AWS API Gateway Model
This page shows how to write Terraform and CloudFormation for API Gateway Model and write them securely.
aws_api_gateway_model (Terraform)
The Model in API Gateway can be configured in Terraform with the resource name aws_api_gateway_model
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_api_gateway_model" "tfer--7g27x7" {
content_type = "application/json"
description = "This is a default empty schema model"
name = "Empty"
rest_api_id = "0abe4bmm65"
schema = "{\n \"$schema\": \"http://json-schema.org/draft-04/schema#\",\n \"title\" : \"Empty Schema\",\n \"type\" : \"object\"\n}"
resource "aws_api_gateway_model" "machine_config" {
rest_api_id = aws_api_gateway_rest_api.api_gateway.id
name = "MachineConfig"
description = "A configuration returned by /preflight"
content_type = "application/json"
resource "aws_api_gateway_model" "error_model" {
rest_api_id = aws_api_gateway_rest_api.rest_api.id
name = "Error"
description = "a JSON schema"
content_type = "application/json"
resource "aws_api_gateway_model" "result_request" {
rest_api_id = aws_api_gateway_rest_api.api.id
name = "ResultRequest"
content_type = "application/json"
schema = <<EOF
resource "aws_api_gateway_model" "gateway_model" {
count = length(var.gateway_model)
content_type = lookup(var.gateway_model[count.index], "content_type")
name = lookup(var.gateway_model[count.index], "name")
rest_api_id = element(var.rest_api_id, lookup(var.gateway_model[count.index], "rest_api_id"))
schema = file(join(".", [join("/", [path.cwd, lookup(var.gateway_model[count.index], "schema")]), ".json"]))
Parameters
-
content_type
required - string -
description
optional - string -
id
optional computed - string -
name
required - string -
rest_api_id
required - string -
schema
optional - string
Explanation in Terraform Registry
Provides a Model for a REST API Gateway.
Tips: Best Practices for The Other AWS API Gateway Resources
In addition to the aws_api_gateway_method_settings, AWS API Gateway has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
aws_api_gateway_method_settings
Ensure that API Gateway stage-level cache is encrypted
It is better to enable the stage-level cache encryption which reduces the risk of data leakage.
aws_api_gateway_domain_name
Ensure to use modern TLS protocols
It is better to adopt TLS v1.2+.
aws_api_gateway_stage
Ensure to enable access logging of your API Gateway stage (v1)
It is better to enable the access logging of your API Gateway stage (v1).
aws_api_gateway_method
Ensure that your API Gateway method blocks unwanted access
It is better that the API Gateway method does not allow public access.
AWS::ApiGateway::Model (CloudFormation)
The Model in ApiGateway can be configured in CloudFormation with the resource name AWS::ApiGateway::Model
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
ContentType
optional - String -
Description
optional - String -
Name
optional - String -
RestApiId
required - String -
Schema
optional - Json
Explanation in CloudFormation Registry
The
AWS::ApiGateway::Model
resource defines the structure of a request or response payload for an API method.
Frequently asked questions
What is AWS API Gateway Model?
AWS API Gateway Model is a resource for API Gateway of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS API Gateway Model?
For Terraform, the denniswed/headsincloud-FO-copy, airbnb/rudolph and mallebris/rest-api-deployment-example source code examples are useful. See the Terraform Example section for further details.