Terraform - API Gateway


API Gateway

module "api_gateway" {
  source     = "app.terraform.io/cuscal/svc-aws-api-gateway/ecloud"
  version    = "0.0.1"
  app_id     = "app"
  identifier = "authorisation"

  endpoint_types = ["REGIONAL"]

  body = templatefile("${path.module}/swaggers/authos.tftpl", {
    title = "test-title"
    invoke_arn = "arn:aws:apigateway:ap-southeast-2:lambda:path/2015-03-31/functions/${module.create_authorisation_lambda.alias_arn}/invocations"
  })
  # body = file("${path.module}/swaggers/authos.json")

  alarm_runbook_link = "https://cuscal.atlassian.net/wiki/spaces/CLOUD/my_api_gw_runbook"

  enable_xray               = true

  per_client_throttling = {
    default_burst_limit = 5000
    default_rate_limit  = 10000
  }
}

"x-amazon-apigateway-integration": {
  "httpMethod": "POST",
  "type": "aws_proxy",
  "uri": "${lambda_invoke_arn}"
}

LAMBDA

module "create_authorisation_lambda" {
  source     = "app.terraform.io/cuscal/svc-aws-lambda/ecloud"
  version    = "0.1.6"
  app_id     = var.app_id
  identifier = "create-authorisation"

  runtime          = "nodejs18.x"
  handler          = "artifact-app-v1.0.0/index.handler"
  publish_versions = true
  is_regulated     = false

  upload_s3_artifact = false
  artifact = {
    file_path = "${path.module}/artifact-app-v1.0.0.zip"
    source_code_hash = filebase64sha256("artifact-app-v1.0.0.zip")
  }

  invoke_permissions = {
    apigateway = {
      service_principal = "apigateway.amazonaws.com",
      source_arn        = "arn:aws:execute-api:ap-southeast-2:000000000000:*"
    },
  }
  #   execution_policy_json = data.aws_iam_policy_document.authorizer_lambda_policy.json

  #   setup_execution_role = true
  #   tags = local.common_tags
}

  x-amazon-apigateway-integration:
    httpMethod: POST
    type: "aws_proxy"
    uri: ${invoke_arn}
awslocal apigateway get-rest-apis
awslocal apigateway get-resources --rest-api-id=id=7zh8v3gitf                                  
7zh8v3gitf

curl -X POST http://localhost:4566/restapis/7zh8v3gitf/dev/_user_request_/authorisation | jq


awslocal apigateway get-stages --rest-api-id jbhimsowmc

awslocal logs describe-log-streams --log-group-name "API-Gateway-Execution-Logs_4ecfzm3gh4/dev"
awslocal logs describe-log-streams --log-group-name "/dregdata/cwlgnonreg/dhs/authoriser/public/apigw-access-log/4ecfzm3gh4/dev"