Hi, Thanks for the reply.
Essentially, I noticed that for the API test to pass, I needed to modify the Cognito policy you have provided by adjusting the endpoint from
"arn:aws:execute-api:YOUR_API_GATEWAY_REGION:*:YOUR_API_GATEWAY_ID/*/*/*"
To (The removed /*'s at the end)
"arn:aws:execute-api:YOUR_API_GATEWAY_REGION:*:YOUR_API_GATEWAY_ID/*"
This got the test to run. However, now that I am trying to use the delete not API I am getting a 500 response with a console error saying:
Failed to load resource: the server responded with a status of 500 () https://API-id.execute-api.us-east-1.amazonaws.com/prod/notes/note-id.
I am wondering if the policy, which only includes a single /* at the end, does not give permission to these âdeeperâ paths which require the note-id to be called. However, I tried creating a policy which explicitly gives permission to each API endpoint using AWSâ policy creation website and ran into the same 500 failure. This makes me wonder if the error is coming from within the delete.js function because it is 500 and not 403, but I havenât been able to find any issues. Anyways, that is just what I have tried but if you have any suggestions I would appreciate any help I can get! Thank you.