Amazon API Gateway V2

Creates an Api resource.

Creates an API mapping.

Creates an Authorizer for an API.

Creates a Deployment for an API.

Creates a domain name.

Creates an Integration.

Creates an IntegrationResponses.

Creates a Model for an API.

Creates a Route for an API.

Creates a RouteResponse for a Route.

Creates a Stage for an API.

Creates a VPC link.

Deletes the AccessLogSettings for a Stage. To disable access logging for a Stage, delete its AccessLogSettings.

Deletes an Api resource.

Deletes an API mapping.

Deletes an Authorizer.

Deletes a CORS configuration.

Deletes a Deployment.

Deletes a domain name.

Deletes an Integration.

Deletes an IntegrationResponses.

Deletes a Model.

Deletes a Route.

Deletes a route request parameter.

Deletes a RouteResponse.

Deletes the RouteSettings for a stage.

Deletes a Stage.

Deletes a VPC link.

Exports a definition of an API in a particular output format and specification.

Resets all authorizer cache entries for the specified stage. Supported only for HTTP API Lambda authorizers.

Gets an Api resource.

Gets an API mapping.

Gets API mappings.

Gets a collection of Api resources.

Gets an Authorizer.

Gets the Authorizers for an API.

Gets a Deployment.

Gets the Deployments for an API.

Gets a domain name.

Gets the domain names for an AWS account.

Gets an Integration.

Gets an IntegrationResponses.

Gets the IntegrationResponses for an Integration.

Gets the Integrations for an API.

Gets a Model.

Gets a model template.

Gets the Models for an API.

Gets a Route.

Gets a RouteResponse.

Gets the RouteResponses for a Route.

Gets the Routes for an API.

Gets a Stage.

Gets the Stages for an API.

Gets a collection of Tag resources.

Gets a VPC link.

Gets a collection of VPC links.

Imports an API.

Puts an Api resource.

Creates a new Tag resource to represent a tag.

Deletes a Tag.

Updates an Api resource.

The API mapping.

Updates an Authorizer.

Updates a Deployment.

Updates a domain name.

Updates an Integration.

Updates an IntegrationResponses.

Updates a Model.

Updates a Route.

Updates a RouteResponse.

Updates a Stage.

Updates a VPC link.

Settings for logging access in a stage.

Settings for logging access in this stage.

Settings for logging access in this stage.

Settings for logging access in this stage.

Represents an API.

Represents an API mapping.

Represents a collection of ApiMappings resources.

Represents a collection of APIs.

Represents an Amazon Resource Name (ARN).

The ARN of the CloudWatch Logs log group to receive access logs.

Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role\'s Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, don\'t specify this parameter. Supported only for REQUEST authorizers.

This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role\'s Amazon Resource Name (ARN). To require that the caller\'s identity be passed through from the request, specify arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null. Currently, this property is not used for HTTP integrations. Supported only for HTTP APIs.

Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role\'s Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, don\'t specify this parameter. Supported only for REQUEST authorizers.

Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role\'s Amazon Resource Name (ARN). To require that the caller\'s identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.

An AWS-managed certificate that will be used by the edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source.

The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the regionalCertificateArn

Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role\'s Amazon Resource Name (ARN). To require that the caller\'s identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.

This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role\'s Amazon Resource Name (ARN). To require that the caller\'s identity be passed through from the request, specify arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null. Currently, this property is not used for HTTP integrations. If provided, this value replaces the credentials associated with the quick create integration. Supported only for HTTP APIs.

Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role\'s Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.

Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role\'s Amazon Resource Name (ARN). To require that the caller\'s identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.

A list of authorization scopes configured on a route. The scopes are used with a JWT authorizer to authorize the method invocation. The authorization works by matching the route scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any route scope matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the route scope is configured, the client must provide an access token instead of an identity token for authorization purposes.

The authorization scopes supported by this route.

A list of authorization scopes configured on a route. The scopes are used with a JWT authorizer to authorize the method invocation. The authorization works by matching the route scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any route scope matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the route scope is configured, the client must provide an access token instead of an identity token for authorization purposes.

The authorization scopes supported by this route.

The authorization type. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer. For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.

The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.

The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.

The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.

Represents an authorizer.

The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).

The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).

The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).

The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).

Represents a collection of authorizers.

The request is not valid, for example, the input is incomplete or incorrect. See the accompanying error message for details.

The requested operation would cause a conflict with the current state of a service resource associated with the request. Resolve the conflict before retrying this request. See the accompanying error message for details.

Represents a connection type.

The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.

The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.

The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.

Specifies how to handle response payload content type conversions. Supported only for WebSocket APIs.

Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:

CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.

CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.

If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.

Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:

CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.

CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.

If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.

Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:

CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.

CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.

If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.

Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:

CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.

CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.

If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.

Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:

CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.

CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.

If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.

Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:

CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.

CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.

If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.

Represents a CORS configuration. Supported only for HTTP APIs. See Configuring CORS for more information.

A CORS configuration. Supported only for HTTP APIs.

A CORS configuration. Supported only for HTTP APIs. See Configuring CORS for more information.

A CORS configuration. Supported only for HTTP APIs.

Represents a collection of allowed headers. Supported only for HTTP APIs.

Represents a collection of allowed headers. Supported only for HTTP APIs.

Represents a collection of exposed headers. Supported only for HTTP APIs.

Represents a collection of methods. Supported only for HTTP APIs.

Represents a collection of allowed HTTP methods. Supported only for HTTP APIs.

Represents a collection of origins. Supported only for HTTP APIs.

Represents a collection of allowed origins. Supported only for HTTP APIs.

Represents the input parameters for a CreateApi request.

Represents the input parameters for a CreateApiMapping request.

Represents the input parameters for a CreateAuthorizer request.

Represents the input parameters for a CreateDeployment request.

Represents the input parameters for a CreateDomainName request.

Represents the input parameters for a CreateIntegration request.

Represents the input parameters for a CreateIntegrationResponse request.

Represents the input parameters for a CreateModel request.

Represents the input parameters for a CreateRoute request.

Represents the input parameters for an CreateRouteResponse request.

Represents the input parameters for a CreateStage request.

Represents the input parameters for a CreateVpcLink request.

An immutable representation of an API that can be called by users. A Deployment must be associated with a Stage for it to be callable over the internet.

Represents a deployment status.

The status of the deployment: PENDING, FAILED, or SUCCEEDED.

A collection resource that contains zero or more references to your existing deployments, and links that guide you on how to interact with your collection. The collection offers a paginated view of the contained deployments.

Represents a domain name.

The domain name configuration.

The domain name configurations.

The domain name configurations.

The domain name configurations.

The domain name configurations.

The status of the domain name migration. The valid values are AVAILABLE, UPDATING, PENDING_CERTIFICATE_REIMPORT, and PENDING_OWNERSHIP_VERIFICATION. If the status is UPDATING, the domain cannot be modified further until the existing operation is complete. If it is AVAILABLE, the domain can be updated.

The status of the domain name migration. The valid values are AVAILABLE, UPDATING, PENDING_CERTIFICATE_REIMPORT, and PENDING_OWNERSHIP_VERIFICATION. If the status is UPDATING, the domain cannot be modified further until the existing operation is complete. If it is AVAILABLE, the domain can be updated.

Represents a collection of domain names.

Represents an endpoint type.

The endpoint type.

Represents an exported definition of an API in a particular output format, for example, YAML. The API is serialized to the requested specification, for example, OpenAPI 3.0.

The identifier.

The API ID.

The API identifier.

The API mapping identifier.

The authorizer identifier.

The API identifier.

The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.

The identifier of a client certificate for a Stage. Supported only for WebSocket APIs.

The deployment identifier of the API stage.

The identifier for the deployment.

Represents the identifier of an integration.

The integration response ID.

The model identifier.

The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.

The route ID.

Represents the identifier of a route response.

The identifier of a client certificate for a Stage. Supported only for WebSocket APIs.

The identifier of the Deployment that the Stage is associated with. Can\'t be updated if autoDeploy is enabled.

The API identifier.

The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.

The identifier of a client certificate for a Stage.

The deployment identifier for the API stage. Can\'t be updated if autoDeploy is enabled.

The ID of the VPC link.

The identity source for which authorization is requested. For the REQUEST authorizer, this is required when authorization caching is enabled. The value is a comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an Auth header, a Name query string parameter are defined as identity sources, this value is $method.request.header.Auth, $method.request.querystring.Name. These parameters will be used to derive the authorization caching key and to perform runtime validation of the REQUEST authorizer by verifying all of the identity-related request parameters are present, not null and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 Unauthorized response without calling the Lambda function. The valid value is a string of comma-separated mapping expressions of the specified request parameters. When the authorization caching is not enabled, this property is optional.

The identity source for which authorization is requested.

For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.

For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.

The identity source for which authorization is requested.

For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.

For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.

The identity source for which authorization is requested.

For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.

For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.

Represents the input to ImportAPI. Supported only for HTTP APIs.

An integer with a value between [0-3600].

The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.

The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.

The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.

An integer with a value between [50-30000].

Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.

Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.

Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.

An integer with a value between -1 and 86400. Supported only for HTTP APIs.

The number of seconds that the browser should cache preflight request results. Supported only for HTTP APIs.

Represents an integration.

For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of method.request.{location}.{name} , where {location} is querystring, path, or header; and {name} must be a valid and unique method request parameter name.

For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.

For HTTP API integrations without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern <action>:<header|querystring|path>.<location> where action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of method.request.{location}.{name} , where {location} is querystring, path, or header; and {name} must be a valid and unique method request parameter name.

For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.

For HTTP API integrations without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern <action>:<header|querystring|path>.<location> where action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of method.response.header.{name}, where {name} is a valid and unique header name. The mapped non-static value must match the pattern of integration.response.header.{name} or integration.response.body.{JSON-expression}, where {name} is a valid and unique response header name and {JSON-expression} is a valid JSON expression without the $ prefix.

For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of method.request.{location}.{name} , where {location} is querystring, path, or header; and {name} must be a valid and unique method request parameter name.

For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.

For HTTP API itegrations, without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to backend integrations. The key should follow the pattern <action>:<header|querystring|path>.<location>. The action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of method.response.header.{name}, where name is a valid and unique header name. The mapped non-static value must match the pattern of integration.response.header.{name} or integration.response.body.{JSON-expression}, where name is a valid and unique response header name and JSON-expression is a valid JSON expression without the $ prefix.

For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of method.request.{location}.{name} , where {location} is querystring, path, or header; and {name} must be a valid and unique method request parameter name.

For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.

For HTTP API integrations, without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern <action>:<header|querystring|path>.<location> where action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of method.response.header.{name} , where name is a valid and unique header name. The mapped non-static value must match the pattern of integration.response.header.{name} or integration.response.body.{JSON-expression} , where {name} is a valid and unique response header name and {JSON-expression} is a valid JSON expression without the $ prefix.

Represents an integration response.

Represents a collection of integration responses.

Represents an API method integration type.

The integration type of an integration. One of the following:

AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.

AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.

HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.

HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration. For HTTP API private integrations, use an HTTP_PROXY integration.

MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.

The integration type of an integration. One of the following:

AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.

AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.

HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.

HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration.

MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.

The integration type of an integration. One of the following:

AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.

AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.

HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.

HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration. For HTTP API private integrations, use an HTTP_PROXY integration.

MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.

Represents a collection of integrations.

Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.

Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.

Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.

Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.

A limit has been exceeded. See the accompanying error message for details.

The logging level.

Specifies the logging level for this route: INFO, ERROR, or OFF. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.

Represents a data model for an API. Supported only for WebSocket APIs. See Create Models and Mapping Templates for Request and Response Mappings.

