https://github.com/mich0232/aws-api-gw

AWS API Gateway module creates a HTTP gateway API resources, with ability to attach lambda integrations and custom authorizers.
https://github.com/mich0232/aws-api-gw

api-gateway aws aws-lambda terraform terraform-module

Last synced: about 1 month ago
JSON representation

AWS API Gateway module creates a HTTP gateway API resources, with ability to attach lambda integrations and custom authorizers.

• Host: GitHub
• URL: https://github.com/mich0232/aws-api-gw
• Owner: Mich0232
• Created: 2022-11-29T01:49:24.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2022-12-16T23:59:28.000Z (over 3 years ago)
• Last Synced: 2025-03-10T08:43:52.670Z (over 1 year ago)
• Topics: api-gateway, aws, aws-lambda, terraform, terraform-module
• Language: HCL
• Homepage:
• Size: 17.6 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
## AWS HTTP API Gateway module

This module creates an HTTP API using AWS API Gateway.  

Stages are throttled using default limits:

```terraform

default_route_settings {

    throttling_burst_limit   = 5000

    throttling_rate_limit    = 10000

}

```

### Routes 

You can specify API routes using configuration. Each integration is of type AWS Lambda Proxy.

```terraform

module "api" {

  source       = "github.com/Mich0232/aws-api-gw.git"

  project_name = local.project_name

  api_name     = "my-api"

  stages = {

    "v1" : {

      auto_deploy = true

    }

  }

  

  integrations = {

    "main" : {

      function_name          = module.lambda.function_name

      invoke_arn             = module.lambda.invoke_arn

      stage                  = "v1"

      method                 = "POST"

      payload_format_version = "2.0"

    }

  }

  

  routes = {

    "GET /Info" : {

      integration   = "main"

      authorizer_id = null

      stage         = "v1"

    }

  }

}

```

### Authorizers

Module support adding custom authorizers.  

Created authorizers can be later references in the integrations section.

```terraform

module "api" {

  ...

  authorizers = {

    "my_authorizer" : {

      invoke_arn                        = module.authorizer.invoke_arn

      function_name                     = module.authorizer.function_name

      authorizer_payload_format_version = "2.0"

      authorizer_identity_sources       = ["$request.header.cookie"]

      stage                             = "v1"

    }

  }

  integrations = {

    "main" : {

      function_name          = module.lambda.function_name

      invoke_arn             = module.lambda.invoke_arn

      stage                  = "v1"

      method                 = "POST"

      payload_format_version = "2.0"

    }

  }

  routes = {

    "GET /Info" : {

      integration   = "main"

      authorizer_id = "my_authorizer"

      stage         = "v1"

    }

  }

  ...

}

```

### Domains

When adding custom domains you need to include the certificate ARN.  

Endpoint type will be set to `REGIONAL` and security policy to `TLS_1_2`

```terraform

module "api" {

  source       = "github.com/Mich0232/aws-api-gw.git"

  project_name = local.project_name

  api_name     = "my-api"

  ...

  domains = {

    "https://my-custom-website.com" : {

      certificate_arn = aws_acm_certificate_validation.api.certificate_arn

      domain_mapping  = "v1"

      stage           = "v1"

    }

  }

}

```

## Provisioned Resources

 - AWS HTTP API Gateway 

 - GW Stage

 - GW Integrations

 - GW Authorizers

 - GW Routes

 - GW Custom domains

 - GW Domain mappings

 - IAM Roles & Permissions

## Input variables

`project_name` - Project name. Used as a prefix in resources

`api_name` - AWS API GW name.

`domains` - custom domains configuration

```terraform

{

  type = map(object({

    certificate_arn = string

    domain_mapping  = string

    stage           = string

  }))

  default = {}

}

```

`cors_allowed_domains` - List of allowed domain for CORS interactions

`stages` - AWS GW Stages configuration

```terraform

{

  type = map(object({

    auto_deploy = bool

  }))

}

```

`authorizers` - AWS GW Lambda authorizers configuration

```terraform

{

  type = map(object({

    invoke_arn                        = string

    function_name                     = string

    authorizer_payload_format_version = string

    authorizer_identity_sources       = list(string)

    stage                             = string

  }))

  default = {}

}

```

`integrations` - AWS GW Integrations configuration

```terraform

{

  type = map(object({

    invoke_arn             = string

    function_name          = string

    stage                  = string

    method                 = string

    payload_format_version = string

  }))

}

```

`routes` - AWS GW Routes configuration.

Example key: `"GET /Test"` or `"POST /Login"`

```terraform

{

  type = map(object({

    integration   = string

    authorizer_id = string

    stage         = string

  }))

}

```

## Output

`invoke_urls` - list of invoke urls per API Stage