Created
August 11, 2019 16:44
-
-
Save haranjackson/7006fb3e4f6030bdaa76b42f59ed98a6 to your computer and use it in GitHub Desktop.
An AWS CloudFormation template for an API Gateway GET/POST endpoint, backed by a Lambda function
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AWSTemplateFormatVersion: 2010-09-09 | |
Parameters: | |
ApiId: | |
Type: String | |
Description: The ID of API to which this endpoint should be added | |
FunctionArn: | |
Type: String | |
Description: The ARN of the lambda function behind this endpoint | |
HttpMethod: | |
Type: String | |
Description: The HTTP method for this endpoint | |
AllowedValues: [POST, GET] | |
ParentResourceId: | |
Type: String | |
Description: The ID of the parent resource of this endpoint | |
Path: | |
Type: String | |
Description: The path of this endpoint | |
UseApiKey: | |
Type: String | |
Description: >- | |
Whether to protect this endpoint with the API key associated with a | |
deployment of this API | |
Default: false | |
AllowedValues: [true, false] | |
UseCors: | |
Type: String | |
Description: Whether to add an OPTIONS method to allow CORS for this endpoint | |
Default: true | |
AllowedValues: [true, false] | |
Conditions: | |
USE_CORS: | |
!Equals [true, !Ref UseCors] | |
Resources: | |
ApiGatewayRole: | |
Type: AWS::IAM::Role | |
Properties: | |
AssumeRolePolicyDocument: | |
Version: 2012-10-17 | |
Statement: | |
- Effect: Allow | |
Action: | |
- sts:AssumeRole | |
Principal: | |
Service: apigateway.amazonaws.com | |
Policies: | |
- PolicyName: ApiGatewayLambdaPolicy | |
PolicyDocument: | |
Version: 2012-10-17 | |
Statement: | |
- Effect: Allow | |
Action: | |
- lambda:InvokeFunction | |
Resource: "*" | |
Resource: | |
Type: AWS::ApiGateway::Resource | |
Properties: | |
ParentId: !Ref ParentResourceId | |
PathPart: !Ref Path | |
RestApiId: !Ref ApiId | |
Method: | |
Type: AWS::ApiGateway::Method | |
Properties: | |
ApiKeyRequired: !Ref UseApiKey | |
AuthorizationType: NONE | |
HttpMethod: !Ref HttpMethod | |
Integration: | |
Credentials: !GetAtt ApiGatewayRole.Arn | |
IntegrationHttpMethod: POST | |
Type: AWS_PROXY | |
Uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${FunctionArn}/invocations | |
ResourceId: !Ref Resource | |
RestApiId: !Ref ApiId | |
Options: | |
Condition: USE_CORS | |
Type: AWS::ApiGateway::Method | |
Properties: | |
AuthorizationType: NONE | |
RestApiId: !Ref ApiId | |
ResourceId: !Ref Resource | |
HttpMethod: OPTIONS | |
Integration: | |
IntegrationResponses: | |
- StatusCode: 200 | |
ResponseParameters: | |
method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'" | |
method.response.header.Access-Control-Allow-Methods: !Sub "'${HttpMethod},OPTIONS'" | |
method.response.header.Access-Control-Allow-Origin: "'*'" | |
ResponseTemplates: | |
application/json: '' | |
PassthroughBehavior: WHEN_NO_MATCH | |
RequestTemplates: | |
application/json: '{"statusCode": 200}' | |
Type: MOCK | |
MethodResponses: | |
- StatusCode: 200 | |
ResponseModels: | |
application/json: 'Empty' | |
ResponseParameters: | |
method.response.header.Access-Control-Allow-Headers: false | |
method.response.header.Access-Control-Allow-Methods: false | |
method.response.header.Access-Control-Allow-Origin: false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment