Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[apigateway] support configuring endpoint types for SpecRestApi (Swagger/OpenApi) #9060

Closed
IsmaelMartinez opened this issue Jul 14, 2020 · 2 comments · Fixed by #9068
Closed

[apigateway] support configuring endpoint types for SpecRestApi (Swagger/OpenApi) #9060

IsmaelMartinez opened this issue Jul 14, 2020 · 2 comments · Fixed by #9068
Assignees
@nija-at
Labels
@aws-cdk/aws-apigateway Related to Amazon API Gateway effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. in-progress This issue is being actively worked on.

Comments

@IsmaelMartinez
Copy link
Contributor

IsmaelMartinez commented Jul 14, 2020
edited

I will like to be able to create a private endpoint for API Gateway using the SpecRestApi (Swagger/Openapi).

Currently, the SpecRestApi only creates EDGE endpoints and the endpoint configuration is not available.

AWS documentation indicates you need to use x-amazon-apigateway-endpoint-configuration but that doesn't work as indicated in this stackoverflow issue:
https://stackoverflow.com/questions/62894289/aws-cdk-private-api-gateway-using-specrestapi-openapi-3

When using the servers/x-amazon-apigateway-endpoint-configuration section, the deployment fails with the following message:

VPCEndpoints can only be specified with PRIVATE apis. (Service: AmazonApiGateway; Status Code: 400; Error Code: BadRequestException; Request ID: 12600381-6232-4213-894d-264b7501828b)

Use Case

Anyone needing to use OpenAPI 3.0 for private and/or Regional endpoint configurations.

Proposed Solution

The proposed solution is to move the endpointTypes from the RestApiProps into the RestApiOptions (one level down), and do the similar with configureEndpoints function.

Details can be found in #9068

Other

  • [*] 👋 I may be able to implement this feature request

This is a 🚀 Feature Request
@IsmaelMartinez IsmaelMartinez added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Jul 14, 2020
@github-actions github-actions bot added the @aws-cdk/aws-apigateway Related to Amazon API Gateway label Jul 14, 2020
@IsmaelMartinez IsmaelMartinez mentioned this issue Jul 14, 2020
Closed
@SomayaB SomayaB added the in-progress This issue is being actively worked on. label Jul 14, 2020
@IsmaelMartinez IsmaelMartinez mentioned this issue Jul 14, 2020
Merged
@IsmaelMartinez
Copy link
Contributor Author

apologies, git pull bot (I think from my branch) looks like updated the cdk in the branch but then deleted commits and, why not, closed then the PR. Opened the #9068 PR. 🥈

@IsmaelMartinez
Copy link
Contributor Author

Updated to indicate what happens if using the servers/x-amazon-apigateway-endpoint-configuration section.

The deployment fails with the following message:

VPCEndpoints can only be specified with PRIVATE apis. (Service: AmazonApiGateway; Status Code: 400; Error Code: BadRequestException; Request ID: 12600381-6232-4213-894d-264b7501828b)

Let me know if you prefer to move this to be a bug

@nija-at nija-at changed the title [apigateway] unable to create private API gateway for openApi 3.0 [apigateway] support configuring endpoint types for openApi 3.0 Jul 17, 2020
@nija-at nija-at added effort/small Small work item – less than a day of effort and removed needs-triage This issue or PR still needs to be triaged. labels Jul 17, 2020
@IsmaelMartinez IsmaelMartinez changed the title [apigateway] support configuring endpoint types for openApi 3.0 [apigateway] support configuring endpoint types for SpecRestApi (Swagger/OpenApi) Jul 20, 2020
@mergify mergify bot closed this as completed in #9068 Aug 4, 2020
mergify bot pushed a commit that referenced this issue Aug 4, 2020
@IsmaelMartinez
feat(apigateway): configure endpoint types on SpecRestApi (#9068)
7673e48 
feat(apigateway): adding the ability to set the endpoint configuration for the OpenAPI 3.0

With this change, it will be possible to modify this by providing the endpointTypes as shown here:

```
const api = new apigateway.SpecRestApi(this, 'ExampleRestApi', {
  apiDefinition: apigateway.ApiDefinition.fromInline(replacedSwagger),
  endpointTypes: [apigateway.EndpointType.PRIVATE],
});
```
Note: For private endpoints you will still need to provide the `x-amazon-apigateway-endpoint-configuration` and `x-amazon-apigateway-policy` in your openApi file.

The following is an example with both settings:
```json
{
    "openapi": "3.0.2",
    "servers" : [
      {
        "x-amazon-apigateway-endpoint-configuration": {
          "vpcEndpointIds": [
            "vpce-00111a1111a1aa011"
          ]
        }
      }
    ],
    "paths": { ... },
    "x-amazon-apigateway-policy": {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": "*",
                "Action": [
                    "execute-api:Invoke",
                    "execute-api:GET"
                ],
                "Resource": "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:*",
                "Condition": {
                    "StringEquals": {
                      "aws:sourceVpce": "vpce-00111a1111a1aa011"
                    }
                }
            }
        ]
    }
}
```

Checklist for this PR:
🧪 Testing: adding integration testing for private API gateway.
📄 Docs: Add example in the README documentation about how to create a private API gateway with swagger

Fixes #9060

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license
eladb pushed a commit that referenced this issue Aug 10, 2020
@IsmaelMartinez
feat(apigateway): configure endpoint types on SpecRestApi (#9068)
81bb87a 
feat(apigateway): adding the ability to set the endpoint configuration for the OpenAPI 3.0

With this change, it will be possible to modify this by providing the endpointTypes as shown here:

```
const api = new apigateway.SpecRestApi(this, 'ExampleRestApi', {
  apiDefinition: apigateway.ApiDefinition.fromInline(replacedSwagger),
  endpointTypes: [apigateway.EndpointType.PRIVATE],
});
```
Note: For private endpoints you will still need to provide the `x-amazon-apigateway-endpoint-configuration` and `x-amazon-apigateway-policy` in your openApi file.

The following is an example with both settings:
```json
{
    "openapi": "3.0.2",
    "servers" : [
      {
        "x-amazon-apigateway-endpoint-configuration": {
          "vpcEndpointIds": [
            "vpce-00111a1111a1aa011"
          ]
        }
      }
    ],
    "paths": { ... },
    "x-amazon-apigateway-policy": {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": "*",
                "Action": [
                    "execute-api:Invoke",
                    "execute-api:GET"
                ],
                "Resource": "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:*",
                "Condition": {
                    "StringEquals": {
                      "aws:sourceVpce": "vpce-00111a1111a1aa011"
                    }
                }
            }
        ]
    }
}
```

Checklist for this PR:
🧪 Testing: adding integration testing for private API gateway.
📄 Docs: Add example in the README documentation about how to create a private API gateway with swagger

Fixes #9060

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license
curtiseppel pushed a commit to curtiseppel/aws-cdk that referenced this issue Aug 11, 2020
@IsmaelMartinez
feat(apigateway): configure endpoint types on SpecRestApi (aws#9068)
23003f3 
feat(apigateway): adding the ability to set the endpoint configuration for the OpenAPI 3.0

With this change, it will be possible to modify this by providing the endpointTypes as shown here:

```
const api = new apigateway.SpecRestApi(this, 'ExampleRestApi', {
  apiDefinition: apigateway.ApiDefinition.fromInline(replacedSwagger),
  endpointTypes: [apigateway.EndpointType.PRIVATE],
});
```
Note: For private endpoints you will still need to provide the `x-amazon-apigateway-endpoint-configuration` and `x-amazon-apigateway-policy` in your openApi file.

The following is an example with both settings:
```json
{
    "openapi": "3.0.2",
    "servers" : [
      {
        "x-amazon-apigateway-endpoint-configuration": {
          "vpcEndpointIds": [
            "vpce-00111a1111a1aa011"
          ]
        }
      }
    ],
    "paths": { ... },
    "x-amazon-apigateway-policy": {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": "*",
                "Action": [
                    "execute-api:Invoke",
                    "execute-api:GET"
                ],
                "Resource": "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:*",
                "Condition": {
                    "StringEquals": {
                      "aws:sourceVpce": "vpce-00111a1111a1aa011"
                    }
                }
            }
        ]
    }
}
```

Checklist for this PR:
🧪 Testing: adding integration testing for private API gateway.
📄 Docs: Add example in the README documentation about how to create a private API gateway with swagger

Fixes aws#9060

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nija-at nija-at

Labels
@aws-cdk/aws-apigateway Related to Amazon API Gateway effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. in-progress This issue is being actively worked on.
Projects
None yet
Milestone
No milestone
3 participants
@IsmaelMartinez @nija-at @SomayaB