Connecting Lambda To Api Gateway
Expose an existing AWS Lambda function over HTTP by having your agent run a structured API Gateway REST API setup with auth, staging, and optional CORS.
Overview
Connecting Lambda to API Gateway is an agent skill for the Build phase that creates a REST API Gateway and attaches it to an existing Lambda function with configurable auth, staging, and optional CORS.
Install
npx skills add https://github.com/aws/agent-toolkit-for-aws --skill connecting-lambda-to-api-gatewayWhat is this skill?
- Creates a new REST API Gateway and connects it to a named existing Lambda function
- Collects required lambda_function_name and api_name in one upfront prompt with multiple input methods
- Configurable stage (default dev), resource path (default invoke), HTTP method (default POST), and authorization (default
- Optional API key enforcement and CORS for production-oriented hardening
- Optional AWS region override when not using the default CLI configuration
- Required parameters: lambda_function_name and api_name collected in a single upfront prompt
- Defaults include stage_name dev, resource_path invoke, http_method POST, authorization_type AWS_IAM
Adoption & trust: 1k installs on skills.sh; 819 GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
You have a working Lambda function but no consistent HTTP endpoint or deployment recipe to invoke it from browsers, mobile clients, or other services.
Who is it for?
Indie builders on AWS who want a conversational, parameter-driven recipe for a first REST bridge to an existing Lambda.
Skip if: Teams that need GraphQL or WebSocket APIs, full infrastructure-as-code-only pipelines with no interactive params, or greenfield Lambda authoring in the same step.
When should I use this skill?
User needs a REST API Gateway connected to an existing Lambda function with configurable endpoint, method, auth, API key, or CORS.
What do I get? / Deliverables
After the SOP runs, your Lambda is reachable through a deployed API Gateway REST stage with the path, method, and authorization options you specified.
- REST API Gateway named and linked to the specified Lambda
- Deployed API stage with chosen path, HTTP method, and authorization settings
Recommended Skills
Journey fit
Canonical shelf is Build because the SOP wires serverless compute to a public HTTP contract while you are still assembling backend and integration surfaces. Integrations fits API Gateway-to-Lambda wiring, endpoint paths, methods, and authorization that connect your function to callers.
How it compares
Use instead of ad-hoc AWS Console clicking for a one-off REST API Gateway attachment to an existing function.
Common Questions / FAQ
Who is connecting-lambda-to-api-gateway for?
Solo and indie builders shipping serverless backends on AWS who want their coding agent to stand up API Gateway in front of an existing Lambda with explicit auth and stage choices.
When should I use connecting-lambda-to-api-gateway?
Use it during Build when you need HTTP access to a Lambda you already deployed—for example wiring a POST /invoke endpoint with AWS_IAM auth before frontend or webhook integration testing.
Is connecting-lambda-to-api-gateway safe to install?
Treat it like any AWS automation skill: review the Security Audits panel on this Prism page and confirm your agent only acts with credentials and regions you intend before creating live API resources.
SKILL.md
READMESKILL.md - Connecting Lambda To Api Gateway
# Connect Lambda Function to API Gateway ## Overview This SOP creates a REST API using Amazon API Gateway and connects it to an existing Lambda function, enabling HTTP-based invocation of the Lambda function through API endpoints. ## Parameters - lambda_function_name (required): The name of the existing Lambda function to connect to API Gateway - api_name (required): The name for the new REST API Gateway - region (optional): The AWS region where resources will be created. If not provided, uses the default region from AWS configuration - stage_name (optional, default: "dev"): The deployment stage name for the API (use "prod" only for production deployments) - resource_path (optional, default: "invoke"): The resource path for the API endpoint - http_method (optional, default: "POST"): The HTTP method for the API endpoint - authorization_type (optional, default: "AWS_IAM"): Authorization type - AWS_IAM, COGNITO_USER_POOLS, CUSTOM, or NONE - enable_api_key (optional, default: false): Require API key for access (recommended for production) - enable_cors (optional, default: false): Whether to enable CORS (Cross-Origin Resource Sharing) for the API **Constraints for parameter acquisition:** - You MUST ask for all required parameters upfront in a single prompt rather than one at a time - You MUST support multiple input methods for parameters including: - Direct input: Values provided directly in the conversation - Configuration files: Reading from AWS config or similar files - You MUST confirm successful acquisition of all required parameters before proceeding - You SHOULD provide sensible defaults for optional parameters when not specified ## Steps ### 1. Verify Dependencies Check for required tools and warn the user if any are missing. **Constraints:** - You MUST verify the following tools are available in your context: - call_aws - You MUST ONLY check for tool existence and MUST NOT attempt to run the tools because running tools during verification could cause unintended side effects, consume resources unnecessarily, or trigger actions before the user is ready - You MUST inform the user about any missing tools with a clear message - You MUST ask if the user wants to proceed anyway despite missing tools - You MUST respect the user's decision to proceed or abort ### 2. Validate Lambda Function Exists Verify that the specified Lambda function exists and is accessible. **Constraints:** - You MUST check if the Lambda function exists using `aws lambda get-function` - You MUST retrieve the Lambda function's ARN for later use - You MUST abort the SOP if the Lambda function does not exist - You SHOULD display the Lambda function's runtime and description for confirmation ### 3. Create REST API Gateway Create a new REST API Gateway with the specified name. **Constraints:** - You MUST create the REST API using `aws apigateway create-rest-api` - You MUST save the API ID for subsequent steps - You MUST retrieve the root resource ID using `aws apigateway get-resources` - You SHOULD verify the API was created successfully ### 4. Create API Resource Create a new resource under the root resource with the specified path. **Constraints:** - You MUST create the resource using `aws apigateway create-resource` - You MUST use the root resource ID as the parent - You MUST save the new resource ID for method creation - You MAY skip this step if using the root resource directly ### 5. Create HTTP Method Create the specified HTTP method for the resource. **Constraints:** - You MUST create the method using `aws apigateway put-method` - You MUST set authorization type to the specified authorization_type parameter - You MUST warn user if using NONE authorization: "WARNING: Using NONE authorization allows unrestricted access. Consider AWS_IAM, API keys, or other authorization methods for production." - You MUST add `--api-key-required` flag if enable_api_key is true - You MUST configure the method to accept requests ### 6. Configure L