I created a first APIGateway A (sub1.custom-domain.com) with a couple of apis and I have another APIGateway B (sub2.custom-domain.com) within the same account.
I have an API /items in ApiGateway A that requires to call another API /providers that is located in the ApiGateway B.
I tried to add a role to the lambda function items_lambda
to invoke the ApiGateway B but it returns an error 403 Forbidden.
That's the policy I added in order to invoke the apis from ApiGateway B but it does not fix the issue.
{
Version = "2012-10-17"
Statement = [{
Action = "execute-api:Invoke",
Effect = "Allow",
Resource = "arn:aws:execute-api:${region}:*:*/*"
}]}
Does the policy wrong or should I make the called resource more specific to access the exact path?