Skip to content

Instantly share code, notes, and snippets.

@rainabba
Created March 10, 2021 21:28
Show Gist options
  • Save rainabba/0f98fc6cbbffd6cb933cf5a3c48b4460 to your computer and use it in GitHub Desktop.
Save rainabba/0f98fc6cbbffd6cb933cf5a3c48b4460 to your computer and use it in GitHub Desktop.
Binding AWS Lambda, API Gateway, Route 53 (DNS) and SSL; with and without SAM
Parameters:
StageName:
Type: String
Description: Major version changes should get new values (v1, v2, etc..)
Default: v1
Conditions:
CreateZone:
!Equals [!Ref ZoneId, 'none']
CreateCert:
!Equals [!Ref CertArn, 'none']
UseRoute53: !Equals [!Ref ZoneId, 'none']
Resources:
# DNS
HostedZoneId: # If a Zone ID is not passed in the parameteres, then a new zone is created for the domain
Type: AWS::Route53::HostedZone
Condition: CreateZone
Properties:
Name: !Ref CustomDomainName
AutoGeneratedCert: # If a Certificate ARN is not passed in the parameters, then a new cert is created and will required validation during the deploy
Type: AWS::CertificateManager::Certificate
Condition: CreateCert
Properties:
DomainName: !Ref CustomDomainName
ValidationMethod: DNS
Tags:
- Key: service
Value: myservice
# Api Gateway
MyAPI:
Type: 'AWS::Serverless::Api'
Properties:
Name: !Sub ${StagePrefix}my-api
StageName: !Ref StageName
Domain:
BasePath: !Ref StageName
DomainName: !Ref CustomDomainName
CertificateArn: !If [ CreateCert, !Ref AutoGeneratedCert, !Ref CertArn ]
Route53:
HostedZoneId: !If [ CreateZone, !Ref HostedZoneId, !Ref ZoneId ]
EvaluateTargetHealth: true
IpV6: true
EndpointConfiguration: REGIONAL
DefinitionBody:
Fn::Transform:
Name: AWS::Include
Parameters:
Location: openapi.yaml
Parameters:
StageName:
Type: String
Description: Major version changes should get new values (v1, v2, etc..)
Default: v1
Conditions:
CreateZone:
!Equals [!Ref ZoneId, 'none']
CreateCert:
!Equals [!Ref CertArn, 'none']
UseRoute53: !Equals [!Ref ZoneId, 'none']
Resources:
# DNS
HostedZoneId: # If a Zone ID is not passed in the parameteres, then a new zone is created for the domain
Type: AWS::Route53::HostedZone
Condition: CreateZone
Properties:
Name: !Ref CustomDomainName
AutoGeneratedCert: # If a Certificate ARN is not passed in the parameters, then a new cert is created and will required validation during the deploy
Type: AWS::CertificateManager::Certificate
Condition: CreateCert
Properties:
DomainName: !Ref CustomDomainName
ValidationMethod: DNS
Tags:
- Key: service
Value: myservice
# Map DNS to APIGateway Stage
MyAPIGwDomainName:
Type: AWS::ApiGateway::DomainName
Properties:
RegionalCertificateArn:
!If [ CreateCert, !Ref AutoGeneratedCert, !Ref CertArn ]
DomainName:
Ref: CustomDomainName
EndpointConfiguration:
Types:
- REGIONAL
Tags:
- Key: service
Value: myservice
MyAPIGwBasePathMapping:
Type: AWS::ApiGateway::BasePathMapping
Properties:
BasePath: !Ref StageName
DomainName: !Ref MyAPIGwDomainName
RestApiId:
Ref: MyAPI
Stage:
Ref: MyAPIStage
MyAPIGwRoute53:
Type: AWS::Route53::RecordSetGroup
Properties:
HostedZoneId:
!If [ CreateZone, !Ref HostedZoneId, !Ref ZoneId ]
RecordSets:
- Name: !Ref CustomDomainName
Type: A
AliasTarget:
HostedZoneId: !GetAtt MyAPIGwDomainName.RegionalHostedZoneId
DNSName: !GetAtt MyAPIGwDomainName.RegionalDomainName
- Name: !Ref CustomDomainName
Type: AAAA
AliasTarget:
HostedZoneId: !GetAtt MyAPIGwDomainName.RegionalHostedZoneId
DNSName: !GetAtt MyAPIGwDomainName.RegionalDomainName
# Api Gateway
MyAPI:
Type: 'AWS::Serverless::Api'
Properties:
Name: !Sub ${StagePrefix}my-api
StageName: !Ref StageName
EndpointConfiguration: REGIONAL
DefinitionBody:
Fn::Transform:
Name: AWS::Include
Parameters:
Location: openapi.yaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment