Debug This Error, Invalid Policy Document, on Pulumi Up
To debug the error related to setting an API Gateway REST API Policy in Pulumi, we need to ensure that the policy document is correctly formatted and that all principals are valid. We will create a Pulumi program in TypeScript that sets up an API Gateway with a valid policy document. The program will include the following steps:
- Create an API Gateway REST API.
- Define a valid policy document.
- Attach the policy document to the API Gateway.
- Deploy the stack and verify the setup.
We will use the AWS API Gateway and IAM services in this solution.
Full Code Example
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Create an API Gateway REST API
const api = new aws.apigateway.RestApi("myApi", {
name: "myApi",
description: "My API Gateway",
apiKeySource: "HEADER",
});
// Define a valid IAM policy document
const policyDocument = {
Version: "2012-10-17",
Statement: [
{
Effect: "Allow",
Action: "execute-api:Invoke",
Resource: pulumi.interpolate`${api.executionArn}/*/*`,
Principal: "*",
},
],
};
// Attach the policy document to the API Gateway
const apiPolicy = new aws.apigateway.RestApiPolicy("myApiPolicy", {
restApiId: api.id,
policy: JSON.stringify(policyDocument),
});
export const restApiId = api.id;
export const policyArn = apiPolicy.id;
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.