chore: adiciona config do api gateway + authorizer

jefersonhuan · jefersonhuan · commit 6f9893a238fc · 2024-10-01T20:16:27.000-03:00
diff --git a/agw/apw.tf b/agw/apw.tf
@@ -0,0 +1,55 @@
+module "api_gateway_security_group" {
+  source  = "terraform-aws-modules/security-group/aws"
+  version = "~> 5.0"
+
+  name        = "api-gateway-security-group"
+  description = "API Gateway group for example usage"
+  vpc_id      = var.vpc_id
+
+  ingress_cidr_blocks = ["0.0.0.0/0"]
+  ingress_rules       = ["http-80-tcp"]
+
+  egress_rules = ["all-all"]
+}
+
+module "api_gateway" {
+  source = "terraform-aws-modules/apigateway-v2/aws"
+
+  # API
+  cors_configuration = {
+    allow_headers = ["content-type", "x-amz-date", "authorization", "x-api-key", "x-amz-security-token", "x-amz-user-agent"]
+    allow_methods = ["*"]
+    allow_origins = ["*"]
+  }
+
+  description = "HTTP API Gateway with VPC links"
+  name        = "api-gateway-tech-challenge"
+
+  # Custom Domain
+  create_domain_name = false
+
+  authorizers = {
+    "lambda" = {
+      authorizer_type  = "REQUEST"
+      enable_simple_responses = true
+      identity_sources = ["$request.header.Authorization"]
+      name             = "lambda-auth"
+      authorizer_uri   = var.lambda_auth
+      authorizer_payload_format_version = "2.0"
+    }
+  }
+
+  # Routes & Integration(s)
+  routes = {
+    "$default" = {
+      authorizer_key = "lambda-auth"
+
+      integration = {
+        connection_type = "INTERNET"
+        type = "HTTP_PROXY"
+        uri  = var.cluster_uri
+        method = "ANY"
+      }
+    }
+  }
+}
diff --git a/agw/envs/dev/vars.tfvars b/agw/envs/dev/vars.tfvars
@@ -0,0 +1,3 @@
+vpc_id = "vpc-000959e41b8306575"
+cluster_uri = "http://k8s-ingressn-external-32d23741d8-d3d2a1020869e40e.elb.us-east-1.amazonaws.com"
+lambda_auth="arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:872515278821:function:tech-challenge-custom-auth-AuthFunction-krBTkI88mWH6/invocations"
diff --git a/agw/vars.tf b/agw/vars.tf
@@ -0,0 +1,14 @@
+variable "vpc_id" {
+  description = "VPC ID"
+  type        = string
+}
+
+variable "cluster_uri" {
+  description = "Cluster endpoint"
+  type = string
+}
+
+variable "lambda_auth" {
+  description = "Lambda authorizer ARN"
+  type = string
+}
diff --git a/terraform/03_ecr.tf b/terraform/03_ecr.tf
@@ -4,23 +4,6 @@ module "ecr" {
 
   repository_read_write_access_arns = ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/admin"]
   repository_name                   = var.ecr_repository_name
-  repository_lifecycle_policy = jsonencode({
-    rules = [
-      {
-        rulePriority = 1,
-        description  = "Keep last 15 images",
-        selection = {
-          tagStatus     = "tagged",
-          tagPrefixList = ["v"],
-          countType     = "imageCountMoreThan",
-          countNumber   = 15
-        },
-        action = {
-          type = "expire"
-        }
-      }
-    ]
-  })
 
   tags = local.tags
 }
diff --git a/terraform/envs/dev/backend.tfvars b/terraform/envs/dev/backend.tfvars
@@ -1,4 +1,4 @@
-bucket="pos-tech-chllange-tfstate"
+bucket="pangolin-tech-challenge-tfstate"
 key="terraform.tfstate"
 region="us-east-1"
 dynamodb_table="tech-chllange-tfstate"

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+vpc_id = "vpc-000959e41b8306575"`
	`2`	`+cluster_uri = "http://k8s-ingressn-external-32d23741d8-d3d2a1020869e40e.elb.us-east-1.amazonaws.com"`
	`3`	`+lambda_auth="arn:aws:apigateway:us-east-1:lambda:path/2015-03-31/functions/arn:aws:lambda:us-east-1:872515278821:function:tech-challenge-custom-auth-AuthFunction-krBTkI88mWH6/invocations"`