AWS APIGateway Lambda proxy integration- Execution failed due to configuration error: Invalid permissions on Lambda function

Few learnings from API Gateway Lambda proxy integration

• API Gateway is deployed in different stages and ARN for API gateway in stage vs on test console is somewhat different. (atleast thats what I got on terraform output)

As many documentations and fixes for the problem suggests to explicitly configure detailed path as "arn:aws:execute-api:region_name:account_id:${aws_api_gateway_rest_api.api_resource.id}/*/*" The configured source with granted access permission

 arn:aws:execute-api:region:accountid:fu349z93pa/*/*

From terraform documentation For "${aws_api_gateway_deployment.deployment_rsc_name.execution_arn}"

The configured source with granted access permission is

arn:aws:execute-api:region:accountid:fu349z93pa/stage/*/*

If you test from API Gateway console you would end up with same error and have to manually add permission to lambda or reselect lambda function name on method integration console (which does the same thing). That configures 2 API gateways to access Lambda. (one with /stage deployed ARN and other /*/METHOD/* - used for test console)

But if you test API gateway from ARN of stage environment on postman it works just as fine without any manual updates to infrastructure built with terraform. And in most cases that is the one that would matter.

• Even after fixing first error manually / not second challenge is Malformed response from lambda

This one is fairly easy and well documented. AWS Doc

All we have to do is update lambda to respond with a specified format.

for. e.g. add below

callback(null, { "statusCode": 200, "body" : JSON.stringify(sampleResponseJSON) }); on lambda `js`

Once it is working end to end we could always add error handling scenarios.

Hopefully, this should save some time for beginners like me.