Merge pull request #18 from unity-sds/api-gw-ssm

Add project API Gateway

terraform-project-api-gateway_module/main.tf

@@ -0,0 +1,44 @@
+resource "aws_api_gateway_rest_api" "rest_api" {
+  name = var.rest_api_name
+  description = var.rest_api_description
+  endpoint_configuration {
+    types = ["REGIONAL"]
+  }
+  body = data.template_file.api_template.rendered
+}
+
+# REST API id SSM Param for other resources to modify rest api
+resource "aws_ssm_parameter" "api_gateway_rest_api_id_parameter"{
+  name       = format("/unity/%s/api-gateway/rest-api-id", var.rest_api_stage)
+  type       = "String"
+  value      = "${aws_api_gateway_rest_api.rest_api.id}"
+  overwrite  = true
+  depends_on = [aws_api_gateway_rest_api.rest_api]
+}
+
+# Auth Lambda URI
+data "aws_ssm_parameter" "api_gateway_cs_lambda_authorizer_uri" {
+  name = var.ssm_param_api_gateway_function_cs_lambda_authorizer_uri
+}
+
+# Auth Lambda Invoke ARN
+data "aws_ssm_parameter" "api_gateway_cs_lambda_authorizer_invoke_role_arn" {
+  name = var.ssm_param_api_gateway_cs_lambda_authorizer_invoke_role_arn
+}
+
+# OpenAPI Template 
+data "template_file" "api_template" {
+  template = file("./unity-project-blank-api-gateway-oas.yaml")
+  vars = {
+    csLambdaAuthorizerUri = data.aws_ssm_parameter.api_gateway_cs_lambda_authorizer_uri.value
+    csLambdaAuthorizerInvokeRole = data.aws_ssm_parameter.api_gateway_cs_lambda_authorizer_invoke_role_arn.value
+  }
+}
+
+resource "aws_api_gateway_deployment" "api-gateway-deployment" {
+  rest_api_id = aws_api_gateway_rest_api.rest_api.id
+  stage_name  = var.rest_api_stage
+}
+
+data "aws_region" "current" {}
+data "aws_caller_identity" "current" {}

terraform-project-api-gateway_module/providers.tf

@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.0.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = var.region
+}

terraform-project-api-gateway_module/unity-project-blank-api-gateway-oas.yaml

@@ -0,0 +1,68 @@
+openapi: "3.0.1"
+info:
+  title: "unity-rest-api-gateway-terraform"
+  description: "Primary Unity REST API Gateway - Do Not Update Manually - Terraform Created - Contact Unity CS Team"
+  version: "2022-05-04T20:23:33Z"
+paths:
+  /:
+    options:
+      responses:
+        "200":
+          description: "200 response"
+          headers:
+            Access-Control-Allow-Origin:
+              schema:
+                type: "string"
+            Access-Control-Allow-Methods:
+              schema:
+                type: "string"
+            Access-Control-Allow-Headers:
+              schema:
+                type: "string"
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Empty"
+      x-amazon-apigateway-integration:
+        responses:
+          default:
+            statusCode: "200"
+            responseParameters:
+              method.response.header.Access-Control-Allow-Methods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'"
+              method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'"
+              method.response.header.Access-Control-Allow-Origin: "'*'"
+        requestTemplates:
+          application/json: "{\"statusCode\": 200}"
+        passthroughBehavior: "when_no_match"
+        type: "mock"
+components:
+  schemas:
+    Empty:
+      title: "Empty Schema"
+      type: "object"
+  securitySchemes:
+    Unity_API_Gateway_Lambda_Authorizer:
+      type: "apiKey"
+      name: "Authorization"
+      in: "header"
+      x-amazon-apigateway-authtype: "oauth2"
+      x-amazon-apigateway-authorizer:
+        authorizerUri: ${csLambdaAuthorizerUri}
+        authorizerCredentials: ${csLambdaAuthorizerInvokeRole}
+        authorizerResultTtlInSeconds: 0
+        type: "token"
+x-amazon-apigateway-gateway-responses:
+  DEFAULT_5XX:
+    responseParameters:
+      gatewayresponse.header.Access-Control-Allow-Methods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'"
+      gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
+      gatewayresponse.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
+  DEFAULT_4XX:
+    responseParameters:
+      gatewayresponse.header.Access-Control-Allow-Methods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'"
+      gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
+      gatewayresponse.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
+x-amazon-apigateway-request-validators:
+  Validate body, query string parameters, and headers:
+    validateRequestParameters: true
+    validateRequestBody: true

terraform-project-api-gateway_module/variables.tf

@@ -0,0 +1,47 @@
+variable "region" {
+  type        = string
+  description = "Region"
+  default     = "us-west-2"
+}
+
+variable "project_name" {
+  type        = string
+  description = "Project Name"
+  default     = "TestProject"
+}
+
+variable "rest_api_name" {
+  type        = string
+  description = "REST API Name"
+  default     = "Unity Project REST API Gateway"
+}
+
+variable "rest_api_description" {
+  type        = string
+  description = "REST API Description"
+  default     = "Unity Project REST API Gateway"
+}
+
+variable "rest_api_stage" {
+  type        = string
+  description = "REST API Stage"
+  default     = "dev"
+}
+
+variable "counter" {
+  description = "value"
+  type        = number
+  default     = 1
+}
+
+variable "ssm_param_api_gateway_function_cs_lambda_authorizer_uri" {
+  type        = string
+  description = "SSM Param for API Gateway CS Lambda Authorizer Function URI"
+  default     = "/unity/dev/unity-sps-1/api-gateway/functions/cs-lambda-authorizer-uri"
+}
+
+variable "ssm_param_api_gateway_cs_lambda_authorizer_invoke_role_arn" {
+  type        = string
+  description = "SSM Param for API Gateway CS Lambda Authorizer Lambda Invoke Role ARN"
+  default     = "/unity/dev/unity-sps-1/api-gateway/functions/cs-lambda-authorizer-invoke-role-arn"
+}