Skip to content

Instantly share code, notes, and snippets.

@mmmpa

mmmpa/api.tf Secret

Last active July 1, 2018 00:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mmmpa/4d472e0d844d894ebbdc4de8166010f3 to your computer and use it in GitHub Desktop.
Save mmmpa/4d472e0d844d894ebbdc4de8166010f3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
api.tf
variable "api_name" { default = "librarian_api" }
variable "table_name" { default = "librarian_db" }
variable "ss_token" {}
resource "aws_dynamodb_table" "db" {
name = "${var.table_name}"
read_capacity = 1
write_capacity = 1
hash_key = "doc_name"
attribute {
name = "doc_name"
type = "S"
}
}
resource "aws_api_gateway_rest_api" "main" {
name = "${var.api_name}"
description = "${var.api_name}"
}
resource "aws_api_gateway_method" "method" {
rest_api_id = "${aws_api_gateway_rest_api.main.id}"
resource_id = "${aws_api_gateway_rest_api.main.root_resource_id}"
http_method = "GET"
authorization = "NONE"
request_parameters = {
"method.request.querystring.text" = false
"method.request.querystring.token" = true
}
}
resource "aws_api_gateway_integration" "integration" {
rest_api_id = "${aws_api_gateway_rest_api.main.id}"
resource_id = "${aws_api_gateway_rest_api.main.root_resource_id}"
http_method = "${aws_api_gateway_method.method.http_method}"
type = "AWS"
uri = "arn:aws:apigateway:ap-northeast-1:dynamodb:action/GetItem"
integration_http_method = "POST"
credentials = "${aws_iam_role.role.arn}"
passthrough_behavior = "NEVER"
request_templates = {
"application/json" = <<EOF
#if($input.params('token') != "${var.ss_token}")
#stop
#end
#if($input.params('text') == '')
#set($key = 'help')
#else
#set($key = $input.params('text'))
#end
{
"TableName": "${var.table_name}",
"Key": {
"doc_name": {
"S": "$key"
}
}
}
EOF
}
}
resource "aws_api_gateway_method_response" "res" {
rest_api_id = "${aws_api_gateway_rest_api.main.id}"
resource_id = "${aws_api_gateway_rest_api.main.root_resource_id}"
http_method = "${aws_api_gateway_method.method.http_method}"
status_code = "200"
response_models = {
"application/json" = "Empty"
}
}
resource "aws_api_gateway_integration_response" "integration_res" {
depends_on = [
"aws_api_gateway_integration.integration",
]
rest_api_id = "${aws_api_gateway_rest_api.main.id}"
resource_id = "${aws_api_gateway_rest_api.main.root_resource_id}"
http_method = "${aws_api_gateway_method.method.http_method}"
status_code = "${aws_api_gateway_method_response.res.status_code}"
selection_pattern = "200"
response_templates = {
"application/json" = <<EOF
#set($text = $input.path('$.Item.content').S)
#if($text == "")
{ "text": "command not found" }
#else
{ "text": $text }
#end
EOF
}
}
resource "aws_api_gateway_deployment" "deploy" {
depends_on = [
"aws_api_gateway_integration.integration",
]
rest_api_id = "${aws_api_gateway_rest_api.main.id}"
stage_name = "doc"
description = "Deployed at ${timestamp()}"
}
output "endpoint" {
value = "${aws_api_gateway_deployment.deploy.invoke_url}"
}
resource "aws_iam_role" "role" {
name = "${var.api_name}_api_role"
path = "/"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "1",
"Effect": "Allow",
"Principal": {
"Service": "apigateway.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
EOF
}
resource "aws_iam_role_policy" "policy" {
name = "get-sample"
role = "${aws_iam_role.role.id}"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "1",
"Effect": "Allow",
"Action": [
"dynamodb:GetItem"
],
"Resource": [
"${aws_dynamodb_table.db.arn}"
]
}
]
}
EOF
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment