AccessDeniedException using REST API alongside AppSync

[johnEthicalTechnology]

Before opening, please confirm:

• [X] I have searched for duplicate or closed issues and discussions.
• [X] I have read the guide for submitting bug reports.
• [X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

JavaScript Framework

React

Amplify APIs

Authentication, REST API, GraphQL API, Storage

Amplify Categories

auth, storage, function, api

Environment information

``` # Put output below this line System: OS: macOS 11.4 CPU: (8) x64 Intel(R) Core(TM) i7-4770HQ CPU @ 2.20GHz Memory: 134.23 MB / 16.00 GB Shell: 5.8 - /bin/zsh Binaries: Node: 16.6.2 - /usr/local/bin/node Yarn: 1.22.11 - /usr/local/bin/yarn npm: 7.20.3 - /usr/local/bin/npm Browsers: Chrome: 93.0.4577.63 Firefox Developer Edition: 93.0 Safari: 14.1.1 npmPackages: @aws-amplify/ui-react: ^1.2.15 => 1.2.15 @testing-library/jest-dom: ^5.14.1 => 5.14.1 @testing-library/react: ^12.0.0 => 12.0.0 @testing-library/user-event: ^13.2.1 => 13.2.1 @types/jest: ^27.0.1 => 27.0.1 @types/node: ^16.9.0 => 16.9.0 @types/react: ^17.0.20 => 17.0.20 @types/react-dom: ^17.0.9 => 17.0.9 @types/react-router-bootstrap: ^0.24.5 => 0.24.5 @types/react-router-dom: ^5.1.8 => 5.1.8 aeccGlobalZohoCrmDbResolver: file:amplify/backend/function/aeccGlobalZohoCrmDbResolver/src => 2.0.0 aws-amplify: ^4.2.9 => 4.2.9 collectBetterRevalidateUpdatedCourse: file:amplify/backend/function/collectBetterRevalidateUpdatedCourse/src => 2.0.0 collectBetterS3Trigger: file:amplify/backend/function/collectBetterS3Trigger/src => 2.0.0 eslint-config-react-app: ^6.0.0 => 6.0.0 react: ^17.0.2 => 17.0.2 react-bootstrap: ^1.6.3 => 1.6.3 react-bootstrap/AbstractNav: undefined () react-bootstrap/AbstractNavItem: undefined () react-bootstrap/Accordion: undefined () react-bootstrap/AccordionCollapse: undefined () react-bootstrap/AccordionContext: undefined () react-bootstrap/AccordionToggle: undefined () react-bootstrap/Alert: undefined () react-bootstrap/Badge: undefined () react-bootstrap/BootstrapModalManager: undefined () react-bootstrap/Breadcrumb: undefined () react-bootstrap/BreadcrumbItem: undefined () react-bootstrap/Button: undefined () react-bootstrap/ButtonGroup: undefined () react-bootstrap/ButtonToolbar: undefined () react-bootstrap/Card: undefined () react-bootstrap/CardColumns: undefined () react-bootstrap/CardContext: undefined () react-bootstrap/CardDeck: undefined () react-bootstrap/CardGroup: undefined () react-bootstrap/CardImg: undefined () react-bootstrap/Carousel: undefined () react-bootstrap/CarouselCaption: undefined () react-bootstrap/CarouselItem: undefined () react-bootstrap/CloseButton: undefined () react-bootstrap/Col: undefined () react-bootstrap/Collapse: undefined () react-bootstrap/Container: undefined () react-bootstrap/Dropdown: undefined () react-bootstrap/DropdownButton: undefined () react-bootstrap/DropdownItem: undefined () react-bootstrap/DropdownMenu: undefined () react-bootstrap/DropdownToggle: undefined () react-bootstrap/ElementChildren: undefined () react-bootstrap/Fade: undefined () react-bootstrap/Feedback: undefined () react-bootstrap/Figure: undefined () react-bootstrap/FigureCaption: undefined () react-bootstrap/FigureImage: undefined () react-bootstrap/Form: undefined () react-bootstrap/FormCheck: undefined () react-bootstrap/FormCheckInput: undefined () react-bootstrap/FormCheckLabel: undefined () react-bootstrap/FormContext: undefined () react-bootstrap/FormControl: undefined () react-bootstrap/FormFile: undefined () react-bootstrap/FormFileInput: undefined () react-bootstrap/FormFileLabel: undefined () react-bootstrap/FormGroup: undefined () react-bootstrap/FormLabel: undefined () react-bootstrap/FormText: undefined () react-bootstrap/Image: undefined () react-bootstrap/InputGroup: undefined () react-bootstrap/Jumbotron: undefined () react-bootstrap/ListGroup: undefined () react-bootstrap/ListGroupItem: undefined () react-bootstrap/Media: undefined () react-bootstrap/Modal: undefined () react-bootstrap/ModalBody: undefined () react-bootstrap/ModalContext: undefined () react-bootstrap/ModalDialog: undefined () react-bootstrap/ModalFooter: undefined () react-bootstrap/ModalHeader: undefined () react-bootstrap/ModalTitle: undefined () react-bootstrap/Nav: undefined () react-bootstrap/NavContext: undefined () react-bootstrap/NavDropdown: undefined () react-bootstrap/NavItem: undefined () react-bootstrap/NavLink: undefined () react-bootstrap/Navbar: undefined () react-bootstrap/NavbarBrand: undefined () react-bootstrap/NavbarCollapse: undefined () react-bootstrap/NavbarContext: undefined () react-bootstrap/NavbarToggle: undefined () react-bootstrap/Overlay: undefined () react-bootstrap/OverlayTrigger: undefined () react-bootstrap/PageItem: undefined () react-bootstrap/Pagination: undefined () react-bootstrap/Popover: undefined () react-bootstrap/PopoverContent: undefined () react-bootstrap/PopoverTitle: undefined () react-bootstrap/ProgressBar: undefined () react-bootstrap/ResponsiveEmbed: undefined () react-bootstrap/Row: undefined () react-bootstrap/SafeAnchor: undefined () react-bootstrap/SelectableContext: undefined () react-bootstrap/Spinner: undefined () react-bootstrap/SplitButton: undefined () react-bootstrap/Switch: undefined () react-bootstrap/Tab: undefined () react-bootstrap/TabContainer: undefined () react-bootstrap/TabContent: undefined () react-bootstrap/TabContext: undefined () react-bootstrap/TabPane: undefined () react-bootstrap/Table: undefined () react-bootstrap/Tabs: undefined () react-bootstrap/ThemeProvider: undefined () react-bootstrap/Toast: undefined () react-bootstrap/ToastBody: undefined () react-bootstrap/ToastContext: undefined () react-bootstrap/ToastHeader: undefined () react-bootstrap/ToggleButton: undefined () react-bootstrap/ToggleButtonGroup: undefined () react-bootstrap/Tooltip: undefined () react-bootstrap/createChainedFunction: undefined () react-bootstrap/createWithBsPrefix: undefined () react-bootstrap/divWithClassName: undefined () react-bootstrap/helpers: undefined () react-bootstrap/transitionEndListener: undefined () react-bootstrap/triggerBrowserReflow: undefined () react-bootstrap/types: undefined () react-bootstrap/usePopperMarginModifiers: undefined () react-bootstrap/useWrappedRefWithWarning: undefined () react-dom: ^17.0.2 => 17.0.2 react-icons: ^4.2.0 => 4.2.0 react-router-bootstrap: ^0.25.0 => 0.25.0 react-router-dom: ^5.3.0 => 5.3.0 react-scripts: 4.0.3 => 4.0.3 typescript: ^4.4.2 => 4.4.2 use-reducer-async: ^2.0.1 => 2.0.1 web-vitals: ^1.0.1 => 1.1.2 npmGlobalPackages: @aws-amplify/cli: 5.5.0 npm: 7.20.3 serverless: 2.29.0 vercel: 22.0.1 zoho-extension-toolkit: 0.23.11 ```

Describe the bug

I run a post request on a REST API that has been given authorization to update and I get AccessDeniedException response.

