serverless-application-model
serverless-application-model copied to clipboard
Create apigateway permissions from openapi definitions
Describe your idea/feature/enhancement
Hey team, recently tried building out a rest API using AWS::Serverless::Api
and openapi via DefinitionBody. It's great having my OpenAPI schemas converted to API gateway models and validation 💯 .
The only thing that's missing would be to have apigw permissions automatically created.
For example, the Events
property on AWS::Serverless::Function
automatically creates permissions for apigw to invoke the lambda.
The OpenAPI schema already defines the lambda handler via x-amazon-apigateway-integration
, so it should be possible to create this permission in the background.
x-amazon-apigateway-integration:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MyFunction.Arn}/invocations
Proposal
Parse the DefinitionBody of AWS::Serverless::Api
and create a AWS::Lambda::Permission
resource for the attached lambda function.
Things to consider:
- This requires no changes to the SAM Spec