-gateway	0	600	March 25, 2021
Enable APIGateway log from Serverless framework lead to create new Custome IAM Role and CustomeLambda for this Serverless Framework	0	406	February 25, 2022
How to create AWS API Gateway Resource Policy section by using serverless framework Serverless Framework	2	1714	October 25, 2018
API Gateway Resource Policy Serverless Framework	3	6653	June 14, 2018

How can you create an IAM policy with execute-api:Invoke action for the API endpoint created by Serverless

Related Topics