Expected behavior

I expect to receive the 'Hello from Lambda!' response.

Reproduction steps

Below is the amplify CLI commands I followed.

 amplify add api
? Please select from one of the below mentioned services: REST
? Would you like to add a new path to an existing REST API: No
? Provide a friendly name for your resource to be used as a label for this category in the project: test
? Provide a path (e.g., /book/{isbn}): /test
? Choose a Lambda source Create a new Lambda function
? Provide an AWS Lambda function name: test
? Choose the runtime that you want to use: NodeJS
? Choose the function template that you want to use: Hello World

Available advanced settings:
- Resource access permissions
- Scheduled recurring invocation
- Lambda layers configuration
- Environment variables configuration
- Secret values configuration

? Do you want to configure advanced settings? No
? Do you want to edit the local lambda function now? Yes
? Choose your default editor: Visual Studio Code
Edit the file in your editor: /Users/dea_nous/Repos/professionalProjects/aeccGlobal/collect-better/amplify/backend/function/test/src/index.js
? Press enter to continue
Successfully added resource test locally.

Next steps:
Check out sample function code generated in <project-dir>/amplify/backend/function/test/src
"amplify function build" builds all of your functions currently in the project
"amplify mock function <functionName>" runs your function locally
"amplify push" builds all of your local backend resources and provisions them in the cloud
"amplify publish" builds all of your local backend and front-end resources (if you added hosting category) and provisions them in the cloud
Succesfully added the Lambda function locally
? Restrict API access Yes
? Who should have access? Authenticated users only
? What kind of access do you want for Authenticated users? update
? Do you want to add another path? No
Successfully added resource test locally

Code Snippet

// Put your code below this line.

Log output

aws-exports.js

/* eslint-disable */
// WARNING: DO NOT EDIT. This file is automatically generated by AWS Amplify. It will be overwritten.

const awsmobile = {
    "aws_project_region": "ap-southeast-2",
    "aws_cognito_identity_pool_id": "ap-southeast-2:75fa1b07-2aa9-4e21-af41-65befba72bae",
    "aws_cognito_region": "ap-southeast-2",
    "aws_user_pools_id": "ap-southeast-2_BrQIFh0LK",
    "aws_user_pools_web_client_id": "37h40sbft279pts4emjbvgch89",
    "oauth": {},
    "aws_appsync_graphqlEndpoint": "https://ud3bzaar55etllwg6u57u3p6py.appsync-api.ap-southeast-2.amazonaws.com/graphql",
    "aws_appsync_region": "ap-southeast-2",
    "aws_appsync_authenticationType": "AMAZON_COGNITO_USER_POOLS",
    "aws_cloud_logic_custom": [
        {
            "name": "collectBetterSaveToZoho",
            "endpoint": "https://22bkmrtto8.execute-api.ap-southeast-2.amazonaws.com/dev",
            "region": "ap-southeast-2"
        },
        {
            "name": "test",
            "endpoint": "https://24cvd91uw6.execute-api.ap-southeast-2.amazonaws.com/dev",
            "region": "ap-southeast-2"
        }
    ],
    "aws_user_files_s3_bucket": "collectbetterimportedcoursesfiles140017-dev",
    "aws_user_files_s3_bucket_region": "ap-southeast-2"
};

export default awsmobile;

Manual configuration

No response

Additional configuration

{
    "UserPool": {
        "Id": "ap-southeast-2_BrQIFh0LK",
        "Name": "collectbetteree0d9a1b_userpool_ee0d9a1b-dev",
        "Policies": {
            "PasswordPolicy": {
                "MinimumLength": 8,
                "RequireUppercase": false,
                "RequireLowercase": false,
                "RequireNumbers": false,
                "RequireSymbols": false,
                "TemporaryPasswordValidityDays": 7
            }
        },
