Matias Haeussler

Asked: 2021-10-05 12:00:22 +0800 CST2021-10-05 12:00:22 +0800 CST 2021-10-05 12:00:22 +0800 CST

Accessing HTTP API using IAM policy

I am using an HTTP API Gateway with {proxy+} route, $default stage and ANY method with IAM Authorization. Before activating IAM Authorization the API responds to every request and to none after activation as expected

However, after adding an IAM policy to an EC2 instance that allows the instance to call the API, it still returns { message: 'Forbidden' }

The policy I am using (as specified by the docs) is

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "execute-api:Invoke",
            "Resource": "arn:aws:execute-api:*:*:*/*/*/*"
        }
    ]
}

which is a very broad one for testing purposes

The linked docs point to the documentation to REST APIs Access Control, but the HTTP API IAM Access Control documentation points to the same page

Accessing HTTP API using IAM policy

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Accessing HTTP API using IAM policy

0 Answers