A Journey in Learning

Engineer and Reverse Engineering API gateway and Lambda Functions

Abdul Bhatti

Its always good to take the simple route, Lambda functions can be invoked via an API gateway but setting up the API invocation can be created using two main methods:

  1. Create an API gateway from scratch and make your own permissions.
  2. Designate a lambda source as an API gateway through lambda and allow lambda to handle the permissions

Creating it from scratch I kept getting error:

{
message: "Not Found"
}

Or

{
message: "Internal Server Error"
}

I tend to obsess over things like this because I feel like if I took the easy way out I wouldn’t understand why I am getting this error. After digging for a bit of time I realized that my permissions for the easy method were:

},
      "Action": "lambda:InvokeFunction",
      "Resource": "arn:aws:lambda:us-east-1:*********:function:WebsiteHitCounterDynamoDBupdate",
      "Condition": {
        "ArnLike": {
          "AWS:SourceArn": "arn:aws:execute-api:us-east-1:*********:*******/*/*/WebsiteHitCounterDynamoDBupdate"
        }

After editing this statement to protect my account, you can see that my lambda function could ONLY be invoked by the API, however when testing my API I was only invoking the API but not directing my request directly to the lambda function thus the improper URL

https://*******.execute-api.us-east-1.amazonaws.com/Version1

Needed to be edited to add the name of the function I wanted to invoke:

https://*******.execute-api.us-east-1.amazonaws.com/Version1/WebsiteHitCounterDynamoDBupdate

I didn’t like seeing a Null response so I added JSON to my deployment package and now it responds with

{
message: "Update of WebCounter for Alkisnar.IO Completed successfully!"
}

Doing further research I also realized that when making API gateways from scratch you need to insure that the $default route was deployed and my invocation needed to be listed as a child below.

When a client sends an API request, API Gateway first determines which stage to route the request to. If the request explicitly matches a stage, API Gateway sends the request to that stage. If no stage fully matches the request, API Gateway sends the request to the $default stage. If there’s no $default stage, then the API returns {"message":"Not Found"}.

https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html