Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
YAML version of tmaslen's API Gateway cloudformation template - useful when you don't want to use SAM
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Sample template that contains a Lambda function behind an API GW
Resources:
# BEGIN: Should only need this in an empty API Gateway situation
ApiGatewayCloudWatchLogsRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- apigateway.amazonaws.com
Action:
- sts:AssumeRole
Policies:
- PolicyName: ApiGatewayLogsPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:DescribeLogGroups
- logs:DescribeLogStreams
- logs:PutLogEvents
- logs:GetLogEvents
- logs:FilterLogEvents
Resource: "*"
ApiGatewayAccount:
Type: AWS::ApiGateway::Account
Properties:
CloudWatchRoleArn: !GetAtt ApiGatewayCloudWatchLogsRole.Arn
# END: Should only need this in an empty API Gateway situation
GreetingLambda:
Type: AWS::Lambda::Function
Properties:
Code:
ZipFile: |
'use strict';
// Greeter Lambda
exports.handler = (event, context, callback) => {
console.log('Event:', JSON.stringify(event));
const name = event.params.querystring.name || event.body.name || 'World';
const response = {greeting: `Hello, ${name}!`};
callback(null, response);
};
Description: A greeting function
Handler: index.handler
Role: !GetAtt LambdaExecutionRole.Arn
Runtime: nodejs10.x
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
GreetingApi:
Type: AWS::ApiGateway::RestApi
Properties:
Description: API used for Greeting requests
FailOnWarnings: true
Name: !Ref AWS::StackName
EndpointConfiguration:
Types:
- REGIONAL
LambdaPermission:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:invokeFunction
FunctionName: !GetAtt GreetingLambda.Arn
Principal: apigateway.amazonaws.com
SourceArn: !Sub 'arn:${AWS::Partition}:execute-api:${AWS::Region}:${AWS::AccountId}:${GreetingApi}/*'
GreetingApiStage:
DependsOn:
- ApiGatewayAccount
Type: AWS::ApiGateway::Stage
Properties:
DeploymentId: !Ref Deployment
MethodSettings:
- DataTraceEnabled: true
HttpMethod: "*"
LoggingLevel: INFO
ResourcePath: "/*"
RestApiId: !Ref GreetingApi
StageName: LATEST
Deployment:
Type: AWS::ApiGateway::Deployment
DependsOn:
- GreetingRequestGET
- GreetingRequestPOST
Properties:
RestApiId: !Ref GreetingApi
StageName: Production
GreetingResource:
Type: AWS::ApiGateway::Resource
Properties:
RestApiId: !Ref GreetingApi
ParentId: !GetAtt GreetingApi.RootResourceId
PathPart: greeting
GreetingRequestGET:
DependsOn: LambdaPermission
Type: AWS::ApiGateway::Method
Properties:
AuthorizationType: NONE
HttpMethod: GET
Integration:
Type: AWS
IntegrationHttpMethod: POST
Uri: !Sub 'arn:${AWS::Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GreetingLambda.Arn}/invocations'
IntegrationResponses:
- StatusCode: 200
RequestTemplates:
application/json: |
## See http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html
## This template will pass through all parameters including path, querystring, header, stage variables, and context through to the integration endpoint via the body/payload
#set($allParams = $input.params())
{
"body" : $input.json('$'),
"params" : {
#foreach($type in $allParams.keySet())
#set($params = $allParams.get($type))
"$type" : {
#foreach($paramName in $params.keySet())
"$paramName" : "$util.escapeJavaScript($params.get($paramName))"
#if($foreach.hasNext),#end
#end
}
#if($foreach.hasNext),#end
#end
},
"stageVariables" : {
#foreach($key in $stageVariables.keySet())
"$key" : "$util.escapeJavaScript($stageVariables.get($key))"
#if($foreach.hasNext),#end
#end
},
"context" : {
"accountId" : "$context.identity.accountId",
"apiId" : "$context.apiId",
"apiKey" : "$context.identity.apiKey",
"authorizerPrincipalId" : "$context.authorizer.principalId",
"caller" : "$context.identity.caller",
"cognitoAuthenticationProvider" : "$context.identity.cognitoAuthenticationProvider",
"cognitoAuthenticationType" : "$context.identity.cognitoAuthenticationType",
"cognitoIdentityId" : "$context.identity.cognitoIdentityId",
"cognitoIdentityPoolId" : "$context.identity.cognitoIdentityPoolId",
"httpMethod" : "$context.httpMethod",
"stage" : "$context.stage",
"sourceIp" : "$context.identity.sourceIp",
"user" : "$context.identity.user",
"userAgent" : "$context.identity.userAgent",
"userArn" : "$context.identity.userArn",
"requestId" : "$context.requestId",
"resourceId" : "$context.resourceId",
"resourcePath" : "$context.resourcePath"
}
}
RequestParameters:
method.request.querystring.name: false
ResourceId: !Ref GreetingResource
RestApiId: !Ref GreetingApi
MethodResponses:
- StatusCode: 200
GreetingRequestPOST:
DependsOn: LambdaPermission
Type: AWS::ApiGateway::Method
Properties:
AuthorizationType: NONE
HttpMethod: POST
Integration:
Type: AWS
IntegrationHttpMethod: POST
Uri: !Sub 'arn:${AWS::Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GreetingLambda.Arn}/invocations'
IntegrationResponses:
- StatusCode: 200
RequestTemplates:
application/json: |
## See http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html
## This template will pass through all parameters including path, querystring, header, stage variables, and context through to the integration endpoint via the body/payload
#set($allParams = $input.params())
{
"body" : $input.json('$'),
"params" : {
#foreach($type in $allParams.keySet())
#set($params = $allParams.get($type))
"$type" : {
#foreach($paramName in $params.keySet())
"$paramName" : "$util.escapeJavaScript($params.get($paramName))"
#if($foreach.hasNext),#end
#end
}
#if($foreach.hasNext),#end
#end
},
"stageVariables" : {
#foreach($key in $stageVariables.keySet())
"$key" : "$util.escapeJavaScript($stageVariables.get($key))"
#if($foreach.hasNext),#end
#end
},
"context" : {
"accountId" : "$context.identity.accountId",
"apiId" : "$context.apiId",
"apiKey" : "$context.identity.apiKey",
"authorizerPrincipalId" : "$context.authorizer.principalId",
"caller" : "$context.identity.caller",
"cognitoAuthenticationProvider" : "$context.identity.cognitoAuthenticationProvider",
"cognitoAuthenticationType" : "$context.identity.cognitoAuthenticationType",
"cognitoIdentityId" : "$context.identity.cognitoIdentityId",
"cognitoIdentityPoolId" : "$context.identity.cognitoIdentityPoolId",
"httpMethod" : "$context.httpMethod",
"stage" : "$context.stage",
"sourceIp" : "$context.identity.sourceIp",
"user" : "$context.identity.user",
"userAgent" : "$context.identity.userAgent",
"userArn" : "$context.identity.userArn",
"requestId" : "$context.requestId",
"resourceId" : "$context.resourceId",
"resourcePath" : "$context.resourcePath"
}
}
RequestParameters:
method.request.querystring.name: false
ResourceId: !Ref GreetingResource
RestApiId: !Ref GreetingApi
MethodResponses:
- StatusCode: 200
Outputs:
RootUrl:
Description: Root URL of the API gateway
Value: !Sub 'https://${GreetingApi}.execute-api.${AWS::Region}.amazonaws.com'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment