{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 做个烂人 的问题《How to make different AWS API gateway environments》','https://www.manongdao.com/q-1264421.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
In my AWS API Gateway API, I've set up 2 environments, "dev" and "prod". I also have 2 aliases for an AWS lambda function named "dev" and "prod". Now, I'd like to point the "dev" environment of my API to the "dev" alias of my function, and the "prod" environment at the "prod" alias of my function.
I read in a tutorial that I can't find anymore at the moment, that in the integration configuration, you can specify the function in the form <functionName>:<alias>, so I set up the integration to point at: SlackCommands:${stageVariables.lambdaAlias}.
I added a stage variable with name lambdaAlias and value "prod" in the prod environment of the API, and a variable with the same name in the dev environment, with the "dev" value. But when I switch the APi to use the latest deployment, which introduces this change from a simple lambda function name to a name to an alias, I see this error in cloudWatch when calling the API:
Execution failed due to configuration error: Invalid permissions on Lambda function
This first happened for both prod and dev. Then, I found out that lambda triggers are set per alias. So I removed my API trigger from $LATEST version, and added it to the "prod" alias:
Then I went to the "dev" alias, and wanted to add the same trigger, but for some reason, now I can't choose the "dev" environment from the dropdown:
I'm assuming this is because awzs wants to set the integration to point to the "dev" alias specifically, but an integration already exists. If I understand AWS's documentaiton, what I'd need to do is set a lambda policy that grants the "dev" environment of my API access to this alias, but the console only has a "View function policy" section, seemingly with no place to manually set it.
So how do I set this up the way I want? Preferrably through the console, since I don't work with AWS often, and don't want to install the CLI.
This is a permission you will need to set with a CLI command, unfortunately. The reason is that API Gateway has no way to infer the full function name needed to grant the permissions when you use a stage variable in the function name.
The sample command you'll need to run will look something like the following:
See this doc for more details: http://docs.aws.amazon.com/lambda/latest/dg/with-on-demand-https-example-configure-event-source.html#with-on-demand-https-add-permission
If you have many lambda functions, you can use the following script. You can specify all the functions in the array and it will automatically add the permission. You can also use this script to add permission for different alias functions.
To run this script, create a file with above source with name app-permission.py. Go into the terminal and run the following:
If you do not have aws profile configured, run following: