AWS Gateway : OpenAPI v3 YAML sample for deployment

[axel3rd]

In part of #61, I tried to add an OpenAPI v3 AWS Gateway REST API deployment (aka: Manual AWS Lambda + API deployment).

The most simple looks file:

openapi: "3.0.1"
info:
  title: "my-probot"
  description: "API endpoint for my Probot hosted on Lambda"
  version: "1.0"
paths:
  /api/github/webhooks:
    post:
      x-amazon-apigateway-integration:
        type: "aws_proxy"
        httpMethod: "POST"
        # URI of Lambda (should end by /invocations)
        # Replace: xxx-region-xxx (x2), xxx-account-xxx, xxx-lambda-name-xxx
        # The ARN (the suffix of URI) can be retrieved from top right of your Lambda AWS console)
        uri: "arn:aws:apigateway:xxx-region-xxx:lambda:path/2015-03-31/functions/arn:aws:lambda:xxx-region-xxx:xxx-account-xxx:function:xxx-lambda-name-xxx/invocations"

Unfortunately, in the case, the Resource Policies of lambda is not updated to authorize API invocation (Lambda > Permission tab : Resource-based policy).

Should be like:

{
  "Version": "2012-10-17",
  "Id": "default",
  "Statement": [
    {
      "Sid": "probot-name-api-permission",
      "Effect": "Allow",
      "Principal": {
        "Service": "apigateway.amazonaws.com"
      },
      "Action": "lambda:InvokeFunction",
      "Resource": "arn:aws:lambda:xxx-region-xxx:xxx-account-xxx:function:xxx-lambda-name-xxx",
      "Condition": {
        "ArnLike": {
          "AWS:SourceArn": "arn:aws:execute-api:xxx-region-xxx:xxx-account-xxx:xxx-api-id-xxx/*/*/api/github/webhooks"
        }
      }
    }
  ]
}

No found a way to add it manually, require AWS Cli or SDK => perhaps using Serverless Framework is more sustainable.