A Terraform module for creating aws api gateway dynamically. Creates rest api, authorizer, methods and lambda integratyion, and stages.
module "api_gateway" {
source = "git@github.com:facets-io/terraform-module-aws-api-gateway.git?ref=0.0.2"
name = "my-api-gateway"
environment = "dev"
description = "This is my API"
ip_whitelist = "0.0.0.0/0"
versioned_directory = "."
deploy_live_stage = true
authorizers = [
{
name = "embed-id"
provider_arns = "arn:aws:cognito-idp:us-west-2:527490985582:my-user-pool/us-west-2_48d8d388"
}]
method_default = {
method = module.api_gateway.constants.GET
authorization = "COGNITO_USER_POOLS"
authorizer_id = "real-time-service-embed-id-my-authorizer"
authorization_scopes = "MyScope/Scope"
api_key_required = false
request_models = {}
request_validator_id = ""
request_parameters = {
"method.request.header.my_authentication_header" = true
}
}
endpoints = [
{
path = "/authentication_token"
methods = [
{
method = module.api_gateway.constants.POST
integration = {
uri = "arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:0000000000:function:my-function-1/invocations"
passthrough_behavior = "WHEN_NO_MATCH"
request_templates = null
}
authorization = "NONE"
authorizer_id = ""
authorization_scopes = []
request_parameters = null
}
]
},
{
path = "/path1/endpoint1"
methods = [
{
method = module.api_gateway.constants.GET
integration = {
uri = "arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:0000000000:function:my-function-2/invocations"
request_templates = {
"application/json" = "{\"param_1\":\"$input.params('param_1')\"}"
}
}
request_parameters = {
"method.request.querystring.param_1" = true
"method.request.querystring.param_2" = true
}
}
]
}
]
}
Name | Version |
---|---|
aws | 2.47.0 |
external | 1.2 |
Name | Description | Type | Default | Required |
---|---|---|---|---|
authorizers | n/a | any |
n/a | yes |
binary_media_types | n/a | list(string) |
n/a | yes |
body | n/a | string |
n/a | yes |
description | n/a | string |
n/a | yes |
endpoint_configuration_vpc_endpoint_ids | n/a | list(string) |
n/a | yes |
endpoints | n/a | any |
n/a | yes |
environment | n/a | string |
n/a | yes |
lambda_permission_event_source_token | (Optional) The Event Source Token to validate. Used with Alexa Skills. | string |
n/a | yes |
lambda_permission_qualifier | (Optional) Query parameter to specify function version or alias name. The permission will then apply to the specific qualified ARN. e.g. arn:aws:lambda:aws-region:acct-id:function:function-name:2 | string |
n/a | yes |
lambda_permission_source_account | (Optional) This parameter is used for S3 and SES. The AWS account ID (without a hyphen) of the source owner. | string |
n/a | yes |
lambda_permission_source_arn | (Optional) When granting Amazon S3 or CloudWatch Events permission to invoke your function, you should specify this field with the Amazon Resource Name (ARN) for the S3 Bucket or CloudWatch Events Rule as its value. This ensures that only events generated from the specified bucket or rule can invoke the function. API Gateway ARNs have a unique structure described here. | string |
n/a | yes |
name | n/a | string |
n/a | yes |
versioned_directory | If set, hash all files in directory to generate version number. If hash changes terraform will redploy the api gateway stages (deployment). | any |
n/a | yes |
api_key_source | n/a | string |
"HEADER" |
no |
authorizer_default | n/a | object({ |
{ |
no |
aws_api_gateway_stage_default | n/a | object({ |
{ |
no |
constants | n/a | object({ |
{ |
no |
deploy_live_stage | n/a | bool |
false |
no |
deploy_test_stage | n/a | bool |
true |
no |
endpoint_configuration_types | n/a | list(string) |
[ |
no |
force_deploy_live_stage | n/a | bool |
false |
no |
force_deploy_test_stage | n/a | bool |
false |
no |
integration_default | n/a | object({ |
{ |
no |
ip_whitelist | n/a | list(string) |
[ |
no |
lambda_permission_action | (Required if assigning a resource policy) The AWS Lambda action you want to allow in this statement. (e.g. lambda:InvokeFunction) | string |
"lambda:InvokeFunction" |
no |
lambda_permission_principal | (Required if assigning a resource policy) The principal who is getting this permission. e.g. s3.amazonaws.com, an AWS account ID, or any valid AWS service principal such as events.amazonaws.com or sns.amazonaws.com. | string |
"apigateway.amazonaws.com" |
no |
lambda_permission_statement_id | (Optional) A unique statement identifier. By default generated by Terraform. | string |
"AllowInvokeFromApiGateway" |
no |
live_stage_name | n/a | string |
"live" |
no |
method_default | n/a | object({ |
{ |
no |
minimum_compression_size | n/a | number |
2048 |
no |
response_default | n/a | map(object({ |
{ |
no |
response_intergration_default | n/a | map(object({ |
{ |
no |
stages | n/a | list(any) |
[ |
no |
tags | n/a | map(string) |
{} |
no |
test_stage_name | n/a | string |
"test" |
no |
Name | Description |
---|---|
constants | n/a |
endpoints | n/a |
rest_api | n/a |
rest_api_execution_arn | n/a |
tags | n/a |