        "LambdaConfig": {},
        "LastModifiedDate": "2021-07-12T14:15:47.890000+10:00",
        "CreationDate": "2021-07-12T14:15:47.890000+10:00",
        "SchemaAttributes": [
            {
                "Name": "sub",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": false,
                "Required": true,
                "StringAttributeConstraints": {
                    "MinLength": "1",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "name",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "given_name",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "family_name",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "middle_name",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "nickname",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "preferred_username",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "profile",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "picture",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "website",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "email",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": true,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "email_verified",
                "AttributeDataType": "Boolean",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false
            },
            {
                "Name": "gender",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "birthdate",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "10",
                    "MaxLength": "10"
                }
            },
            {
                "Name": "zoneinfo",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "locale",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "phone_number",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "phone_number_verified",
                "AttributeDataType": "Boolean",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false
            },
            {
                "Name": "address",
                "AttributeDataType": "String",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "StringAttributeConstraints": {
                    "MinLength": "0",
                    "MaxLength": "2048"
                }
            },
            {
                "Name": "updated_at",
                "AttributeDataType": "Number",
                "DeveloperOnlyAttribute": false,
                "Mutable": true,
                "Required": false,
                "NumberAttributeConstraints": {
                    "MinValue": "0"
                }
            }
        ],
        "AutoVerifiedAttributes": [
            "email"
        ],
        "SmsVerificationMessage": "Your verification code is {####}",
        "EmailVerificationMessage": "Your verification code is {####}",
        "EmailVerificationSubject": "Your verification code",
        "VerificationMessageTemplate": {
            "SmsMessage": "Your verification code is {####}",
            "EmailMessage": "Your verification code is {####}",
            "EmailSubject": "Your verification code",
            "DefaultEmailOption": "CONFIRM_WITH_CODE"
        },
        "SmsAuthenticationMessage": "Your authentication code is {####}",
        "MfaConfiguration": "OFF",
        "EstimatedNumberOfUsers": 1,
        "EmailConfiguration": {
            "EmailSendingAccount": "COGNITO_DEFAULT"
        },
        "SmsConfiguration": {
            "SnsCallerArn": "arn:aws:iam::927144551035:role/snsee0d9a1b140017-dev",
            "ExternalId": "collecee0d9a1b_role_external_id"
        },
        "UserPoolTags": {},
        "AdminCreateUserConfig": {
            "AllowAdminCreateUserOnly": false,
            "UnusedAccountValidityDays": 7
        },
        "UsernameConfiguration": {
            "CaseSensitive": false
        },
