apigateway-secrets-manager-integration-mapping-template snippets

apigateway-secrets-manager-integration-mapping-template/README.md

@@ -0,0 +1,26 @@
+## Amazon API Gateway Access Logging Setup
+
+This snippet assumes that Amazon API Gateway logs requests to Amazon CloudWatch Logs using JSON and the following log format:
+
+```json
+{ 
+"requestId":"$context.requestId", 
+"ip": "$context.identity.sourceIp", 
+"apiKey": "$context.identity.apiKey", 
+"requestTime":"$context.requestTime", 
+"httpMethod":"$context.httpMethod",
+"routeKey":"$context.routeKey", 
+"path":"$context.path", 
+"status": $context.status,
+"protocol":"$context.protocol", 
+"integrationStatus": $context.integrationStatus, 
+"integrationLatency": $context.integrationLatency, 
+"responseLatency":$context.responseLatency, 
+"responseLength": $context.responseLength 
+}
+```
+
+You can modify log format to fit your needs (make sure to update code snippet if field names change). 
+
+
+See documentation for more details on how to set up API Gateway logging in HTTP (https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-logging.html) and REST (https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-logging.html) APIs.

apigateway-secrets-manager-integration-mapping-template/snippet-data.json

@@ -0,0 +1,47 @@
+{
+  "title": "Mapping template for API Gateway with Secrets Manager integration",
+  "description": "Provides a mapping template for API Gateway and Secrets Manager integration",
+  "type": "Integration",
+  "services": ["apigw", "secretsmanager"],
+  "tags": [],
+  "languages": ["vtl"],
+  "introBox": {
+    "headline": "How it works",
+    "text": [
+      "This snippet can be used to retrieve the secrets from Secrets Manager.",
+      "When creating the integration, ensure to have the below configuration to use the mapping template:"
+      "1. In Action type select Use action name and provide the Action Name as GetSecretValue.",
+      "2. Add the following headers in the integration headers: ",
+      "X-Amz-Target: 'secretsmanager.GetSecretValue'",
+      "Content-Type: 'application/x-amz-json-1.1'",
+      "3. Provide IAM role with appropriate permission to perform GetSecretValue action on the secret resource",
+      "4. Select the integration HTTP method as 'POST'"
+    ]
+  },
+  "gitHub": {
+    "template": {
+      "repoURL": "https://github.com/aws-samples/serverless-snippets/tree/main/apigateway-secrets-manager-integration-mapping-template"
+    }
+  },
+  "snippets": [
+    {
+      "title": "Use the following maapping template which will fetch the SecretId from the input request body (secret_name) and pass it in the GetSecretValue API call as required in the API call:",
+      "snippetPath": "snippet.txt",
+      "language": "vtl"
+    },
+    {
+      "title": "The following payload can be used for testing this set up:",
+      "snippetPath": "snippet-test.txt",
+      "language": "vtl"
+    }
+  ],
+  "authors": [
+    {
+      "headline": "Presented by Pallavi Bhat",
+      "name": "Pallavi Bhat",
+      "image": "https://drive.google.com/file/d/1xYr8HfVnLZOMmhAc9hSsyj_O85yyznF7/view?usp=sharing",
+      "bio": "Pallavi is a Cloud Support Enginner focusing on serverless at Amazon Web Services.",
+      "linkedin": "https://www.linkedin.com/in/pallavi-bhat11/"
+    }
+  ]
+}

apigateway-secrets-manager-integration-mapping-template/snippet-test.txt

@@ -0,0 +1,3 @@
+{
+    "secret_name":"<secret name that is configured>"
+}

apigateway-secrets-manager-integration-mapping-template/snippet.txt

@@ -0,0 +1,4 @@
+#set($allParams = $input.params())
+{
+  "SecretId": "$input.path('$.secret_name')"
+}