AWS Lambda calling API gateway getting 500 internal server error

Question

I'm developing several AWS serverless applications using Lambda and API gateway.

At one point, I tried to execute an API request on one application (using requests python lib) from code running inside a Lambda function in another application. I get 500 server error. From the logs it appears that the Lambda function behind the API gateway is not starting at all. I don't find any logs that can tell me what happened.

Additional details:

The API gateway is protected by IAM auth.
The calling lambda has permission to "execute_api"
The request is signed according to Signature V4 - I followed the example here: https://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html#sig-v4-examples-post .

Go in AWS console section API Gateway, there is option to test your request. By performing the request it will tell you more specifically if you have any permission issues. — Traycho Ivanov
– Traycho Ivanov, Commented Jul 30, 2020 at 21:42

Tsah Weiss · Accepted Answer · 2020-07-30 13:14:56Z

2

The issue was that the calling lambda needed permission to execute the second lambda behind the API gateway. I don't know why that is. I also still don't know how I should have debugged this - where are the logs that should tell me what was the issue. Eventually it was a lucky guess on my side.

answered Jul 30, 2020 at 13:14

Tsah Weiss

6531 gold badge7 silver badges14 bronze badges

Sign up to request clarification or add additional context in comments.

2 Comments

Traycho Ivanov Over a year ago

Please have a look over here github.com/awslabs/serverless-application-model/issues/59 , it could be missing permission.

Thomas M Over a year ago

This also worked for me - adding permissions to execute the Lambda function behind the API. Not sure why this would be necessary, but perhaps it is intended behavior? Couldn't find any documentation on it. Setting InvokeRole: None did not work for me.

Matt Saunders · Accepted Answer · 2023-08-15 17:35:31Z

1

Possibly not relevant to OP, but this question pointed me in the right direction for a similar issue.

For anyone hitting this error using AWS SAM, adding InvokeRole: NONE to your template prevents you from having to add permissions for every function to your Auth role, e.g.

Auth:
  DefaultAuthorizer: AWS_IAM
  AddDefaultAuthorizerToCorsPreflight: false
  InvokeRole: NONE

See GitHub for further info.

answered Aug 15, 2023 at 17:35

Matt Saunders

4,1162 gold badges28 silver badges37 bronze badges

Collectives™ on Stack Overflow

AWS Lambda calling API gateway getting 500 internal server error

2 Answers 2

2 Comments

Comments

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

2 Comments

Comments

Related