Just a tip, in order for API Gateway test / sandbox area to be able to execute (invoke) a Lambda function that was generated by CloudFormation, you need to explicitly grant the Sandbox permission in your CloudFormation file. As it is not documented and there is currently no way to “export” a manually created API as CloudFormation file, it is easy to overlook/miss. The simple solution for this is to add a new Lambda permission, with the “stage name” set to “null”.

Here is a complete example of a Lambda Permission Resource in CloudFormation:

        "ApiGatewaySandboxPermission" : {
            "Type" : "AWS::Lambda::Permission",
            "Properties" : {
                "FunctionName" : { "Ref" : "MyFunctionAlias" },
                "Action" : "lambda:InvokeFunction",
                "Principal" : "apigateway.amazonaws.com",
                "SourceArn" : { "Fn::Join": [ "", [
                    { "Ref" : "AWS::Region" }, ":",
                    { "Ref" : "AWS::MyAccountId" }, ":",
                    { "Ref" : "MyRestApiId"}, "/",
                ] ] }
 The interesting part here are the last few lines. This grants the SandBox (Stage Name is “null”) to invoke all GET based methods, starting at the root (/*) of your API, tweak path as needed.
 Hope this helps.

Leave a Reply

Your email address will not be published. Required fields are marked *