in docdb_rest/auth.py [0:0]
def buildPolicy(event, principalId, action):
methodArn = event["methodArn"]
splits = methodArn.split(":")
awsRegion = splits[3]
awsAccountId = splits[4]
apisplits = splits[5].split("/")
restApiId = apisplits[0]
apiStage = apisplits[1]
apiArn = "arn:aws:execute-api:" + awsRegion + ":" + awsAccountId + ":" + restApiId + "/" + apiStage + "/*/*"
policy = {
"principalId": principalId,
"policyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "execute-api:Invoke",
"Effect": action,
"Resource": [apiArn]
}
]
}
}
print(policy)
return policy