I'm trying to create a DynamoDB Simple Table with an API Gateway + Lambda function using AWS SAM. Access to the endpoint should be public so that anyone can write/update an entry on the DynamoDB table. I've used the below AWS SAM template but when calling the endpoint created https://${MyApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/update I get the error Execution failed due to configuration error: Invalid permissions on Lambda function
This is my AWS SAM template:
AWSTemplateFormatVersion: '2010-09-09'
Transform: 'AWS::Serverless-2016-10-31'
Resources:
MySimpleTable:
Type: 'AWS::Serverless::SimpleTable'
Properties:
PrimaryKey:
Name: id
Type: Number
MyUpdateFunction:
Type: 'AWS::Serverless::Function'
Properties:
FunctionName: MyUpdateFunction
Handler: app.handler
Runtime: nodejs14.x
CodeUri: lambdaApp/
Timeout: 10
Environment:
Variables:
TABLE_NAME: !Ref MySimpleTable
MyApi:
Type: 'AWS::Serverless::Api'
Properties:
StageName: Prod
DefinitionBody:
swagger: '2.0'
info:
title: 'MyAPI'
paths:
/update:
post:
x-amazon-apigateway-integration:
uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MyUpdateFunction.Arn}/invocations
passthroughBehavior: 'when_no_match'
httpMethod: POST
type: aws_proxy
responses: {}
security:
- sigv4: []
Outputs:
ApiURL:
Description: 'API Gateway endpoint URL'
Value: !Sub 'https://${MyApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/update'
Any ideas what am I missing or doing wrong above?