This module allows creating an API with its associated API config and API gateway. It also allows you grant IAM roles on the created resources.
module "gateway" {
source = "./modules/api-gateway"
project_id = "my-project"
api_id = "api"
region = "europe-west1"
spec = <<EOT
# The OpenAPI spec contents
# ...
EOT
}
# tftest modules=1 resources=4
module "gateway" {
source = "./modules/api-gateway"
project_id = "my-project"
api_id = "api"
region = "europe-west1"
spec = <<EOT
# The OpenAPI spec contents
# ...
EOT
service_account_email = "sa@my-project.iam.gserviceaccount.com"
iam = {
"roles/apigateway.admin" = [ "user:user@example.com" ]
}
}
# tftest modules=1 resources=7
module "gateway" {
source = "./modules/api-gateway"
project_id = "my-project"
api_id = "api"
region = "europe-west1"
spec = <<EOT
# The OpenAPI spec contents
# ...
EOT
service_account_create = true
iam = {
"roles/apigateway.admin" = [ "user:mirene@google.com" ]
"roles/apigateway.viewer" = [ "user:mirene@google.com" ]
}
}
# tftest modules=1 resources=11
name | description | type | required | default |
---|---|---|---|---|
api_id | API identifier. | string |
✓ | |
project_id | Project identifier. | string |
✓ | |
region | Region | string |
✓ | |
spec | String with the contents of the OpenAPI spec. | string |
✓ | |
iam | IAM bindings for the API in {ROLE => [MEMBERS]} format. | map(list(string)) |
null |
|
labels | Map of labels. | map(string) |
null |
|
service_account_create | Flag indicating whether a service account needs to be created | bool |
false |
|
service_account_email | Service account for creating API configs | string |
null |
name | description | sensitive |
---|---|---|
api | API. | |
api_config | API configs. | |
api_config_id | The identifiers of the API configs. | |
api_id | API identifier. | |
default_hostname | The default host names of the API gateway. | |
gateway | API gateways. | |
gateway_id | The identifiers of the API gateways. | |
service_account | Service account resource. | |
service_account_email | The service account for creating API configs. | |
service_account_iam_email | The service account for creating API configs. |