我正在尝试使用 GET 方法在现有资源下创建子集合资源;就像是:

/customers/{customerId}/accounts/customers/{customerId}/accounts/{accountId}

使用Terraform,我已经设法创建了我的 customerscustomers/{customerId} 资源 - 它们都有效 .

但是当我尝试在 customers/{customerId} 下添加一个资源时,我得到了一个难以捉摸的错误 Missing Authentication Token 错误(我找不到资源/实现/ lambda),即使所有内容似乎都正确连线 .

示例代码:

resource "aws_api_gateway_resource" "customers" {
  rest_api_id = "${aws_api_gateway_rest_api.my-api.id}"
  parent_id = "${aws_api_gateway_rest_api.my-api.root_resource_id}"
  path_part = "customers"
}

resource "aws_api_gateway_resource" "single-customer" {
  rest_api_id = "${aws_api_gateway_rest_api.my-api.id}"
  parent_id = "${aws_api_gateway_resource.customers.id}"
  path_part = "{customerId}"
}

resource "aws_api_gateway_resource" "customers-accounts" {
  rest_api_id = "${aws_api_gateway_rest_api.my-api.id}"
  parent_id = "${aws_api_gateway_resource.single-customer.id}"
  path_part = "accounts"
}

//----
// GET
//----
resource "aws_api_gateway_method" "get-customers-accounts" {
  rest_api_id = "${aws_api_gateway_rest_api.my-api.id}"
  resource_id = "${aws_api_gateway_resource.customers-accounts.id}"
  http_method = "GET"
  authorization = "NONE"
}

resource "aws_api_gateway_integration" "get-customers-accounts-integration" {
  content_handling = "CONVERT_TO_TEXT"
  rest_api_id = "${aws_api_gateway_rest_api.my-api.id}"
  resource_id = "${aws_api_gateway_resource.customers-accounts.id}"
  http_method = "${aws_api_gateway_method.get-customers-accounts.http_method}"
  type = "AWS_PROXY"
  uri = "arn:aws:apigateway:${var.region}:lambda:path/2015-03-31/functions/arn:aws:lambda:${var.region}:${var.account-id}:function:${var.customers-lambda}/invocations"
  integration_http_method = "POST"
}

想法? lambda确实存在,一切看起来都在控制台中,我确实在API网关控制台中重新选择了lambda函数(如果你没有在控制台中手动重新选择lambda,那么's a bug AWS cli where you'将获得 Missing Authentication Error ) .

更新

正如我所提到的,Terraform代码似乎有效 - 没有错误 . 我从尝试访问 endpoints 获得的文字消息是

{ message: "Missing Authentication Token" }

没有输出日志 . 如果我尝试通过API网关测试按钮测试资源/ endpoints ,我会得到 Malformed Lambda Proxy Response - 但这会产生误导,因为许多有效的工作 endpoints 在从“测试”按钮运行时会生成相同的消息

amazon-web-services aws-api-gateway terraform