The options for the following commands have not changed much, aside from their names and descriptions: create-rest-api, get-resources, create-resource, put-method-response, put-integration-response, and create-deployment. We also added request-parameters to put-method, to create the path param, as required.
We used the AWS integration type. We also specified the URI in the format required for AWS integrations: arn:aws:apigateway:<region>:lambda:path/2015-03-31/functions/<lambda arn>/invocations. The 2015-03-31 refers to the latest API version of the AWS Lambda service.
We defined the request-templates option of the put-integration sub-command to specify the mapping template for the JSON passed to Lambda from the API. Within the mapping template key is the content type, and the value is the mapping template for that content type. We also used the path and query parameter values within the mapping template. We will look at mapping templates in detail in a later recipe.
The integration-http-method of the put-integration command specifies the HTTP method used by API Gateway to connect with the Lambda. The integration-http-method should be POST, for Lambda integration. This is not the HTTP method that we use to access our API endpoint from a browser (which is GET, as specified by http-method).
We did not specify iam roles or policies for API Gateway to talk to Lambda; instead, we used Lambda's add-permission command to allow our API to invoke it. We specifically gave lambda:InvokeFunction permission, but you can also give all of the permissions by using lambda:*. For logging to CloudWatch, you will still need to add a role with the required permissions.
The lambda add-permission properties are as follows:
- function-name is the name of the Lambda function.
- statement-id is a unique number to identify this permission.
- action refers to the permitted actions.
- principal denotes the AWS service that is granted permission.
- source-arn is the arn of the resource invoking the function. You can specify * to denote that any of the part is matched (for example, tyu4dw36th/*/*/lambdagreeting/{name} matches any stage and any HTTP method).