        "Arn": "arn:aws:cognito-idp:ap-southeast-2:927144551035:userpool/ap-southeast-2_BrQIFh0LK"
    }
}

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

This is the response message:

XHRPOSThttps://24cvd91uw6.execute-api.ap-southeast-2.amazonaws.com/dev/test
CORS Missing Allow Origin

Message "User: arn:aws:sts::927144551035:assumed-role/amplify-collectbetter-dev-140017-authRole/CognitoIdentityCredentials is not authorized to perform: execute-api:Invoke on resource: arn:aws:execute-api:ap-southeast-2:********1035:24cvd91uw6/dev/POST/test"

This is the request and response:

XHRPOSThttps://24cvd91uw6.execute-api.ap-southeast-2.amazonaws.com/dev/test
CORS Missing Allow Origin

POST
    https://24cvd91uw6.execute-api.ap-southeast-2.amazonaws.com/dev/test
Status
403
Forbidden
VersionHTTP/2
Transferred724 B (262 B size)
Referrer Policystrict-origin-when-cross-origin

    content-length
        262
    content-type
        application/json
    date
        Mon, 13 Sep 2021 02:54:21 GMT
    via
        1.1 c71e51961956d2c084f13451959744df.cloudfront.net (CloudFront)
    x-amz-apigw-id
        FlKGtGvxSwMFyig=
    x-amz-cf-id
        jk1oCiPeyxRLB6OqjLjONa41YEmJHkXMYDT_Jwc1voGGCnY69g-Lyw==
    x-amz-cf-pop
        SYD1-C2
    x-amzn-errortype
        AccessDeniedException
    x-amzn-requestid
        f5dac693-c30b-4e1a-ba7f-829f20a3bec1
    x-cache
        Error from cloudfront
    X-Firefox-Spdy
        h2

    Accept
        application/json, text/plain, */*
    Accept-Encoding
        gzip, deflate, br
    Accept-Language
        en-US,en;q=0.5
    Authorization
        AWS4-HMAC-SHA256 Credential=ASIA5PXQ7EJ5YBY23ZYP/20210913/ap-southeast-2/execute-api/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-security-token, Signature=300d4e2d82f6ecece8b7f15dbb833bf87fbb4641db2f803bff145386792c3a20
    Cache-Control
        no-cache
    Connection
        keep-alive
    Content-Length
        15
    Content-Type
        application/json; charset=UTF-8
    DNT
        1
    Host
        24cvd91uw6.execute-api.ap-southeast-2.amazonaws.com
    Origin
        http://localhost:3000
    Pragma
        no-cache
    Referer
        http://localhost:3000/
    Sec-Fetch-Dest
        empty
    Sec-Fetch-Mode
        cors
    Sec-Fetch-Site
        cross-site
    TE
        trailers
    User-Agent
        Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:93.0) Gecko/20100101 Firefox/93.0
    x-amz-date
        20210913T025421Z
    X-Amz-Security-Token
        IQoJb3JpZ2luX2VjEMv//////////wEaDmFwLXNvdXRoZWFzdC0yIkgwRgIhAK3LpgFEwiqnsGGkmJeTI4tfduppVpaKo9tvVBeJmbBUAiEAn+kdZObc4prIT4sYpHTT6OcPb9YoD+9wOSj/WX8A2GYq4gQIJBACGgw5MjcxNDQ1NTEwMzUiDPC2r7bWS4Bzu278TCq/BHrounRjP2r7HD/P5NIiSEvFhGAfvlk/nNaQz46tcUzzEQ7k82zz+qRvjE9K05CkUAZWvBbugONGCWk7K1LVrYS0ZYTcimMyeQMS0GctQf1KXlgYy1TQdQshSpZUlfgJOu2XSlbB0rslw595aqASiZz/eDfORpTV4Pnt5tVViE0OpKufK+VNW0D/PmOe90MHuzD3mwLVT7KFoQi6DsMVFJvXQEBCpnHZd4pp+VDfGLwMyIIjBZBwEVrSI6ddIuJl/Ej+ubaKbMD1Bke173M2LvafgDslDUjtnqjKW1yfjpDZRu2TyYPcqXoX…xB7qZrHc6H1b1HnAhRu5hNr92c/B+xtr+whrqxFpIIXuCdI/ogV/j+1qvnSy+8DonKkWNXTQOIt6Qqv/Fauu79guXN7fpPCqiREDAqrGOSwwYS7L+AydyY/A5iEE1N35cKPGkwgbxtCWiRbkJjCItUPMN36+okGOoQC/cpg3Tqj6idYe01tV82/e/6E7m6S2itsUIwjdY3nNJvTwQb6i2dUkE5vUdQNBKykxi6FlCAwU+aefMyadaQoeTkSEeItfsTaY7A+W1ZpHnAPf8xAapr8AROwT/Jq38OYI8TU5/47YCWzmGS96OT81wo0A7Ac6KqFaI3MpyRsOX8nRzxiYiETN4D7aIwy3yA34vBgI4ZJPcBXePwU4u6jJkBfJ/U578Cb2i46NqTPqSe49AUzuQX1TWCqMO66kwMbmVcz6Q3lwk784IgMReo7+huotQnKeHVVsGp7R6wKHfPzXyR7V6N01yy4Aj1cuymCt+HP/qNGOHnQ6r6o69w3HnTj8mg=

This is the lambda function:

exports.handler = async event => {
  // TODO implement
  const response = {
    statusCode: 200,
    //  Uncomment below to enable CORS requests
    headers: {
      'Access-Control-Allow-Origin': '*',
      'Access-Control-Allow-Headers': '*'
    },
    body: JSON.stringify('Hello from Lambda!')
