Closed embaya closed 3 years ago
Lambda layers are optional and can be used inside of Lambda functions.
Update arn
inside of allowed_triggers
to match --source-arn "arn:aws:execute-api:eu-west-3:************:qvtfwsdifj/*/*/"
and it will create the same permission as you get when running AWS CLI command.
See this for example.
Thank you for your answer, but even with your proposal it still doesn't work. here's what I did:
allowed_triggers = {
AllowExecutionFromAPIGateway = {
service = "apigateway"
source_arn = "${module.api_gateway.this_apigatewayv2_api_execution_arn}/*/*"
}
}
After an application, looking in the aws console I got this.
{
"Version": "2012-10-17",
"Id": "default",
"Statement": [
{
"Sid": "AllowExecutionFromAPIGateway",
"Effect": "Allow",
"Principal": {
"Service": "apigateway.amazonaws.com"
},
"Action": "lambda:InvokeFunction",
"Resource": "arn:aws:lambda:eu-west-3:123456789012:function:more-pigeon-lambda",
"Condition": {
"ArnLike": {
"AWS:SourceArn": "arn:aws:execute-api:eu-west-3::il2yc9qa4g/*/*"
}
}
}
]
}
I tried to tinker a bit to format the policy, and finally it worked but adding the account id (123456789012) like this:
- source_arn = "${module.api_gateway.this_apigatewayv2_api_execution_arn}/*/*"
+ source_arn = "arn:aws:execute-api:eu-west-3:123456789012:${module.api_gateway.this_apigatewayv2_api_id}/*/*/"
is it a bug or am I the one who's crashing somewhere?
Make sure that your provider
block does not have skip_requesting_account_id = true
as explained here - https://github.com/antonbabenko/serverless.tf-playground/blob/master/terraform/main.tf#L10-L11
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Hello I used the
complete-http
example to create an api gatway to trigger my lambda. I copied and pasted the same code, it creates the lambda and the apigatway, but the lambda has no layer, so the lambda is not accessible. So I have to link it via the console using the following command:At first glance, I have the impression that the order in which the resources are created is not good. Can you help me please, below my code: