-
Notifications
You must be signed in to change notification settings - Fork 5
/
api-config.yaml
109 lines (92 loc) · 2.99 KB
/
api-config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
AWSTemplateFormatVersion: 2010-09-09
Description: Template for creating API Gateway configuration
# Prior to creation of this stack, DNS configuration of my domain is exported to Route53
# template.yaml is dependent on this stack. Make sure that the name of this stack matches with the parameters in config-${Stage}.json
Parameters:
HostedZoneName:
Type: String
Description: The Domain name of the API. Do not include trailing period here.
HostedZoneId:
Type: String
Description: The Id of the domain in Route53.
UsagePlanName:
Type: String
Description: Name of the Usage Plan
Default: DevUsagePlan
AllowedValues: [ DevUsagePlan, UATUsagePlan, ProdUsagePlan ]
Stage:
Type: String
Description: The environment for the deployment
Default: dev
AllowedValues: [ dev, uat, prod ]
QuotaLimit:
Type: Number
Description: The requests Quota Limit
Default: 1000
QuotaPeriod:
Type: String
Description: The Quota Period type (e.g. DAY,WEEK,MONTH)
Default: MONTH
ThrottleBurstLimit:
Type: Number
Description: The requests Burst Limit
Default: 200
ThrottleRateLimit:
Type: Number
Description: The requests per second Rate Limit
Default: 100
Resources:
ApiUsagePlan:
Type: AWS::ApiGateway::UsagePlan
Properties:
Quota:
Limit: !Ref QuotaLimit
Period: !Ref QuotaPeriod
Throttle:
BurstLimit: !Ref ThrottleBurstLimit
RateLimit: !Ref ThrottleRateLimit
UsagePlanName: !Ref UsagePlanName
ApiKey:
Type: AWS::ApiGateway::ApiKey
Properties:
Name: !Sub api-key-${Stage}
Enabled: true
ApiKeyAssociation: # Associates a API key with a usage plan
Type: AWS::ApiGateway::UsagePlanKey
Properties:
KeyId: !Ref ApiKey
KeyType: API_KEY
UsagePlanId: !Ref ApiUsagePlan
ApiDomainName:
Type: AWS::ApiGateway::DomainName
Properties:
DomainName: !Sub api-${Stage}.${HostedZoneName}
EndpointConfiguration:
Types:
- REGIONAL
SecurityPolicy: TLS_1_2
RegionalCertificateArn: !Ref SSLCertificate
ApiRecordSet:
Type: AWS::Route53::RecordSet
Properties:
HostedZoneName: !Sub ${HostedZoneName}. # Trailing period is necessary
Name: !Ref ApiDomainName
ResourceRecords:
- !GetAtt ApiDomainName.RegionalDomainName
TTL: 60
Type: CNAME
SSLCertificate:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName: !Sub 'api-${Stage}.${HostedZoneName}'
ValidationMethod: DNS
DomainValidationOptions:
- DomainName: !Sub 'api-${Stage}.${HostedZoneName}'
HostedZoneId: !Ref HostedZoneId # This the alphanumeric Id of the domain in Route53.
# This creates a CNAME record for the SSL certificate and no manual DNS validation is necessary.
Outputs:
DomainName:
Description: The Domain name
Value: !Ref ApiDomainName
Export:
Name: !Sub ${AWS::StackName}-Api-DomainName