for reference you can visit this aws issue i've created:
https://github.com/aws/aws-cli/issues/3118
I use this AWS CLI commands below but it is inside to *.sh file
no problem with the script it successfully run
NOTE: i manually create API
```
remove GET method
aws apigateway delete-method \
--rest-api-id 2132132 \
--resource-id 8998989 \
--http-method GET \
/dev/null 2>&1 && echo '-> [aws] APIGateway GET method removed'
remove permission first
aws lambda remove-permission \
--function-name function_main \
--statement-id function_main \
/dev/null 2>&1 && echo '-> [aws] APIGateway permission removed'
and then add method
aws apigateway put-method \
--rest-api-id 2132132 \
--resource-id 8998989 \
--http-method GET \
--authorization-type 'NONE' \
--region us-east-1 \
/dev/null 2>&1 && echo '-> [aws] APIGateway GET method created'
and add integration.
aws apigateway put-integration \
--region us-east-1 \
--rest-api-id 2132132 \
--resource-id 8998989 \
--http-method GET \
--type AWS_PROXY \
--integration-http-method GET \
--passthrough-behavior WHEN_NO_MATCH \
--uri "arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:23645667:function:function_main/invocations" \
/dev/null 2>&1 && echo '-> [aws] APIGateway integration added'
and add method response
aws apigateway put-method-response \
--rest-api-id 2132132 \
--resource-id 8998989 \
--http-method GET \
--status-code 200 \
--response-models "{\"application/json\": \"Empty\"}" \
/dev/null 2>&1 && echo '-> [aws] APIGateway GET method response created'
and then add
aws lambda add-permission \
--function-name function_main \
--statement-id 4454854604c23688a9f42907de4d18ec \
--action "lambda:InvokeFunction" \
--principal apigateway.amazonaws.com \
--source-arn "arn:aws:execute-api:us-east-1:23645667:2132132/*/GET/" \
/dev/null 2>&1 && echo '-> [aws] APIGateway permission added'
```
but the output is this, in method response I can't see HTTP STATUS: Proxy or just 'Select an Integration response' unlike when i manually add method and integration there is (please see below image difference)
ERROR
WORKING
AWS CLI Versions : aws-cli/1.14.32 Python/2.7.10 Darwin/17.3.0 botocore/1.8.36
i just want to share answer from github.com/issues by https://github.com/kyleknap
>
#XanderDwyl I think you need to include an apigateway put-integration-response command in your shell script even if you are doing a proxy integration. We had to do something similar in old version of chalice. I would recommend checking out some of the source code. It is Python, but the parameters and values map directly back to CLI commands and parameters. So it should be straightforward to figure out what may be missing. Let us know if that helps.
Related
We are trying to create a listener rule with conditions-Host header in elastic load balancer by aws cli.
aws elbv2 create-rule
--listener-arn arn:aws:elasticloadbalancing:ap-south-1:123456789:listener/app/testing-alb/6sdfgsgs5fg45s4fg5sd \
--conditions test.com \
--priority 5 \
--actions arn:aws:elasticloadbalancing:ap-south-1:123456789:targetgroup/tgtest-1/hsdjif444225 \
--region ap-south-1 \
--output json
However, we got a error like this,
Error parsing parameter '--conditions': Expected: '=', received: 'EOF' for input:
test.com
^
If you want to do this inline, here is the correct syntax:
aws elbv2 create-rule \
--listener-arn arn:aws:elasticloadbalancing:ap-south-1:123456789:listener/app/testing-alb/6sdfgsgs5fg45s4fg5sd \
--conditions '[{"Field":"host-header","HostHeaderConfig":{"Values":["test.com"]}}]' \
--priority 5 \
--actions Type=forward,TargetGroupArn=arn:aws:elasticloadbalancing:ap-south-1:123456789:targetgroup/tgtest-1/hsdjif444225 \
--region ap-south-1 \
--output json
I have a bash script that creates a manifest.csv file example below, and then I use that to create an S3 batch job, I ran it using the console and it works so roles and permissions are correct, any help will be appreciated.
test-bucket-batch,Test/testing1.json \
test-bucket-batch,Test/testing2.json \
test-bucket-batch,Test/testing3.json \
test-bucket-batch,Test/testing4.json
aws s3control create-job \
--account-id $ACCOUNT_ID \
--region $REGION \
--confirmation-required \
--client-request-token $(uuidgen) \
--operation '{"S3PutObjectCopy":{"TargetResource":"arn:aws:s3:::'$BUCKET_NAME'/object_restore/"}}' \
--manifest '{"Spec":{"Format":"S3BatchOperations_CSV_20180820","Fields":["Bucket","Key"]},"Location":{"ObjectArn":"arn:aws:s3:::'$BUCKET_NAME'/object_restore/manifest.csv","ETag":'$ETAG'}}' \
--report '{"Bucket":"arn:aws:s3:::'$BUCKET_NAME'/object_restore/","Prefix":"final-reports", "Format":"Report_CSV_20180820","Enabled": true,"ReportScope":"AllTasks"}' \
--description 'S3 Copy Job' \
--priority 42 \
--role-arn $ROLE_ARN
ERROR: An error occurred (InvalidRequest) when calling the CreateJob operation: Request invalid
The issue was related to the prefix
aws s3control create-job \
--account-id $ACCOUNT_ID \
--region $REGION \
--confirmation-required \
--client-request-token $(uuidgen) \
--operation '{"S3PutObjectCopy":{"TargetResource":"arn:aws:s3:::'$BUCKET_NAME'","TargetKeyPrefix":"/object_restore/"}}' \
--manifest '{"Spec":{"Format":"S3BatchOperations_CSV_20180820","Fields":["Bucket","Key"]},"Location":{"ObjectArn":"arn:aws:s3:::'$BUCKET_NAME'/object_restore/manifest.csv","ETag":'$ETAG'}}' \
--report '{"Bucket":"arn:aws:s3:::'$BUCKET_NAME'","Prefix":"/object_restore/final-reports", "Format":"Report_CSV_20180820","Enabled": true,"ReportScope":"AllTasks"}' \
--description 'S3 Copy Job' \
--priority 42 \
--role-arn $ROLE_ARN
Note the fields changed where:
operation where TargetKeyPrefix was added: "TargetKeyPrefix":"/object_restore/"
report where Prefix was changed to:
"Prefix":"/object_restore/final-reports"
Hello I try to execute the following command in order to add a Global Secondary Index to an existing table:
aws dynamodb update-table \
--region eu-west-1 \
--endpoint-url http://127.0.0.1:8000/ \
--table-name ssib_dev_assetsTable \
--attribute-definitions AttributeName=AssetGroup,AttributeType=S \
--global-secondary-index-updates \
Create="{IndexName=gsi_group,KeySchema=[{AttributeName=AssetGroup,KeyType=HASH}],Projection={ProjectionType=ALL}}" \
--provisioned-throughput ReadCapacityUnits=10,WriteCapacityUnits=10 \
After + or - 10seconds I have the following response, without any explicit error message. I use https://hub.docker.com/r/cnadiminti/dynamodb-local/ to emulate my db.
An error occurred (InternalFailure) when calling the UpdateTable
operation (reached max retries: 9): The request processing has failed
because of an unknown error, exception or failure.
The parameter --global-secondary-index-updates should be a valid JSON string, which it is not in your case. It is also missing a mandatory key, ProvisionedThroughput.
