1

I'm playing around with API Gateway. Basically, I have a simple java code that aims to return a greetings message:

public class Greetings implements RequestHandler<GreetingsRequest, String> {

    //enable pretty print JSON output
    Gson gson = new GsonBuilder().setPrettyPrinting().create();
    
    public String handleRequest(GreetingsRequest input, Context context) {

        LambdaLogger logger = context.getLogger();
            
        System.out.println("Welcome to lambda function");
        
        // log execution details
        logger.log("ENVIRONMENT VARIABLES: " + gson.toJson(System.getenv()));
        logger.log("CONTEXT: " + gson.toJson(context));
        
        
         // process event
        logger.log("EVENT: " + gson.toJson(input));
        logger.log("EVENT TYPE: " + input.getClass().toString());
        
        return "Hello " + input.getName();
        
    }

}

I've attached to the lambda function a role with the following characteristics:

4 default policies (AmazonAPIGatewayInvokeFullAccess, CloudWatchFullAccess, AmazonAPIGatewayAdministrator, AWSLambdaBasicExecutionRole) and a custom one (lambda_execute).

Role's Trust Relationship:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": [
          "lambda.amazonaws.com",
          "apigateway.amazonaws.com"
        ]
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

In relation to the custom policy "lambda_execute":

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "lambda:InvokeFunction",
            "Resource": "*"
        }
    ]
}

In relation to the API Gateway:

The resource:

enter image description here

The method request:

enter image description here

The integration request:

enter image description here

enter image description here

When I am testing out the resource, the following message is sent out:

<AccessDeniedException>
  <Message>Unable to determine service/operation name to be authorized</Message>
</AccessDeniedException>

enter image description here

Anyone could point me out what I'm missing or doing wrong? Tks so much in advance.

Improve this question
4
  • is there a reason you want to use lambda with in 'Aws Service` instead of Lambda Function , first option in Integration type Commented Feb 11, 2021 at 14:36
  • indeed, through lambda function it has worked smoothly. Don't know why it fails via "AWS service"... Commented Feb 11, 2021 at 16:25
  • with 'AWS Service', payload that needs to be passed should be a fixed format, which I don't have it handy to share. Commented Feb 11, 2021 at 16:57
  • I tried it out and added an answer on why AWS Service invocation type throws this error! Commented Feb 11, 2021 at 21:37

1 Answer 1

Reset to default
1

Two options to invoke Lambda function from Api Gateway REST Api.

  1. Integration Type Lambda: just need to give Lambda function name.
  2. Integration Type AWS Service: This method is also used to send events directly from Api Gateway to other aws services like Sns, Sqs, Kinesis, etc.

Question is about using second method of invoking lambda using AWS Service.

PathOverride proxies request from Api Gateway to different endpoint.

Full endpoint to invoke a Lambda function is https://lambda.us-east-1.amazonaws.com/2015-03-31/functions/arn:aws:lambda:us-east-1:111122223333:function:my-function-name/invocations

First part https://lambda.us-east-1.amazonaws.com/ will be appended by Api Gateway, second part 2015-03-31/functions/arn:aws:lambda:us-east-1:111122223333:function:my-function-name/invocations should be given in path override.

if path override is incorrect, thats when we get Unable to determine service/operation name to be authorized Error.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.