Call Authorized Api Gateway endpoint from AWS Lambda function

Question

I'm trying to define a Lambda function that call authenticated endpoint of API Gateway (authorizationType: AWS_IAM ). I've already create the policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "execute-api:Invoke",
                "execute-api:InvalidateCache"
            ],
            "Resource": "arn:aws:execute-api:*:<account_id>:*/*/*/*"
        }
    ]
}

And attach the policy to lambda. But the response from endpoint called is already 403 (forbidden). I think i have to add some authorization headers to request. This is the example lambda code (ruby):

require 'httparty'
require 'json'
API_GATEWAY_URL = ENV["API_GATEWAY_URL"]
def lambda_handler(event:, context:)
  env = event&.dig("env")
  endpoint = event&.dig("enpoint")
  complete_url = "https://#{env}.#{API_GATEWAY_URL}/#{endpoint}"
  response = HTTParty.get(complete_url)
  p response.code
  p response.body
end

Does anyone know how i can proceed ? thanks

Edcel Cabrera Vista Edcel Cabrera Vista · Accepted Answer · 2020-05-06T09:08:37

Did you check if the API gateway is configured with auth key?

if yes, your application should pass it through the header with the key x-api-key

API Endpoint with Auth API-Key looks like this:

Call Authorized Api Gateway endpoint from AWS Lambda function

1 Answers