Reputation: 1192
API Gateway does not have permission to assume the provided role DynamoDB
I'm trying to follow this tutorial, but when I try to test the API I've created, I get the following message:
API Gateway does not have permission to assume the provided role
The API request should be posting to a DynamoDB table I've created.
I've created an IAM Role and attached the policy AmazonDynamoDBFullAccess. I've also tried attaching this policy to my administrator user.
Here is the integration request in my API:
Any help is much appreciated.
Upvotes: 3
Views: 2402
Answers (2)
Reputation: 1718
Below worked for me
Go to IAM > Roles > whateverRole > Trust Relationships > Edit Trust Relationship and add apigateway under Statements
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
},
{
"Effect": "Allow",
"Principal": {
"Service": "apigateway.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
Assisted by this guy https://histerr.blogspot.com/2016/06/api-gateway-does-not-have-permission-to.html?showComment=1549214559316#c3046645274286738526
Upvotes: 5
Reputation: 3067
The ARN you have provided for the IAM Role is a policy. It needs to be a role. Please go to your generated role and update your ARN to that. It should look something like this *:role/AmazonDynamoDBFullAccess-201709151726
Upvotes: 2
Related Questions
- API gateway and DynamoDB integration - SerializationException
- AWS Api Gateway: Missing Authentication Token Error
- API Gateway IAM role to access DynamoDB
- Set policy and role in AWS to connect API Gateway and DynamoDB
- AWS DynamoDB UnknownOperationException
- API Gateway does not have permission to assume the provided role
- Api gateway integration with dynamodb giving 404
- Issue binding API Gateway to DynamoDB
- AWS Api Gateway Post to DynamoDB
- AWS API Gateway + DynamoDB Role ARN Error