My Saved Presets
You must be logged in to view saved presets

Loading Library ...

Basic API Gateway REST API with Custom Policy

Creates a basic REST API in AWS API Gateway and attaches a custom IAM policy that allows invocation from a specific IP address.

test

aws_api_gateway_rest_api

binary_media_types



endpoint_configuration

types

vpc_endpoint_ids




depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



test

aws_api_gateway_rest_api_policy



depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



test

aws_iam_policy_document

override_policy_documents


source_policy_documents

statement

actions

condition


values


not_actions

not_principals

identifiers

not_resources

principals

identifiers

resources


depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

data "aws_iam_policy_document" "test" {

  statement {
    actions = ["execute-api:Invoke"]

    condition {
      test = "IpAddress"
      values = ["123.123.123.123/32"]
      variable = "aws:SourceIp"
    }
    effect = "Allow"

    principals {
      identifiers = [*]
      type = "AWS"
    }
    resources = [aws_api_gateway_rest_api.test.execution_arn]
  }
}

resource "aws_api_gateway_rest_api" "test" {
  name = "example-rest-api"
}

resource "aws_api_gateway_rest_api_policy" "test" {
  policy = data.aws_iam_policy_document.test.json
  rest_api_id = aws_api_gateway_rest_api.test.id
}

© 2024 asecurecloud. All rights reserved.