En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Is it possible to communicate directly between 2 APIGateways in the same account?

0

I created a first APIGateway A (sub1.custom-domain.com) with a couple of apis and I have another APIGateway B (sub2.custom-domain.com) within the same account. I have an API /items in ApiGateway A that requires to call another API /providers that is located in the ApiGateway B. I tried to add a role to the lambda function items_lambda to invoke the ApiGateway B but it returns an error 403 Forbidden.

That's the policy I added in order to invoke the apis from ApiGateway B but it does not fix the issue.

{
       Version = "2012-10-17"
       Statement = [{
          Action = "execute-api:Invoke",
          Effect =  "Allow",
          Resource = "arn:aws:execute-api:${region}:*:*/*"
    }]}

Does the policy wrong or should I make the called resource more specific to access the exact path?

Sujets
Sans serveurCalculWeb et mobile front-endRéseaux et diffusion de contenuSécurité, identité et conformité
Balises
AWS LambdaPasserelle API AmazonPolitiques IAM
Langue
English
ALPHA123
demandé il y a 2 mois240 vues
1 réponse
0

It seems you are not invoking API B directly from API A, but rather, API A calls a Lambda that calls API B.

It also seems that you are using IAM auth for API B. If this is case, your Lambda function must sign the requests going to API using SigV4 with the credentials obtained from the role.

profile pictureAWS
EXPERT
Uri
répondu il y a 2 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents