serverless-step-functions icon indicating copy to clipboard operation
serverless-step-functions copied to clipboard

Published 20 hours ago verified publisher icon serverless-operations

Generate policy statements for "Call third-party API" states

Open yuyokk opened this issue 1 year ago • 0 comments

This is a Feature Request

Description

AWS announced ability to call external endpoints at AWS re:invent.

If I define following state:

Call api:
  Type: Task
  Resource: arn:aws:states:::http:invoke
  Parameters:
    ApiEndpoint.$: '$.apiUrl'
    Method.$: '$.method'
    Authentication:
      ConnectionArn.$: '$.connectionArn'

During deploy I see the following warning

Cannot generate IAM policy statement for Task state { Type: 'Task',
  Resource: 'arn:aws:states:::http:invoke',
  Parameters:
   { 'ApiEndpoint.$': '$.apiUrl',
     'Method.$': '$.method',
     Authentication: { 'ConnectionArn.$': '$.connectionArn' } },
  Next: 'Success' }
✓ State machine "TestStepFunction" definition is valid

And during run my Step Function fails with

AWS Step Functions is not authorized to perform states:InvokeHTTPEndpoint on API Endpoint https://example.com. Ensure that the StateMachine role contains the states:InvokeHTTPEndpoint permission for the given API Endpoint

Additional Data

  • Serverless Framework Core Version you're using: 3.38.0
  • The Plugin Version you're using: 3.17.0

yuyokk avatar Dec 03 '23 18:12 yuyokk