Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(apigatewayv2-integrations): full API for API Gateway V2 AWS_PROXY integrations #16287

Closed
wants to merge 20 commits into from
Closed

feat(apigatewayv2-integrations): full API for API Gateway V2 AWS_PROXY integrations #16287

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
c9f7d3b
Getting started with eventbridge integration
alanraison Jul 14, 2021
8bc1f35
Extending HttpIntegration will full set of properties for AWS_PROXY i…
alanraison Jul 14, 2021
420437a
EventBridge-PutEvents and SQS-SendMessage integrations
alanraison Jul 14, 2021
b0d80ea
SQS ReceiveMessage integration
alanraison Jul 15, 2021
087f83d
SQS DeleteMessage integration
alanraison Jul 15, 2021
4dcd2d0
SQS-PurgeQueue integration
alanraison Jul 16, 2021
1f35e0c
refactoring test
alanraison Jul 16, 2021
216fd12
formatting
alanraison Jul 16, 2021
06a90b2
Kinesis PutRecord integration
alanraison Jul 16, 2021
d92cf9d
Step Functions integrations
alanraison Jul 16, 2021
7637ded
Role is mandatory for all AWS Service integrations
alanraison Jul 19, 2021
69643ea
Fix EventBridge schema
alanraison Jul 19, 2021
39824c6
add permissions
alanraison Jul 19, 2021
dea5f56
making role mandatory
alanraison Jul 21, 2021
83fbd9b
Starting to support MappingExpressions
alanraison Aug 11, 2021
3aace30
Adding mapping expressions for more complete integrations
alanraison Aug 18, 2021
b4680e5
Mapping Expressions for all AWS integrations
alanraison Aug 25, 2021
fbe3fe7
kinesis integration test
alanraison Aug 25, 2021
3da6a9f
Step function tests
alanraison Aug 30, 2021
1a9efab
some documentation
alanraison Aug 30, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 51 additions & 0 deletions packages/@aws-cdk/aws-apigatewayv2-integrations/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,57 @@ const httpEndpoint = new HttpApi(stack, 'HttpProxyPrivateApi', {
});
```

### AWS Service Integrations

AWS Service integrations allow for API Gateway to integrate directly with the following AWS Services:

- EventBridge
- PutEvents
- SQS
- SendMessage
- ReceiveMessage
- DeleteMessage
- PurgeQueue
- Kinesis
- PutRecord
- Step Functions
- StartExecution
- StartSyncExecution
- StopExecution

The following code configures a `message` route, which creates an SQS message containing the request body:

```ts
const queue = new Queue(stack, 'Queue');
const httpApi = new HttpApi(stack, 'IntegrationApi');

const role = new Role(stack, 'SQSRole', {
assumedBy: new ServicePrincipal('apigateway.amazonaws.com'),
});
role.addToPrincipalPolicy(new PolicyStatement({
actions: ['sqs:*'],
resources: [queue.queueArn],
}));

httpApi.addRoutes({
path: '/message',
methods: [HttpMethod.POST],
integration: new SqsSendMessageIntegration({
role,
body: StringMappingExpression.fromMapping(Mapping.fromRequestBody()),
queue: QueueMappingExpression.fromQueue(queue),
}),
});
```

Integrations should always specify a role, with appropriate permissions to allow the actions.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why can't the integration automatically add the correct permissions to the role?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, thanks for the review. I thought about that, but since the queue name, for example, could come from the payload, it wouldn't be possible for the cdk to know what permissions may be required.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Got it. But we could maybe identify when the queue name is known at synth time and in this case give the right permissions.


All other integration properties, except for the `region` can be either set up by the CDK, or
specified in the request, context variables or stage variables. The various `MappingExpression`
classes assist with creating these properties; each can be constructed from the type it represents,
or from a `Mapping` from the request, context or scope, as described in the
[API Gateway documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html#http-api-develop-integrations-aws-services-parameter-mapping).

## WebSocket APIs

WebSocket integrations connect a route to backend resources. The following integrations are supported in the CDK.
Expand Down
Loading