This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null. Currently, this property is not used for HTTP integrations. Supported only for HTTP APIs.

Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.

A version identifier for the API.

An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.

A CORS configuration. Supported only for HTTP APIs. See Configuring CORS for more information.

The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.

Avoid validating models when creating a deployment. Supported only for WebSocket APIs.

The description of the API.

This property is part of quick create. If you don't specify a routeKey, a default route of $default is created. The $default route acts as a catch-all for any request made to your API, for a particular stage. The $default route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs.

The collection of tags. Each tag element is associated with a given resource.

This property is part of quick create. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs.

The API protocol.

The name of the API.

The API ID.

Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.

The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.

The warning messages reported when failonwarnings is turned on during API import.

The timestamp when the API was created.

The name of the API.

A version identifier for the API.

Specifies whether an API is managed by API Gateway. You can't update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.

An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.

A CORS configuration. Supported only for HTTP APIs.

The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.

The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.

Avoid validating models when creating a deployment. Supported only for WebSocket APIs.

The description of the API.

The API protocol.

A collection of tags associated with the API.

The response's http status code.

The next page of elements from this collection. Not valid for the last element of the collection.

The maximum number of elements to be returned for this resource.

The API identifier.

The elements from this collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The response's http status code.

The stage name. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.

The API identifier.

The next page of elements from this collection. Not valid for the last element of the collection.

The maximum number of elements to be returned for this resource.

The route ID.

The API identifier.

The elements from this collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The response's http status code.

The API identifier.

The deployment ID.

The identifier for the deployment.

Specifies whether a deployment was automatically released.

May contain additional feedback on the status of an API deployment.

The date and time when the Deployment resource was created.

The status of the deployment: PENDING, FAILED, or SUCCEEDED.

The description for the deployment.

The response's http status code.

The resource ARN for the tag.

Undocumented member.

The response's http status code.

The next page of elements from this collection. Not valid for the last element of the collection.

The maximum number of elements to be returned for this resource.

The elements from this collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The response's http status code.

Specifies how to interpret the base path of the API during import. Valid values are ignore, prepend, and split. The default value is ignore. To learn more, see Set the OpenAPI basePath Property. Supported only for HTTP APIs.

Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.

The API identifier.

The OpenAPI definition. Supported only for HTTP APIs.

The API ID.

Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.

The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.

The warning messages reported when failonwarnings is turned on during API import.

The timestamp when the API was created.

The name of the API.

A version identifier for the API.

Specifies whether an API is managed by API Gateway. You can't update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.

An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.

A CORS configuration. Supported only for HTTP APIs.

The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.

The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.

Avoid validating models when creating a deployment. Supported only for WebSocket APIs.

The description of the API.

The API protocol.

A collection of tags associated with the API.

The response's http status code.

The next page of elements from this collection. Not valid for the last element of the collection.

The maximum number of elements to be returned for this resource.

The API identifier.

The elements from this collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The response's http status code.

Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.

Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.

Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.

For a Lambda integration, specify the URI of a Lambda function.

For an HTTP integration, specify a fully-qualified URL.

For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.

For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of method.request.{location}.{name} , where {location} is querystring, path, or header; and {name} must be a valid and unique method request parameter name.

For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.

For HTTP API integrations without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern <action>:<header|querystring|path>.<location> where action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

The ID of the VPC link for a private integration. Supported only for HTTP APIs.

Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.

WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.

NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.

WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.

Specifies the integration's HTTP method type.

The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.

Specifies the format of the payload sent to an integration. Required for HTTP APIs.

The template selection expression for the integration.

Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.

Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:

CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.

CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.

If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.

The description of the integration.

The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.

Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

The API identifier.

The integration type of an integration. One of the following:

AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.

AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.

HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.

HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration. For HTTP API private integrations, use an HTTP_PROXY integration.

MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.

The integration response selection expression for the integration. Supported only for WebSocket APIs. See Integration Response Selection Expressions.

Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.

Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.

Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.

For a Lambda integration, specify the URI of a Lambda function.

For an HTTP integration, specify a fully-qualified URL.

For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.