  }
  return response
}

I was also getting an InvalidSignatureException error when I was using a GET request to the API that had been set up for UPDATE and FETCH, but for this particular setup I only configured it to use UPDATE permissions. I read the following issue reports about it:

• https://github.com/aws-amplify/amplify-js/issues/3567
• https://github.com/aws-amplify/amplify-js/issues/1302
• https://github.com/aws-amplify/amplify-js/issues/69
• https://github.com/aws-amplify/amplify-js/issues/5858
• https://github.com/aws-amplify/amplify-js/pull/2631

But couldn't find anything that was helpful. I even tried to adjust the object being passed into Amplify.configure() like so as per the workaround in one of the issue reports above, but it didn't work:

{
  ...awsExports,
  aws_cognito_identity_pool_id:
    'ap-southeast-2:75fa1b07-2aa9-4e21-af41-65befba72bae',
  aws_cognito_region: 'ap-southeast-2',
  aws_user_pools_id: 'ap-southeast-2_BrQIFh0LK',
  aws_user_pools_web_client_id: '37h40sbft279pts4emjbvgch89',
  API: {
    endpoints: [
      {
        name: 'test',
        endpoint:
          'https://24cvd91uw6.execute-api.ap-southeast-2.amazonaws.com/dev',
        region: 'ap-southeast-2'
      }
    ],
    aws_appsync_graphqlEndpoint:
      'https://ud3bzaar55etllwg6u57u3p6py.appsync-api.ap-southeast-2.amazonaws.com/graphql',
    aws_appsync_region: 'ap-southeast-2',
    aws_appsync_authenticationType: 'AMAZON_COGNITO_USER_POOLS'
  }
}

[yugrinkov]

I have encountered with the same issue creating REST API through amplify app. Any updates/workarounds?

[johnEthicalTechnology]

@yugrinkov I've not tried it myself yet, but a potential work around could be a custom authorizer: https://docs.amplify.aws/lib/restapi/authz/q/platform/js/#cognito-user-pools-authorization

Actually, maybe not: https://github.com/aws-amplify/amplify-cli/issues/2679

[yugrinkov]

@johnEthicalTechnology, yes, thanks for assistance. Properly configured authorizer fixed issue in my use case.

[johnEthicalTechnology]

@yugrinkov I'm looking to use an authorizer as well. Was it as difficult to setup as the issue I posted suggests?

[yugrinkov]

Nope, I just setup authorizer based on Cognito user pool according to this docs: https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html

[chrisbonifacio]

Hi @johnEthicalTechnology 👋 thanks for raising this issue! How did you try to reach your API? It looks like you chose only the update http method during the api configuration for authenticated users.

The request you made seems to be a POST request, which would correlate to the create option in the CLI prompt.

XHRPOSThttps://24cvd91uw6.execute-api.ap-southeast-2.amazonaws.com/dev/test

I think you should do a PUT request instead, or extend the methods available to the user to be able to create/make POST requests.

Request

const testAPI = async () => {
  try {
    const res = await API.put("test", "/test");
    console.log(res);
  } catch (error) {
    console.error(error);
  }
};

Response

[github-actions[bot]]

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.