This handles deployment for a public http api with iam authentication, integrated lambda, and iam role to execute specific route by a specific iam user (for experimental testing).
Http Apis are designed for low-latency and cost-effective integrations, however the purpose of this deployment is to cover iam authentication with Http Apis.
When IAM authorization is enabled, clients must use Signature Version 4 to sign their requests with AWS credentials. API Gateway invokes your API route only if the client has execute-api permission for the route.
You manage access in AWS by creating policies and attaching them to IAM identities (users, groups of users, or roles) or AWS resources. A policy is an object in AWS that, when associated with an identity or resource, defines their permissions. AWS evaluates these policies when an IAM principal (user or role) makes a request. Permissions in the policies determine whether the request is allowed or denied. Most policies are stored in AWS as JSON documents. AWS supports six types of policies: identity-based policies, resource-based policies, permissions boundaries, Organizations SCPs, ACLs, and session policies.
For more information...
- Serverless Framework: Http Support
- Serverless Framework: Http Lambda Events
- AWS Documentation: Control access for invoking an API
- AWS Documentation: IAM Policy Elements Reference
- AWS Documentation: IAM Policy Principal
- AWS Documentation: Policies and permissions in IAM
export AWS_PROFILE=<profile_name>yarn run installyarn run deployyarn run invoke <function-name>yarn run executeyarn run remove