Hello,
I am new to serverless and would like to have an idea what ResourcePolicy is supposed to do. I have in one of my project the below lines what is it supposed to do? What does the execute api permission do? My understanding says that every lambda is behind the api, so what is the below permission executing? Is execute-api permission about calling the resources on the api gateway?
resourcePolicy:
- Effect: Allow
Principal:
AWS:
- “MY_OWN_ID”
Action:
- execute-api:Invoke
Resource:
- arn:aws:execute-api:#{AWS::Region}:#{AWS::AccountId}:{self:custom.app_id}/{self:provider.stage}//
I also have the below permission under
IamRoleStatements:
- Effect: Allow
Action:
- lambda:InvokeFunction
Resource:
- arn:aws:lambda:#{AWS::Region}:#{AWS::AccountId}:function:${self:custom.serverless-aws-resource-names.variables.functionPrefix}_*