Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Get the ARN for the API gateway resource that the serverless framework creates within my serverless.yml file

How can I get the ARN for the API gateway resource that the serverless framework creates within my serverless.yml file?

I want to get the ARN for the API Gateway resource so that I can use it within an IAM policy to perform IAM based authorization on the gateway.

like image 678
Aishwar Avatar asked Oct 20 '18 19:10

Aishwar


People also ask

Does Serverless Framework create API gateway?

Within the Serverless ecosystem, API Gateway is the piece that ties together Serverless functions and API definitions.

How do I refer to a property in serverless YAML file?

To reference properties in other YAML files use the ${file(./myFile. yml):someProperty} syntax in your serverless. yml configuration file. To reference properties in other JSON files use the ${file(./myFile.


1 Answers

The whole ARN for an API is of the form: arn:aws:execute-api:region:account-id:api-id/stage/METHOD_HTTP_VERB/Resource-path). Using { "Ref" : "ApiGatewayRestApi" } (link) within your serverless.yml gives you the apiId.

You can do something like the below (see the Resource section) to convert this to a whole Arn to reference an API:

PolicyName: InvokeAPI
PolicyDocument:
  Version: "2012-10-17"
  Statement:
    Effect: "Allow"
    Action: "execute-api:Invoke"
    Resource:
      - Fn::Join:
        - "/"
        - 
          - Fn::Join: [":", ["arn:aws:execute-api", {"Ref": "AWS::Region"}, {"Ref":"AWS::AccountId"}, {"Ref": "ApiGatewayRestApi"}]]
          - "*"
like image 138
Aishwar Avatar answered Sep 20 '22 11:09

Aishwar