forked from cloudposse/terraform-aws-api-gateway
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
135 lines (122 loc) · 4.14 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# See https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions.html for additional
# configuration information.
variable "openapi_config" {
description = "The OpenAPI specification for the API"
type = any
default = {}
}
variable "endpoint_type" {
type = string
description = "The type of the endpoint. One of - PUBLIC, PRIVATE, REGIONAL"
default = "REGIONAL"
validation {
condition = contains(["EDGE", "REGIONAL", "PRIVATE"], var.endpoint_type)
error_message = "Valid values for var: endpoint_type are (EDGE, REGIONAL, PRIVATE)."
}
}
variable "logging_level" {
type = string
description = "The logging level of the API. One of - OFF, INFO, ERROR"
default = "INFO"
validation {
condition = contains(["OFF", "INFO", "ERROR"], var.logging_level)
error_message = "Valid values for var: logging_level are (OFF, INFO, ERROR)."
}
}
variable "metrics_enabled" {
description = "A flag to indicate whether to enable metrics collection."
type = bool
default = false
}
variable "xray_tracing_enabled" {
description = "A flag to indicate whether to enable X-Ray tracing."
type = bool
default = false
}
variable "data_trace_enabled" {
description = "Whether data trace logging is enabled for this method, which effects the log entries pushed to Amazon CloudWatch Logs."
type = bool
default = false
}
# See https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html for additional information
# on how to configure logging.
variable "access_log_format" {
description = "The format of the access log file."
type = string
default = <<EOF
{
"requestTime": "$context.requestTime",
"requestId": "$context.requestId",
"httpMethod": "$context.httpMethod",
"path": "$context.path",
"resourcePath": "$context.resourcePath",
"status": $context.status,
"responseLatency": $context.responseLatency,
"xrayTraceId": "$context.xrayTraceId",
"integrationRequestId": "$context.integration.requestId",
"functionResponseStatus": "$context.integration.status",
"integrationLatency": "$context.integration.latency",
"integrationServiceStatus": "$context.integration.integrationStatus",
"authorizeResultStatus": "$context.authorize.status",
"authorizerServiceStatus": "$context.authorizer.status",
"authorizerLatency": "$context.authorizer.latency",
"authorizerRequestId": "$context.authorizer.requestId",
"ip": "$context.identity.sourceIp",
"userAgent": "$context.identity.userAgent",
"principalId": "$context.authorizer.principalId",
"cognitoUser": "$context.identity.cognitoIdentityId",
"user": "$context.identity.user"
}
EOF
}
# See https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-resource-policies.html for additional
# information on how to configure resource policies.
#
# Example:
# {
# "Version": "2012-10-17",
# "Statement": [
# {
# "Effect": "Allow",
# "Principal": "*",
# "Action": "execute-api:Invoke",
# "Resource": "arn:aws:execute-api:us-east-1:000000000000:*"
# },
# {
# "Effect": "Deny",
# "Principal": "*",
# "Action": "execute-api:Invoke",
# "Resource": "arn:aws:execute-api:region:account-id:*",
# "Condition": {
# "NotIpAddress": {
# "aws:SourceIp": "123.4.5.6/24"
# }
# }
# }
# ]
#}
variable "rest_api_policy" {
description = "The IAM policy document for the API."
type = string
default = null
}
variable "private_link_target_arns" {
type = list(string)
description = "A list of target ARNs for VPC Private Link"
default = []
}
variable "iam_tags_enabled" {
type = string
description = "Enable/disable tags on IAM roles and policies"
default = true
}
variable "permissions_boundary" {
type = string
default = ""
description = "ARN of the policy that is used to set the permissions boundary for the IAM role"
}
variable "stage_name" {
type = string
default = ""
description = "The name of the stage"
}