https://docs.aws.amazon.com/cli/latest/reference/dynamodb/update-table.html
Here goes:
aws dynamodb update-table \
--region eu-west-1 \
--endpoint-url http://127.0.0.1:8000 \
--table-name ssib_dev_assetsTable \
--attribute-definitions AttributeName=AssetGroup,AttributeType=S \
--global-secondary-index-updates '[{"Create":{"IndexName":"gsi_group","KeySchema":[{"AttributeName":"AssetGroup","KeyType":"HASH"}],"Projection":{"ProjectionType":"ALL"},"ProvisionedThroughput":{"ReadCapacityUnits":5,"WriteCapacityUnits":5}}}]'
By the way, you should probably use the official image instead of some image by some random user docker user: https://hub.docker.com/r/amazon/dynamodb-local/
.net core serverless web api
I am trying to do proxy integration with lambda and api gateway, everything is working fine with aws console
but i am facing issues with aws cli commands
i tried integrating with cli but the lambda is not properly integrated
aws apigateway create-resource --rest-api-id id --parent-id id --path-part {proxy+}
aws apigateway put-method --rest-api-id id --resource-id id --http-method ANY --authorization-type "NONE"
aws apigateway put-integration --rest-api-id id --resource-id id --http-method ANY --type HTTP_PROXY --integration-http-method ANY --uri arn:aws:apigateway:us-east-2:lambda:path//2015-03-31/functions/arn:aws:lambda:us-east-2:account_id:function:helloworld/invocations
aws lambda add-permission --function-name helloworld --action lambda:InvokeFunction --principal apigateway.amazonaws.com --source-arn arn:aws:execute-api:us-east-2:account_id:apiid/*/*/* --statement-id 12345678
There are two problems with your commands -
Incorrect
aws apigateway create-resource --rest-api-id id --parent-id id --path-part {proxy+}
Correct: Notice the double quotes
aws apigateway create-resource --rest-api-id id --parent-id id --path-part "{proxy+}"
Incorrect
aws apigateway put-integration \
--rest-api-id id \
--resource-id id \
--http-method ANY \
--type HTTP_PROXY \
--integration-http-method ANY \
--uri arn:aws:apigateway:us-east-2:lambda:path//2015-03-31/functions/arn:aws:lambda:us-east-2:account_id:function:helloworld/invocations
Correct
type should be AWS_PROXY for Lambda Proxy Integrations.
integration-http-method should always be POST for Lambda Proxy integration, even if the http method is GET or ANY or anything else.
aws apigateway put-integration \
--rest-api-id id \
--resource-id id \
--http-method ANY \
--type AWS_PROXY \
--integration-http-method POST \
--uri arn:aws:apigateway:us-east-2:lambda:path//2015-03-31/functions/arn:aws:lambda:us-east-2:account_id:function:helloworld/invocations
I have to create many AWS apigateway apis. All apis will use a Lambda function for invocation. These new apis will also include below common steps.
API type as Regional and a REST API
Add a POST Method
Method Execution Settings
Invocation Type=Lambda Function and also choose respective Lambda
Function.
CORS Settings
Lambda Permissions
Integration Response Settings
Deploy API
Include stage in API Usageplan
Redeploy API
Here is apigateway clone API SYNOPSIS.
SYNOPSIS
create-rest-api
--name <value>
[--description <value>]
[--clone-from <value>]
[--binary-media-types <value>]
[--minimum-compression-size <value>]
[--api-key-source <value>]
[--endpoint-configuration <value>]
[--policy <value>]
[--api-version <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
How to clone an apigateway API from existing apigateway API from CLI and avoid doing all the repeated steps mentioned above.
You could clone from existing API when creating new API by the console as well.
Use below commands as a shell script and execute the script with the mentioned parameters. Parameters names are self explanatory.
Here is the full script and every part is explained.
