-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapig.tf
120 lines (105 loc) · 4.47 KB
/
apig.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
data "aws_iam_policy_document" "ws_messenger_api_gateway_policy" {
statement {
actions = [
"lambda:InvokeFunction",
]
effect = "Allow"
resources = [
aws_lambda_function.connect_lambda.arn,
aws_lambda_function.disconnect_lambda.arn,
aws_lambda_function.sendmessage_lambda.arn
]
}
}
resource "aws_iam_policy" "ws_messenger_api_gateway_policy" {
name = "WsMessengerAPIGatewayPolicy"
path = "/"
policy = data.aws_iam_policy_document.ws_messenger_api_gateway_policy.json
}
resource "aws_iam_role" "ws_messenger_api_gateway_role" {
name = "WsMessengerAPIGatewayRole"
assume_role_policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = "sts:AssumeRole"
Effect = "Allow"
Sid = ""
Principal = {
Service = "apigateway.amazonaws.com"
}
},
]
})
managed_policy_arns = [aws_iam_policy.ws_messenger_api_gateway_policy.arn]
}
resource "aws_apigatewayv2_api" "ws_messenger_api_gateway" {
name = "ws-messenger-api-gateway"
protocol_type = "WEBSOCKET"
route_selection_expression = "$request.body.action"
}
resource "aws_apigatewayv2_integration" "ws_connect_api_integration" {
api_id = aws_apigatewayv2_api.ws_messenger_api_gateway.id
integration_type = "AWS_PROXY"
integration_uri = aws_lambda_function.connect_lambda.invoke_arn
credentials_arn = aws_iam_role.ws_messenger_api_gateway_role.arn
content_handling_strategy = "CONVERT_TO_TEXT"
passthrough_behavior = "WHEN_NO_MATCH"
}
resource "aws_apigatewayv2_integration" "ws_disconnect_api_integration" {
api_id = aws_apigatewayv2_api.ws_messenger_api_gateway.id
integration_type = "AWS_PROXY"
integration_uri = aws_lambda_function.disconnect_lambda.invoke_arn
credentials_arn = aws_iam_role.ws_messenger_api_gateway_role.arn
content_handling_strategy = "CONVERT_TO_TEXT"
passthrough_behavior = "WHEN_NO_MATCH"
}
resource "aws_apigatewayv2_integration" "ws_sendmessage_api_integration" {
api_id = aws_apigatewayv2_api.ws_messenger_api_gateway.id
integration_type = "AWS_PROXY"
integration_uri = aws_lambda_function.sendmessage_lambda.invoke_arn
credentials_arn = aws_iam_role.ws_messenger_api_gateway_role.arn
content_handling_strategy = "CONVERT_TO_TEXT"
passthrough_behavior = "WHEN_NO_MATCH"
}
resource "aws_apigatewayv2_route" "ws_messenger_api_sendmessage_route" {
api_id = aws_apigatewayv2_api.ws_messenger_api_gateway.id
route_key = "sendmessage"
target = "integrations/${aws_apigatewayv2_integration.ws_sendmessage_api_integration.id}"
}
resource "aws_apigatewayv2_route" "ws_messenger_api_connect_route" {
api_id = aws_apigatewayv2_api.ws_messenger_api_gateway.id
route_key = "$connect"
target = "integrations/${aws_apigatewayv2_integration.ws_connect_api_integration.id}"
}
resource "aws_apigatewayv2_route" "ws_messenger_api_disconnect_route" {
api_id = aws_apigatewayv2_api.ws_messenger_api_gateway.id
route_key = "$disconnect"
target = "integrations/${aws_apigatewayv2_integration.ws_disconnect_api_integration.id}"
}
resource "aws_apigatewayv2_stage" "ws_messenger_api_stage" {
api_id = aws_apigatewayv2_api.ws_messenger_api_gateway.id
name = "develop"
auto_deploy = true
}
resource "aws_lambda_permission" "ws_sendmessage_lambda_permissions" {
statement_id = "AllowExecutionFromAPIGateway"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.sendmessage_lambda.function_name
principal = "apigateway.amazonaws.com"
source_arn = "${aws_apigatewayv2_api.ws_messenger_api_gateway.execution_arn}/*/*"
}
resource "aws_lambda_permission" "ws_connect_lambda_permissions" {
statement_id = "AllowExecutionFromAPIGateway"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.connect_lambda.function_name
principal = "apigateway.amazonaws.com"
source_arn = "${aws_apigatewayv2_api.ws_messenger_api_gateway.execution_arn}/*/*"
}
resource "aws_lambda_permission" "ws_disconnect_lambda_permissions" {
statement_id = "AllowExecutionFromAPIGateway"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.disconnect_lambda.function_name
principal = "apigateway.amazonaws.com"
source_arn = "${aws_apigatewayv2_api.ws_messenger_api_gateway.execution_arn}/*/*"
}