Aishwar
Reputation: 9714
Get the ARN for the API gateway resource that the serverless framework creates within my serverless.yml file
How can I get the ARN for the API gateway resource that the serverless framework creates within my serverless.yml file?
I want to get the ARN for the API Gateway resource so that I can use it within an IAM policy to perform IAM based authorization on the gateway.
Upvotes: 10
Views: 3989
Answers (1)
Aishwar
Reputation: 9714
The whole ARN for an API is of the form: arn:aws:execute-api:region:account-id:api-id/stage/METHOD_HTTP_VERB/Resource-path). Using { "Ref" : "ApiGatewayRestApi" } (link) within your serverless.yml gives you the apiId.
You can do something like the below (see the Resource section) to convert this to a whole Arn to reference an API:
PolicyName: InvokeAPI
PolicyDocument:
Version: "2012-10-17"
Statement:
Effect: "Allow"
Action: "execute-api:Invoke"
Resource:
- Fn::Join:
- "/"
-
- Fn::Join: [":", ["arn:aws:execute-api", {"Ref": "AWS::Region"}, {"Ref":"AWS::AccountId"}, {"Ref": "ApiGatewayRestApi"}]]
- "*"
Upvotes: 9
Related Questions
- Need to configure serverless resource output to get api gateway api id
- How can I ref API gateway endpoint in serverless?
- How to set API Gateway Description in serverless.yml?
- How to get URL endpoint detail as variable in Serverless Framework's `serverless.yml` file?
- How to get reference to aws api gateway in serverless framework
- How can I find the arn of an api gateway stage?
- How to get API gateway url in Environment variable in Serverless
- Change API Gateway Name when using Serverless Framework
- Serverless Framework - Get API Gateway URL for use in tests
- How to configure my Serverless YML to use my API Gateway Authorizer?