I'm trying to do a direct integration with API Gateway to DynamoDB. If both are in the same accounts, this works just fine, I've had no problems with the integration.
If they're in separate accounts, I can't figure out how to signal to API Gateway that the dynamo table is in a different account.
This setup Works:
- Account 111111111: API Gateway
- Account 111111111: Dynamo DB
This setup does not:
- Account 111111111: API Gateway
- Account 222222222: Dynamo DB
In the docs they specify what a uri integration should look like:
arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}
But I don't see where/if I can specify the account id of the existing table.
An arn of dynamo table usually looks something like this, arn:aws:dynamodb:region:account-id:table/table-name, so if I could supply an arn, this would should be plausible, but that doesn't seem to work.
arn:aws:apigateway:us-east-1:dynamodb:action/Query
My questions are:
- Is it possible to do cross account integrations with API Gateway and Dynamo
- How can I specify the account id in an API integration?
- If I can't, is there a way to specify the account id in the query body somehow?
