I am creating an API to relax without a server. I created a custom autostart to get user policies, everything worked fine until I ran into getting policies with request parameters, for example: base / As / {aId} / Bs / {bId}
An example of a policy that I am extracting right now:
{
"principalId": "some id",
"policyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "allow",
"Action": "execute-api:Invoke",
"Resource": "arn:aws:execute-api:{region}:{apiId}/{stage}/GET/As/*"
}
]
}
so my problem in the above policy should only be to get a specific "A", but when I want to call some "B", which is only accessible through "A", I will need to call the endpoint, for example base / As / { aId} / Bs / {bId}, with the above policy, I will have permission to access this endpoint when I do not.
Is there a way to have request parameters in a resource in a policy?