My Saved Presets
You must be logged in to view saved presets

Loading Library ...

REST API with OpenAPI Specification and Private Endpoints

Configures a REST API using an OpenAPI specification with private endpoint configuration in a VPC.

example

aws_api_gateway_deployment
canary_settings





depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_api_gateway_rest_api

binary_media_types



endpoint_configuration

types

vpc_endpoint_ids




depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_api_gateway_stage




access_log_settings



canary_settings





depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_default_security_group
egress

cidr_blocks


ipv6_cidr_blocks

prefix_list_ids


security_groups

ingress

cidr_blocks


ipv6_cidr_blocks

prefix_list_ids


security_groups


depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_subnet








depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_vpc






depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_vpc_endpoint




dns_options

route_table_ids

subnet_ids

security_group_ids

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



available

aws_availability_zones
filter


values

exclude_names

exclude_zone_ids

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



current

aws_region



depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

data "aws_availability_zones" "available" {

  filter {
    name = "opt-in-status"
    values = ["opt-in-not-required"]
  }
  state = "available"
}

data "aws_region" "current" {
}

resource "aws_api_gateway_deployment" "example" {

  lifecycle {
    create_before_destroy = true
  }
  rest_api_id = aws_api_gateway_rest_api.example.id

  triggers = {
    redeployment = sha1(jsonencode(aws_api_gateway_rest_api.example.body))
  }
}

resource "aws_api_gateway_rest_api" "example" {
  body = jsonencode({
 openapi = "3.0.1"
 info = {
 title = "example"
 version = "1.0"
 }
 paths = {
 "/path1" = {
 get = {
 x-amazon-apigateway-integration = {
 httpMethod = "GET"
 payloadFormatVersion = "1.0"
 type = "HTTP_PROXY"
 uri = "https://ip-ranges.amazonaws.com/ip-ranges.json"
 }
 }
 }
 }
 })

  endpoint_configuration {
    types = ["PRIVATE"]
    vpc_endpoint_ids = [aws_vpc_endpoint.example[0].id, aws_vpc_endpoint.example[1].id, aws_vpc_endpoint.example[2].id]
  }
  name = "example"
  put_rest_api_mode = "merge"
}

resource "aws_api_gateway_stage" "example" {
  deployment_id = aws_api_gateway_deployment.example.id
  rest_api_id = aws_api_gateway_rest_api.example.id
  stage_name = "example"
}

resource "aws_default_security_group" "example" {
  vpc_id = aws_vpc.example.id
}

resource "aws_subnet" "example" {
  availability_zone = data.aws_availability_zones.available.names[0]
  cidr_block = cidrsubnet(aws_vpc.example.cidr_block, 8, 0)
  vpc_id = aws_vpc.example.id
}

resource "aws_vpc" "example" {
  cidr_block = "10.0.0.0/16"
  enable_dns_hostnames = true
  enable_dns_support = true
}

resource "aws_vpc_endpoint" "example" {
  count = 3
  private_dns_enabled = false
  security_group_ids = [aws_default_security_group.example.id]
  service_name = "com.amazonaws.${data.aws_region.current.name}.execute-api"
  subnet_ids = [aws_subnet.example.id]
  vpc_endpoint_type = "Interface"
  vpc_id = aws_vpc.example.id
}

© 2024 asecurecloud. All rights reserved.