--- AWSTemplateFormatVersion: '2010-09-09' Description: Sample template that contains a Lambda function behind an API GW Resources: # BEGIN: Should only need this in an empty API Gateway situation ApiGatewayCloudWatchLogsRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: - apigateway.amazonaws.com Action: - sts:AssumeRole Policies: - PolicyName: ApiGatewayLogsPolicy PolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Action: - logs:CreateLogGroup - logs:CreateLogStream - logs:DescribeLogGroups - logs:DescribeLogStreams - logs:PutLogEvents - logs:GetLogEvents - logs:FilterLogEvents Resource: "*" ApiGatewayAccount: Type: AWS::ApiGateway::Account Properties: CloudWatchRoleArn: !GetAtt ApiGatewayCloudWatchLogsRole.Arn # END: Should only need this in an empty API Gateway situation GreetingLambda: Type: AWS::Lambda::Function Properties: Code: ZipFile: | 'use strict'; // Greeter Lambda exports.handler = (event, context, callback) => { console.log('Event:', JSON.stringify(event)); const name = event.params.querystring.name || event.body.name || 'World'; const response = {greeting: `Hello, ${name}!`}; callback(null, response); }; Description: A greeting function Handler: index.handler Role: !GetAtt LambdaExecutionRole.Arn Runtime: nodejs10.x LambdaExecutionRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole GreetingApi: Type: AWS::ApiGateway::RestApi Properties: Description: API used for Greeting requests FailOnWarnings: true Name: !Ref AWS::StackName EndpointConfiguration: Types: - REGIONAL LambdaPermission: Type: AWS::Lambda::Permission Properties: Action: lambda:invokeFunction FunctionName: !GetAtt GreetingLambda.Arn Principal: apigateway.amazonaws.com SourceArn: !Sub 'arn:${AWS::Partition}:execute-api:${AWS::Region}:${AWS::AccountId}:${GreetingApi}/*' GreetingApiStage: DependsOn: - ApiGatewayAccount Type: AWS::ApiGateway::Stage Properties: DeploymentId: !Ref Deployment MethodSettings: - DataTraceEnabled: true HttpMethod: "*" LoggingLevel: INFO ResourcePath: "/*" RestApiId: !Ref GreetingApi StageName: LATEST Deployment: Type: AWS::ApiGateway::Deployment DependsOn: - GreetingRequestGET - GreetingRequestPOST Properties: RestApiId: !Ref GreetingApi StageName: Production GreetingResource: Type: AWS::ApiGateway::Resource Properties: RestApiId: !Ref GreetingApi ParentId: !GetAtt GreetingApi.RootResourceId PathPart: greeting GreetingRequestGET: DependsOn: LambdaPermission Type: AWS::ApiGateway::Method Properties: AuthorizationType: NONE HttpMethod: GET Integration: Type: AWS IntegrationHttpMethod: POST Uri: !Sub 'arn:${AWS::Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GreetingLambda.Arn}/invocations' IntegrationResponses: - StatusCode: 200 RequestTemplates: application/json: | ## See http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html ## This template will pass through all parameters including path, querystring, header, stage variables, and context through to the integration endpoint via the body/payload #set($allParams = $input.params()) { "body" : $input.json('$'), "params" : { #foreach($type in $allParams.keySet()) #set($params = $allParams.get($type)) "$type" : { #foreach($paramName in $params.keySet()) "$paramName" : "$util.escapeJavaScript($params.get($paramName))" #if($foreach.hasNext),#end #end } #if($foreach.hasNext),#end #end }, "stageVariables" : { #foreach($key in $stageVariables.keySet()) "$key" : "$util.escapeJavaScript($stageVariables.get($key))" #if($foreach.hasNext),#end #end }, "context" : { "accountId" : "$context.identity.accountId", "apiId" : "$context.apiId", "apiKey" : "$context.identity.apiKey", "authorizerPrincipalId" : "$context.authorizer.principalId", "caller" : "$context.identity.caller", "cognitoAuthenticationProvider" : "$context.identity.cognitoAuthenticationProvider", "cognitoAuthenticationType" : "$context.identity.cognitoAuthenticationType", "cognitoIdentityId" : "$context.identity.cognitoIdentityId", "cognitoIdentityPoolId" : "$context.identity.cognitoIdentityPoolId", "httpMethod" : "$context.httpMethod", "stage" : "$context.stage", "sourceIp" : "$context.identity.sourceIp", "user" : "$context.identity.user", "userAgent" : "$context.identity.userAgent", "userArn" : "$context.identity.userArn", "requestId" : "$context.requestId", "resourceId" : "$context.resourceId", "resourcePath" : "$context.resourcePath" } } RequestParameters: method.request.querystring.name: false ResourceId: !Ref GreetingResource RestApiId: !Ref GreetingApi MethodResponses: - StatusCode: 200 GreetingRequestPOST: DependsOn: LambdaPermission Type: AWS::ApiGateway::Method Properties: AuthorizationType: NONE HttpMethod: POST Integration: Type: AWS IntegrationHttpMethod: POST Uri: !Sub 'arn:${AWS::Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GreetingLambda.Arn}/invocations' IntegrationResponses: - StatusCode: 200 RequestTemplates: application/json: | ## See http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html ## This template will pass through all parameters including path, querystring, header, stage variables, and context through to the integration endpoint via the body/payload #set($allParams = $input.params()) { "body" : $input.json('$'), "params" : { #foreach($type in $allParams.keySet()) #set($params = $allParams.get($type)) "$type" : { #foreach($paramName in $params.keySet()) "$paramName" : "$util.escapeJavaScript($params.get($paramName))" #if($foreach.hasNext),#end #end } #if($foreach.hasNext),#end #end }, "stageVariables" : { #foreach($key in $stageVariables.keySet()) "$key" : "$util.escapeJavaScript($stageVariables.get($key))" #if($foreach.hasNext),#end #end }, "context" : { "accountId" : "$context.identity.accountId", "apiId" : "$context.apiId", "apiKey" : "$context.identity.apiKey", "authorizerPrincipalId" : "$context.authorizer.principalId", "caller" : "$context.identity.caller", "cognitoAuthenticationProvider" : "$context.identity.cognitoAuthenticationProvider", "cognitoAuthenticationType" : "$context.identity.cognitoAuthenticationType", "cognitoIdentityId" : "$context.identity.cognitoIdentityId", "cognitoIdentityPoolId" : "$context.identity.cognitoIdentityPoolId", "httpMethod" : "$context.httpMethod", "stage" : "$context.stage", "sourceIp" : "$context.identity.sourceIp", "user" : "$context.identity.user", "userAgent" : "$context.identity.userAgent", "userArn" : "$context.identity.userArn", "requestId" : "$context.requestId", "resourceId" : "$context.resourceId", "resourcePath" : "$context.resourcePath" } } RequestParameters: method.request.querystring.name: false ResourceId: !Ref GreetingResource RestApiId: !Ref GreetingApi MethodResponses: - StatusCode: 200 Outputs: RootUrl: Description: Root URL of the API gateway Value: !Sub 'https://${GreetingApi}.execute-api.${AWS::Region}.amazonaws.com'