Represents the identifier of an integration.

For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of method.request.{location}.{name} , where {location} is querystring, path, or header; and {name} must be a valid and unique method request parameter name.

For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.

For HTTP API itegrations, without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to backend integrations. The key should follow the pattern <action>:<header|querystring|path>.<location>. The action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

The ID of the VPC link for a private integration. Supported only for HTTP APIs.

Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.

WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.

NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.

WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.

Specifies the integration's HTTP method type.

The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.

Specifies the format of the payload sent to an integration. Required for HTTP APIs.

The template selection expression for the integration. Supported only for WebSocket APIs.

Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.

Specifies whether an integration is managed by API Gateway. If you created an API using using quick create, the resulting integration is managed by API Gateway. You can update a managed integration, but you can't delete it.

Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:

CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.

CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.

If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.

The integration type of an integration. One of the following:

AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.

AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.

HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.

HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration.

MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.

Represents the description of an integration.

The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.

Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

The response's http status code.

The stage name. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.

The API identifier.

The deployment identifier for the API stage. Can't be updated if autoDeploy is enabled.

Route settings for the stage.

Settings for logging access in this stage.

The identifier of a client certificate for a Stage.

A map that defines the stage variables for a Stage. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.

Specifies whether updates to an API automatically trigger a new deployment. The default value is false.

The default route settings for the stage.

The description for the API stage.

The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be $default. Maximum length is 128 characters.

The API identifier.

Describes the status of the last deployment of a stage. Supported only for stages with autoDeploy enabled.

The identifier of the Deployment that the Stage is associated with. Can't be updated if autoDeploy is enabled.

Route settings for the stage, by routeKey.

Settings for logging access in this stage.

The identifier of a client certificate for a Stage. Supported only for WebSocket APIs.

A map that defines the stage variables for a stage resource. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.

Specifies whether updates to an API automatically trigger a new deployment. The default value is false.

The timestamp when the stage was created.

Default route settings for the stage.

Specifies whether a stage is managed by API Gateway. If you created an API using quick create, the $default stage is managed by API Gateway. You can't modify the $default stage.

The name of the stage.

The timestamp when the stage was last updated.

The description of the stage.

The collection of tags. Each tag element is associated with a given resource.

The response's http status code.

The stage name. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.

The route key.

The API identifier.

The name of the Stage resource for the Deployment resource to create.

The description for the deployment resource.

The API identifier.

The identifier for the deployment.

Specifies whether a deployment was automatically released.

May contain additional feedback on the status of an API deployment.

The date and time when the Deployment resource was created.

The status of the deployment: PENDING, FAILED, or SUCCEEDED.

The description for the deployment.

The response's http status code.

The API identifier.

The route ID.

The authorization scopes supported by this route.

The model selection expression for the route. Supported only for WebSocket APIs.

The request models for the route. Supported only for WebSocket APIs.

The route response selection expression for the route. Supported only for WebSocket APIs.

The request parameters for the route. Supported only for WebSocket APIs.

The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.

The operation name for the route.

The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.

Specifies whether an API key is required for the route. Supported only for WebSocket APIs.

The route key for the route.

The target for the route.

The API identifier.

The route ID.

A list of authorization scopes configured on a route. The scopes are used with a JWT authorizer to authorize the method invocation. The authorization works by matching the route scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any route scope matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the route scope is configured, the client must provide an access token instead of an identity token for authorization purposes.

The model selection expression for the route. Supported only for WebSocket APIs.

The request models for the route. Supported only for WebSocket APIs.

The route response selection expression for the route. Supported only for WebSocket APIs.

The request parameters for the route. Supported only for WebSocket APIs.

The route ID.

The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.

The operation name for the route.

Specifies whether a route is managed by API Gateway. If you created an API using quick create, the $default route is managed by API Gateway. You can't modify the $default route key.

The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.

Specifies whether an API key is required for this route. Supported only for WebSocket APIs.

The route key for the route.

The target for the route.

The response's http status code.

The next page of elements from this collection. Not valid for the last element of the collection.

The maximum number of elements to be returned for this resource.

A collection of VPC links.