Skip to main content

aws_api_gateway_v2_api resource

Use the aws_api_gateway_v2_api InSpec audit resource to test the properties of a single specific AWS API Gateway V2 API.

For additional information, including parameters and properties, see the AWS documentation on AWS APIGatewayV2 API.

Installation

This resource is available in the Chef InSpec AWS resource pack.

See the Chef InSpec documentation on cloud platforms for information on configuring your AWS environment for InSpec and creating an InSpec profile that uses the InSpec AWS resource pack.

Syntax

Ensure that the API exists.

describe aws_api_gateway_v2_api(api_id: 'REST_API_ID') do
  it { should exist }
end

Parameters

api_id (required)
The API ID.

Properties

api_endpoint
The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.
api_gateway_managed
Specifies whether an API is managed by API Gateway. You cannot update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.
api_id
The API ID.
api_key_selection_expression
An API key selection expression. Supported only for WebSocket APIs.
cors_configuration
A CORS configuration. Supported only for HTTP APIs.
cors_configuration.allow_credentials
Specifies whether credentials are included in the CORS request. Supported only for HTTP APIs.
cors_configuration.allow_headers
Specifies whether credentials are included in the CORS request. Supported only for HTTP APIs.
cors_configuration.allow_methods
Represents a collection of allowed HTTP methods. Supported only for HTTP APIs.
cors_configuration.allow_origins
Represents a collection of allowed origins. Supported only for HTTP APIs.
cors_configuration.expose_headers
Represents a collection of exposed headers. Supported only for HTTP APIs.
cors_configuration.max_age
The number of seconds that the browser should cache preflight request results. Supported only for HTTP APIs.
created_date
The timestamp when the API is created.
description
The description of the API.
disable_schema_validation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
disable_execute_api_endpoint
Specifies whether clients can invoke your API using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
import_info
The validation information during API import. Supported only for HTTP APIs.
name
The name of the API.
protocol_type
The API protocol. Valid values are WEBSOCKET or HTTP.
route_selection_expression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this defaults for HTTP APIs. This property is required for WebSocket APIs.
tags
A collection of tags associated with the API.
version
A version identifier for the API.
warnings
The warning messages are reported when failonwarnings is turned on during API import. The failonwarnings specifies to roll back the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.

Examples

Test to ensure an API ID is available

describe aws_api_gateway_v2_api(api_id: 'REST_API_ID') do
  its('api_id') { should eq 'REST_API_ID' }
end

Test to ensure an API name is available

describe aws_api_gateway_v2_api(api_id: 'REST_API_ID') do
  its('name') { should eq 'REST_API_NAME' }
end

Test to ensure a protocol type is HTTP

describe aws_api_gateway_v2_api(api_id: 'REST_API_ID') do
  its('protocol_type') { should eq 'HTTP' }
end

Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.

The control passes if the get method returns at least one result.

exist

Use should to test that the entity exists.

describe aws_api_gateway_v2_api(api_id: 'REST_API_ID') do
  it { should exist }
end

Use should_not to test that the entity does not exist.

describe aws_api_gateway_v2_api(api_id: 'REST_API_ID') do
  it { should_not exist }
end

AWS Permissions

Your Principal will need the APIGatewayv2:Client:GetApiResponse action with Effect set to Allow.

Edit this page on GitHub.

Thank you for your feedback!

×









Search Results