#!/bin/bash
APINAME=${1}
STAGENAME=${2}
LAMBDANAME=${3}
CLONEAPIID=${4}
USAGEPLANID=${5}
AWS_PROFILE=[PROFILENAME]
AWS_REGION=[AWSREGION]
AWS_ACCOUNT=[AWSACCOUNT]
METHOD=POST
Clone API from existing API
echo "Closing API ${APINAME} from API ${CLONEAPIID}"
RESTAPIID=`aws apigateway create-rest-api --name "${APINAME}" --description "${APINAME}" --clone-from ${CLONEAPIID} --endpoint-configuration '{"types":["REGIONAL"]}' --profile ${AWS_PROFILE} | grep '"id"' | sed 's/,//g;s/ //g;s/"//g;' | awk -F: '{ print $2 }'`
Display New Rest API ID
echo RESTAPIID: ${RESTAPIID}
Getting Resource
echo "Getting Resource"
RESOURCEID=`aws apigateway get-resources --rest-api-id ${RESTAPIID} --profile ${AWS_PROFILE} | grep '"id"' | sed 's/,//g;s/ //g;s/"//g;' | awk -F: '{ print $2 }'`
echo RESOURCEID: ${RESOURCEID}
Setting URI and Lambda as Invocation
echo "Setting Lambda ${LAMBDANAME}"
LAMBDA_URL="arn:aws:apigateway:${AWS_REGION}:lambda:path/2015-03-31/functions/arn:aws:lambda:${AWS_REGION}:${AWS_ACCOUNT}:function:${LAMBDANAME}/invocations"
aws apigateway put-integration --rest-api-id ${RESTAPIID} --resource-id ${RESOURCEID} --http-method ${METHOD} --type AWS --integration-http-method ${METHOD} --uri "${LAMBDA_URL}" --profile ${AWS_PROFILE} | grep uri
Generating UUID as statement-id
SID=`uuidgen`
Adding permissions for API gateway to execute Lambda Function
aws lambda add-permission --function-name arn:aws:lambda:${AWS_REGION}:${AWS_ACCOUNT}:function:findPostcode --source-arn arn:aws:execute-api:${AWS_REGION}:${AWS_ACCOUNT}:${RESTAPIID}/*/*/* --principal apigateway.amazonaws.com --action lambda:InvokeFunction --statement-id ${SID} --profile ${AWS_PROFILE}
Setting Integration Response
aws apigateway put-integration-response --rest-api-id ${RESTAPIID} --resource-id ${RESOURCEID} --http-method ${METHOD} --status-code 200 --selection-pattern 200 --response-parameters '{"method.response.header.Access-Control-Allow-Origin": "'"'"'*'"'"'"}' --selection-pattern "" --response-templates '{"application/json": ""}' --profile ${AWS_PROFILE}
Creating Initial Deployment
echo "Creating Initial Deployment for ${APINAME} API and Stage ${STAGENAME}"
DEPLOYMENTID=`aws apigateway create-deployment --rest-api-id ${RESTAPIID} --stage-name '' --profile ${AWS_PROFILE} | grep '"id"' | sed 's/,//g;s/ //g;s/"//g;' | awk -F: '{ print $2 }'`
Creating Stage
aws apigateway create-stage --rest-api-id ${RESTAPIID} --stage-name ${STAGENAME} --description ${STAGENAME} --deployment-id ${DEPLOYMENTID} --profile ${AWS_PROFILE} | grep stageName
sleep 10
Adding API stage in Usageplan
echo "Adding Stage in Usageplan"
aws apigateway update-usage-plan --usage-plan-id ${USAGEPLANID} --patch-operations op="add",path="/apiStages",value="${RESTAPIID}:${STAGENAME}" --profile ${AWS_PROFILE} | grep name
sleep 10
Redeploying Stage
echo "Redeploying Stage"
aws apigateway create-deployment --rest-api-id ${RESTAPIID} --stage-name ${STAGENAME} --description ${STAGENAME} --profile ${AWS_PROFILE} | grep description
sleep 5
echo "REST API Endpoints configured and deployed successfully.."
Note: Proper time delay (wait) is needed in different steps ( as mentioned in seconds by sleep commands).
Here is an example of executing above shell script.(Assuming script name cloneapi.sh)
./cloneapi.sh MyAPI MyAPIStage MyLambdaFunction apxxxxx upxxxx
Where
MyAPI is New API Name
MyAPIStage is new API Stage Name
MyLambdaFunction is Lambda Function Name for New API
apxxxxx is the API ID (Cloning from)
upxxxx is Usage Plan ID
The above commands can be used with any AWS CLI version and on any Linux OS, but below is the CLI and OS version used.
aws --version
aws-cli/1.15.80 Python/2.7.14 Linux/4.14.94-89.73.amzn2.x86_64 botocore/1.10.79
cat /etc/os-release
NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2"
HOME_URL="https://amazonlinux.com/"
From horse's mouth A.K.A AWS documentation
Export:
Go to API Gateway and click away as shown in the picture.
Creative Step:
Rename the API title: "title" and all the URI fields to something new "uri" in the exported JSON or YAML (depending which you selected)
Import
Just create new API and import what you had exported in the previous step.