Home > Enterprise >  how to get arn of AWS::ApiGateway::Method
how to get arn of AWS::ApiGateway::Method

Time:12-10

here i want to get arn of AWS::ApiGateway::Method in AWS::Lambda::Permission "SourceArn" property

here how i am how to get arn

when i am using Fn::GetAtt in SourceArn to get lambdaAPOSTMethod or lambdaBPOSTMethod arn its showing error saying Fn::GetAtt is not for AWS::ApiGateway::Method part

i saw we can do something like SourceArn: !Join [ ":", ["arn:aws:execute-api", !Ref AWS::Region, !Ref AWS::AccountId, !Ref ApiGatewayRestApi, "/*/POST/" ] ]

but i want something simple solution something like ref apigatewmethod

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Parameters": { "Environment": { "Type": "String" } },
  "Resources":
    {
      "APIGatewayRestAPI":
        {
          "Type": "AWS::ApiGateway::RestApi",
          "Properties": { "Name": { "Fn::Sub": "avllano-${Environment}" } },
        },
      "lambdaBResource":
        {
          "Type": "AWS::ApiGateway::Resource",
          "Properties":
            {
              "RestApiId": { "Ref": "APIGatewayRestAPI" },
              "ParentId":
                { "Fn::GetAtt": ["APIGatewayRestAPI", "RootResourceId"] },
              "PathPart": { "Fn::Sub": "lambdaB-${Environment}" },
            },
          "DependsOn": ["APIGatewayRestAPI"],
        },
      "lambdaBPOSTMethod":
        {
          "Type": "AWS::ApiGateway::Method",
          "Properties":
            {
              "RestApiId": { "Ref": "APIGatewayRestAPI" },
              "ResourceId": { "Ref": "lambdaBResource" },
              "HttpMethod": "POST",
              "AuthorizationType": "AWS_IAM",
              "MethodResponses": [{ "StatusCode": 200 }],
              "Integration":
                {
                  "Type": "AWS_PROXY",
                  "IntegrationResponses": [{ "StatusCode": 200 }],
                  "IntegrationHttpMethod": "POST",
                  "Uri":
                    {
                      "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:lambdaB-${Environment}/invocations",
                    },
                },
            },
          "DependsOn": ["lambdaBResource"],
        },
      "APIGatewayDeployment":
        {
          "Type": "AWS::ApiGateway::Deployment",
          "Properties":
            {
              "RestApiId": { "Ref": "APIGatewayRestAPI" },
              "StageName": { "Ref": "Environment" },
            },
          "DependsOn": ["lambdaAPOSTMethod", "lambdaBPOSTMethod"],
        },

      "lambdaAPermission":
        {
          "Type": "AWS::Lambda::Permission",
          "Properties":
            {
              "Action": "lambda:InvokeFunction",
              "FunctionName":
                {
                  "Fn::Sub": "arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:lambdaA-${Environment}",
                },
              "Principal": "apigateway.amazonaws.com",
              "SourceArn" : ?
            },
          "DependsOn": ["APIGatewayDeployment"],
        },
      "lambdaBPermission":
        {
          "Type": "AWS::Lambda::Permission",
          "Properties":
            {
              "Action": "lambda:InvokeFunction",
              "FunctionName":
                {
                  "Fn::Sub": "arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:lambdaB-${Environment}",
                },
              "Principal": "apigateway.amazonaws.com",
              "SourceArn" : ?
            },
          "DependsOn": ["APIGatewayDeployment"],
        },

    },

}

CodePudding user response:

Refs and GetAtts are not consistently implemented for CloudFormation resource types. You can find them towards the bottom of each doc page, before the examples. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html

In this case you will have to use Join or Sub to construct the Arn.

CodePudding user response:

You can use the following syntax in the SourceArn property:

"SourceArn": { "Fn::Sub": "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${APIGatewayRestApi}/*/POST/" }

  • Related