Swagger does not allow a stage variable for the account ID #87
Comments
|
Unfortunately, AccountID has to be hard-coded. This is an APIGateway limitation |
|
Region/AccountId would be very usefull. I know this is a limitation on the API Gateway, but could this info not be merged into the swagger file at package time in the CloudFormation cli? |
1. Inline Swagger 2. CodeUri & DefinitionUri support Body, Key and Version dictionary 3. FunctionName property
|
@sanathkr could you please explain how this works? For example: ApiGatewayApi:
Type: AWS::Serverless::Api
Properties:
DefinitionUri: swaggerFile.yaml
StageName: Prod
Variables:
PostFunctionName: !Ref PostFunction
AccountId: 1234567890Why would I'm having a similar issue #178 where I can't pass a Cognito UserPool ARN into a Swagger doc. How are these limitations of API Gateway when I can create an API and set the exact same stage variables & values I'm trying to pass via CloudFormation? |
|
Can we please reopen this issue? Or at least can someone please address the question @ffxsam asked? WHY? |
|
I've ben messing with this problem too. The reason it doesn't work the way we want is probably easiest explained by trying to do the same thing in the AWS Console. If you view your API's Resources, and dig down into one of the "Integration Request"s that you're working with, you can see the options that are built from this uri. The lambda ARN literally lets you put in the text "${stageVariables.XYZ}". This is a special feature of cloudformation, letting you route to different lambda functions based on the stage. The rest of the fields, however, do not allow such dynamic inputs. This also leads us to consider the difference between the API Resource definition and the Stage definition. SAM abstracts a lot of that out for us with the "AWS::Serverless::Api" type, but under the hood, those two things are separate. The swagger template is NOT rendered during stage generation, but during resource generation. #8 (comment) is probably the closest thing I have found to being able to use those sort of variables dynamically in the swagger file. |
|
This is really bad. It basically means that one needs to keep as many copies of the OpenAPI files as stage / region / account permutations they have plus corresponding branching logic on CI and other ops related systems. That is an unworkable / unrealistic approach and has to be mitigated as soon as possible (unless I am completely misunderstanding the intent of the lambda uri approach). To minimise the pain, what we did to get around this limitation is include a preprocessing step on CI that replaces the variables in question (in our case it was the AWS region and account id) depending on the context. |
|
Yeah seems like preprocessing is the way to go here. I'm not even using serverless.com for my API Gateway generation - as I want it decoupled from my lambdas - and I still have the same issue. Painful. |
|
Hi guys. Are there any updates on this? We deploy in different stages in different accounts and I just can't figure out how to pass the account Id to my OAS file for Api Gateway |
|
Hello, @sanathkr any updates about passing the accountId and the region to Swagger file? |
* feat: SAM support for /tmp config (#87) * Add EphemeralStorage field Add EphemeralStorage as a new option when creating SAM templates. Add functionality to transform SAM templates with EphemeralStorage to Cloudformation templates. Add /translate tests for new field * Add EphemeralStorage to global configs * Add EphemeralStorage to global configs * Add testing for functions with intrinsic refs, add EphemeralStorage to versions Co-authored-by: Kevin Weng <kwweng@amazon.com> * chore: add integration test for /tmp (#101) * Add integration test for /tmp Also edit basic_function_event_destinations template file to avoid deprecated runtime error * Add integration test for /tmp Also edit basic_function_event_destinations template file to avoid deprecated runtime error * Revert changes to template runtime and use getters in test_function_with_ephemeral_storage. Delete duplicated test * Revert runtime changes Co-authored-by: Kevin Weng <kwweng@amazon.com> Co-authored-by: Kevin Weng <42563047+slowpokesnail@users.noreply.github.com> Co-authored-by: Kevin Weng <kwweng@amazon.com>
I am trying to use this Swagger:
paths:
/documents:
post:
responses: {}
security:
- authorizerFunc: []
x-amazon-apigateway-integration:
uri: arn:aws:apigateway:ap-southeast-2:lambda:path/2015-03-31/functions/arn:aws:lambda:ap-southeast-2:${stageVariables.AccountId}:function:${stageVariables.PostFunctionName}/invocations
passthroughBehavior: "when_no_match"
httpMethod: "POST"
type: "aws_proxy"
with the corresponding template:
Resources:
Explicit API Gateway definition needed for the Custom Authorizer.
ApiGatewayApi:
Type: AWS::Serverless::Api
Properties:
DefinitionUri: swaggerFile.yaml
StageName: Prod
Variables:
PostFunctionName: !Ref PostFunction
AccountId: 1234567890
But I get a CloudFormation stack event with:
"ResourceStatusReason": "Errors found during import:\n\tUnable to put integration on 'POST' for resource at path '/documents': Lambda function ARN must be in same account"
It works fine when I put the literal AccountId 1234567890 in the URI.
It looks like the stageVariable reference isn't expanded, is that right?
Thanks!
The text was updated successfully, but these errors were encountered: