@aws-cdk/aws-apigateway

CDK Construct Library for Amazon API Gateway

Amazon API Gateway is a fully managed service that makes it easy for developers to publish, maintain, monitor, and secure APIs at any scale. Create an API to access data, business logic, or functionality from your back-end services, such as applications running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any web application.

Defining APIs

APIs are defined as a hierarchy of resources and methods. addResource and addMethod can be used to build this hierarchy. The root resource is api.root.

For example, the following code defines an API that includes the following HTTP endpoints: ANY /, GET /books, POST /books, GET /books/{book_id}, DELETE /books/{book_id}.

const api = new apigateway.RestApi(this, 'books-api');

api.root.addMethod('ANY');

const books = api.root.addResource('books');
books.addMethod('GET');
books.addMethod('POST');

const book = books.addResource('{book_id}');
book.addMethod('GET');
book.addMethod('DELETE');

Integration Targets

Methods are associated with backend integrations, which are invoked when this method is called. API Gateway supports the following integrations:

• MockIntegration - can be used to test APIs. This is the default integration if one is not specified.
• LambdaIntegration - can be used to invoke an AWS Lambda function.
• AwsIntegration - can be used to invoke arbitrary AWS service APIs.
• HttpIntegration - can be used to invoke HTTP endpoints.

The following example shows how to integrate the GET /book/{book_id} method to an AWS Lambda function:

const getBookHandler = new lambda.Function(...);
const getBookIntegration = new apigateway.LambdaIntegration(getBookHandler);
book.addMethod('GET', getBookIntegration);

Integration options can be optionally be specified:

const getBookIntegration = new apigateway.LambdaIntegration(getBookHandler, {
  contentHandling: apigateway.ContentHandling.ConvertToText, // convert to base64
  credentialsPassthrough: true, // use caller identity to invoke the function
});

Method options can optionally be specified when adding methods:

book.addMethod('GET', getBookIntegration, {
  authorizationType: apigateway.AuthorizationType.IAM,
  apiKeyRequired: true
});

Default Integration and Method Options

The defaultIntegration and defaultMethodOptions properties can be used to configure a default integration at any resource level. These options will be used when defining method under this resource (recursively) with undefined integration or options.

If not defined, the default integration is MockIntegration. See reference documentation for default method options.

The following example defines the booksBackend integration as a default integration. This means that all API methods that do not explicitly define an integration will be routed to this AWS Lambda function.

const booksBackend = new apigateway.LambdaIntegration(...);
const api = new apigateway.RestApi(this, 'books', {
  defaultIntegration: booksBackend
});

const books = new api.root.addResource('books');
books.addMethod('GET');  // integrated with `booksBackend`
books.addMethod('POST'); // integrated with `booksBackend`

const book = books.addResource('{book_id}');
book.addMethod('GET');   // integrated with `booksBackend`

Deployments

By default, the RestApi construct will automatically create an API Gateway Deployment and a "prod" Stage which represent the API configuration you defined in your CDK app. This means that when you deploy your app, your API will be have open access from the internet via the stage URL.

The URL of your API can be obtained from the attribute restApi.url, and is also exported as an Output from your stack, so it's printed when you cdk deploy your app:

$ cdk deploy
...
books.booksapiEndpointE230E8D5 = https://6lyktd4lpk.execute-api.us-east-1.amazonaws.com/prod/

To disable this behavior, you can set { deploy: false } when creating your API. This means that the API will not be deployed and a stage will not be created for it. You will need to manually define a apigateway.Deployment and apigateway.Stage resources.

Use the deployOptions property to customize the deployment options of your API.

The following example will configure API Gateway to emit logs and data traces to AWS CloudWatch for all API calls:

By default, an IAM role will be created and associated with API Gateway to allow it to write logs and metrics to AWS CloudWatch cloudWatchRole is set to false.

const api = new apigateway.RestApi(this, 'books', {
  deployOptions: {
    loggingLevel: apigateway.MethodLoggingLevel.Info,
    dataTraceEnabled: true
  }
})

Deeper dive: invalidation of deployments

API Gateway deployments are an immutable snapshot of the API. This means that we want to automatically create a new deployment resource every time the API model defined in our CDK app changes.

In order to achieve that, the AWS CloudFormation logical ID of the AWS::ApiGateway::Deployment resource is dynamically calculated by hashing the API configuration (resources, methods). This means that when the configuration changes (i.e. a resource or method are added, configuration is changed), a new logical ID will be assigned to the deployment resource. This will cause CloudFormation to create a new deployment resource.

By default, old deployments are deleted. You can set retainDeployments: true to allow users revert the stage to an old deployment manually.

Missing Features

See awslabs/aws-cdk#723 for a list of missing features.

---

This module is part of the AWS Cloud Development Kit project.

Changelog

0.10.0 (2018-09-27)

This release introduces a better way to "escape" L2 constructs in case of missing features by adding the ability to add arbitrary overrides for resource properties:

const bucket = new s3.Bucket(this, 'L2Bucket');

// access L1
const bucketResource = bucket.findChild('Resource') as s3.cloudformation.BucketResource;

// strongly-typed overrides
bucketResource.propertyOverrides.bucketName = 'NewBucketName';

// weakly-typed overrides
bucketResource.addPropertyOverride('BucketName', 'NewerBucketName');

Bug Fixes

• aws-codecommit: typo in README (#780) (0e79c2d)
• aws-ec2: fix capitalization of "VPCEndpointType" to "VpcEndpointType" (#789) (7a8ee2c), closes #765
• docs: fix issue #718 (Aurora DB example) (#783) (016f3a8)

Code Refactoring

• util: remove @aws-cdk/util (#745) (10015cb), closes #709

Features

• aws-cloudformation: rename the CodePipeline actions (#771) (007e7b4)
• aws-cloudformation: update the README of the module to reflect the new action names (#775) (6c0e75b), closes #771
• aws-codedeploy: add auto-scaling groups property to ServerDeploymentGroup (#739) (0b28886)
• aws-codedeploy: add deployment configuration construct (#653) (e6b67ad)
• aws-codepipeline, aws-codecommit, aws-s3: change the convention for naming the source Actions to XxxSourceAction (#753) (9c3ce7f)
• aws-elasticloadbalancingv2: support for ALB/NLB (#750) (bd9ee01)
• tagging support for AutoScaling/SecurityGroup (#766) (3d48eb2)
• core: resource overrides (escape hatch) (#784) (5054eef), closes #606
• toolkit: stop creating 'empty' stacks (#779) (1dddd8a)

BREAKING CHANGES TO EXPERIMENTAL FEATURES

• cdk: the constructor signature of TagManager has changed. initialTags is now passed inside a props object.
• util: @aws-cdk/util is no longer available
• aws-elasticloadbalancingv2: adds classes for modeling Application and Network Load Balancers. AutoScalingGroups now implement the interface that makes constructs a load balancing target. The breaking change is that Security Group rule identifiers have been changed in order to make adding rules more reliable. No code changes are necessary but existing deployments may experience unexpected changes.
• aws-cloudformation: this renames all CloudFormation Actions for CodePipeline to bring them in line with Actions defined in other service packages.
• aws-codepipeline, aws-codecommit, aws-s3: change the names of the source Actions from XxxSource to XxxSourceAction. This is to align them with the other Actions, like Build. Also, CodeBuild has the concept of Sources, so it makes sense to strongly differentiate between the two.

CloudFormation Changes

• @aws-cdk/cfnspec: Updated [CloudFormation resource specification] to v2.8.0 ([@RomainMuller] in #767)

  • New Construct Libraries

    • @aws-cdk/aws-amazonmq
    • @aws-cdk/aws-iot1click

  • New Resource Types

    • AWS::IoT1Click::Device
    • AWS::IoT1Click::Placement
    • AWS::IoT1Click::Project

  • Attribute Changes

    • AWS::EC2::VPCEndpoint CreationTimestamp (added)
    • AWS::EC2::VPCEndpoint DnsEntries (added)
    • AWS::EC2::VPCEndpoint NetworkInterfaceIds (added)

  • Property Changes

    • AWS::ApiGateway::Deployment DeploymentCanarySettings (added)

    • AWS::ApiGateway::Method AuthorizationScopes (added)

    • AWS::ApiGateway::Stage AccessLogSetting (added)

    • AWS::ApiGateway::Stage CanarySetting (added)

    • AWS::AutoScaling::AutoScalingGroup LaunchTemplate (added)

    • AWS::CodeBuild::Project LogsConfig (added)

    • AWS::CodeBuild::Project SecondaryArtifacts (added)

    • AWS::CodeBuild::Project SecondarySources (added)

    • AWS::CodeDeploy::DeploymentGroup Ec2TagSet (added)

    • AWS::CodeDeploy::DeploymentGroup OnPremisesTagSet (added)

    • AWS::EC2::FlowLog LogDestination (added)

    • AWS::EC2::FlowLog LogDestinationType (added)

    • AWS::EC2::FlowLog DeliverLogsPermissionArn.Required (changed)

      • Old: true
      • New: false

    • AWS::EC2::FlowLog LogGroupName.Required (changed)

      • Old: true
      • New: false

    • AWS::EC2::VPCEndpoint IsPrivateDnsEnabled (deleted)

    • AWS::EC2::VPCEndpoint PrivateDnsEnabled (added)

    • AWS::EC2::VPCEndpoint RouteTableIds.DuplicatesAllowed (added)

    • AWS::EC2::VPCEndpoint SecurityGroupIds.DuplicatesAllowed (added)

    • AWS::EC2::VPCEndpoint SubnetIds.DuplicatesAllowed (added)

    • AWS::EC2::VPCEndpoint VPCEndpointType.UpdateType (changed)

      • Old: Mutable
      • New: Immutable

    • AWS::ECS::Service SchedulingStrategy (added)

    • AWS::ECS::Service ServiceRegistries.UpdateType (changed)

      • Old: Mutable
      • New: Immutable

    • AWS::ElastiCache::ReplicationGroup NodeGroupConfiguration.UpdateType (changed)

      • Old: Immutable
      • New: Conditional

    • AWS::ElastiCache::ReplicationGroup NumNodeGroups.UpdateType (changed)

      • Old: Immutable
      • New: Conditional

    • AWS::RDS::DBCluster EngineMode (added)

    • AWS::RDS::DBCluster ScalingConfiguration (added)

    • AWS::SageMaker::NotebookInstance LifecycleConfigName.UpdateType (changed)

      • Old: Immutable
      • New: Mutable

  • Property Type Changes

    • AWS::ApiGateway::Deployment.AccessLogSetting (added)

    • AWS::ApiGateway::Deployment.CanarySetting (added)

    • AWS::ApiGateway::Deployment.DeploymentCanarySettings (added)

    • AWS::ApiGateway::Stage.AccessLogSetting (added)

    • AWS::ApiGateway::Stage.CanarySetting (added)

    • AWS::AutoScaling::AutoScalingGroup.LaunchTemplateSpecification (added)

    • AWS::CodeBuild::Project.CloudWatchLogsConfig (added)

    • AWS::CodeBuild::Project.LogsConfig (added)

    • AWS::CodeBuild::Project.S3LogsConfig (added)

    • AWS::CodeDeploy::DeploymentGroup.EC2TagSet (added)

    • AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject (added)

    • AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet (added)

    • AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject (added)

    • AWS::EC2::SpotFleet.ClassicLoadBalancer (added)

    • AWS::EC2::SpotFleet.ClassicLoadBalancersConfig (added)

    • AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification (added)

    • AWS::EC2::SpotFleet.LaunchTemplateConfig (added)

    • AWS::EC2::SpotFleet.LaunchTemplateOverrides (added)

    • AWS::EC2::SpotFleet.LoadBalancersConfig (added)

    • AWS::EC2::SpotFleet.TargetGroup (added)

    • AWS::EC2::SpotFleet.TargetGroupsConfig (added)

    • AWS::ECS::TaskDefinition.DockerVolumeConfiguration (added)

    • AWS::ECS::TaskDefinition.RepositoryCredentials (added)

    • AWS::ECS::TaskDefinition.Tmpfs (added)

    • AWS::Events::Rule.SqsParameters (added)

    • AWS::RDS::DBCluster.ScalingConfiguration (added)

    • AWS::ApiGateway::Deployment.StageDescription AccessLogSetting (added)

    • AWS::ApiGateway::Deployment.StageDescription CanarySetting (added)

    • AWS::ApiGateway::Method.Integration ConnectionId (added)

    • AWS::ApiGateway::Method.Integration ConnectionType (added)

    • AWS::ApiGateway::Method.Integration TimeoutInMillis (added)

    • AWS::ApiGateway::UsagePlan.ApiStage Throttle (added)

    • AWS::CodeBuild::Project.Artifacts ArtifactIdentifier (added)

    • AWS::CodeBuild::Project.Source SourceIdentifier (added)

    • AWS::CodeBuild::Project.VpcConfig SecurityGroupIds.Required (changed)

      • Old: true
      • New: false

    • AWS::CodeBuild::Project.VpcConfig Subnets.Required (changed)

      • Old: true
      • New: false

    • AWS::CodeBuild::Project.VpcConfig VpcId.Required (changed)

      • Old: true
      • New: false

    • AWS::CodeDeploy::DeploymentGroup.EC2TagFilter Key.Documentation (changed)

      • Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-ec2tagfilters.html#cfn-properties-codedeploy-deploymentgroup-ec2tagfilters-key
      • New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-ec2tagfilter.html#cfn-codedeploy-deploymentgroup-ec2tagfilter-key

    • AWS::CodeDeploy::DeploymentGroup.EC2TagFilter Type.Documentation (changed)

      • Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-ec2tagfilters.html#cfn-properties-codedeploy-deploymentgroup-ec2tagfilters-type
      • New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-ec2tagfilter.html#cfn-codedeploy-deploymentgroup-ec2tagfilter-type

    • AWS::CodeDeploy::DeploymentGroup.EC2TagFilter Value.Documentation (changed)

      • Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-ec2tagfilters.html#cfn-properties-codedeploy-deploymentgroup-ec2tagfilters-value
      • New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-ec2tagfilter.html#cfn-codedeploy-deploymentgroup-ec2tagfilter-value

    • AWS::CodeDeploy::DeploymentGroup.TagFilter Key.Documentation (changed)

      • Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-onpremisesinstancetagfilters.html#cfn-properties-codedeploy-deploymentgroup-onpremisesinstancetagfilters-key
      • New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-tagfilter.html#cfn-codedeploy-deploymentgroup-tagfilter-key

    • AWS::CodeDeploy::DeploymentGroup.TagFilter Type.Documentation (changed)

      • Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-onpremisesinstancetagfilters.html#cfn-properties-codedeploy-deploymentgroup-onpremisesinstancetagfilters-type
      • New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-tagfilter.html#cfn-codedeploy-deploymentgroup-tagfilter-type

    • AWS::CodeDeploy::DeploymentGroup.TagFilter Value.Documentation (changed)

      • Old: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-onpremisesinstancetagfilters.html#cfn-properties-codedeploy-deploymentgroup-onpremisesinstancetagfilters-value
      • New: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-tagfilter.html#cfn-codedeploy-deploymentgroup-tagfilter-value

    • AWS::EC2::SpotFleet.SpotFleetRequestConfigData InstanceInterruptionBehavior (added)

    • AWS::EC2::SpotFleet.SpotFleetRequestConfigData LaunchTemplateConfigs (added)

    • AWS::EC2::SpotFleet.SpotFleetRequestConfigData LoadBalancersConfig (added)

    • AWS::EC2::SpotFleet.SpotPlacement Tenancy (added)

    • AWS::ECS::Service.ServiceRegistry ContainerName (added)

    • AWS::ECS::Service.ServiceRegistry ContainerPort (added)

    • AWS::ECS::Service.ServiceRegistry Port.UpdateType (changed)

      • Old: Mutable
      • New: Immutable

    • AWS::ECS::Service.ServiceRegistry RegistryArn.UpdateType (changed)

      • Old: Mutable
      • New: Immutable

    • AWS::ECS::TaskDefinition.ContainerDefinition RepositoryCredentials (added)

    • AWS::ECS::TaskDefinition.LinuxParameters SharedMemorySize (added)

    • AWS::ECS::TaskDefinition.LinuxParameters Tmpfs (added)

    • AWS::ECS::TaskDefinition.Volume DockerVolumeConfiguration (added)

    • AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration NodeGroupId (added)

    • AWS::Events::Rule.Target SqsParameters (added)

    • AWS::RDS::OptionGroup.OptionConfiguration OptionSettings.DuplicatesAllowed (added)

    • AWS::RDS::OptionGroup.OptionConfiguration OptionSettings.ItemType (added)

    • AWS::RDS::OptionGroup.OptionConfiguration OptionSettings.Type (changed)

      • Old: OptionSetting
      • New: List