Represents a collection of data models. See Create Models and Mapping Templates for Request and Response Mappings.

If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API.

The mutual TLS authentication configuration for a custom domain name.

If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API.

The mutual TLS authentication configuration for a custom domain name.

The mutual TLS authentication configuration for a custom domain name.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The next page of elements from this collection. Not valid for the last element of the collection.

The resource specified in the request was not found. See the message field for more information.

Validation constraints imposed on parameters of a request (path, query string, headers).

Represents passthrough behavior for an integration response. Supported only for WebSocket APIs.

Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.

WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.

NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.

WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.

Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.

WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.

NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.

WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.

Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.

WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.

NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.

WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.

The API protocol.

The API protocol.

Overwrites the configuration of an existing API using the provided definition. Supported only for HTTP APIs.

Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients.

Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.

Represents a route.

The route models.

The request models for the route. Supported only for WebSocket APIs.

The response models for the route response.

The request models for the route. Supported only for WebSocket APIs.

Represents the response models of a route response.

The request models for the route. Supported only for WebSocket APIs.

The response models for the route response.

The route parameters.

The request parameters for the route. Supported only for WebSocket APIs.

The route response parameters.

The request parameters for the route. Supported only for WebSocket APIs.

Represents the response parameters of a route response.

The request parameters for the route. Supported only for WebSocket APIs.

The route response parameters.

Represents a route response.

Represents a collection of route responses.

Represents a collection of route settings.

The default route settings for the stage.

Default route settings for the stage.

The default route settings for the stage.

The route settings map.

Route settings for the stage, by routeKey.

Route settings for the stage, by routeKey.

Route settings for the stage.

Represents a collection of routes.

A list of security group IDs for the VPC link.

A list of security group IDs for the VPC link.

A list of security group IDs for the VPC link.

The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are TLS_1_0 and TLS_1_2.

The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are TLS_1_0 and TLS_1_2.

An expression used to extract information at runtime. See Selection Expressions for more information.

An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.

The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.

An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.

The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.

The template selection expression for the integration.

The template selection expression for the integration response. Supported only for WebSocket APIs.

The model selection expression for the route. Supported only for WebSocket APIs.

The route response selection expression for the route. Supported only for WebSocket APIs.

The model selection expression for the route response. Supported only for WebSocket APIs.

The API mapping selection expression.

The integration response selection expression for the integration. Supported only for WebSocket APIs. See Integration Response Selection Expressions.

The template selection expression for the integration. Supported only for WebSocket APIs.

The template selection expressions for the integration response.

The model selection expression for the route. Supported only for WebSocket APIs.

The route response selection expression for the route. Supported only for WebSocket APIs.

Represents the model selection expression of a route response. Supported only for WebSocket APIs.

An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.

The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.

The template selection expression for the integration.

The template selection expression for the integration response. Supported only for WebSocket APIs.

The model selection expression for the route. Supported only for WebSocket APIs.

The route response selection expression for the route. Supported only for WebSocket APIs.

The model selection expression for the route response. Supported only for WebSocket APIs.

After evaluating a selection expression, the result is compared against one or more selection keys to find a matching key. See Selection Expressions for a list of expressions and each expression\'s associated selection key type.

The API mapping key.

This property is part of quick create. If you don\'t specify a routeKey, a default route of $default is created. The $default route acts as a catch-all for any request made to your API, for a particular stage. The $default route key can\'t be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs.

The integration response key.

The route key for the route.

The route response key.

The integration response key.

The route key for the route.

Represents the route response key of a route response.

This property is part of quick create. If not specified, the route created using quick create is kept. Otherwise, this value replaces the route key of the quick create route. Additional routes may still be added after the API is updated. Supported only for HTTP APIs.

The API mapping key.

The integration response key.

The route key for the route.

The route response key.

Represents an API stage.

The stage variable map.

A map that defines the stage variables for a Stage. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.

A map that defines the stage variables for a stage resource. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.

A map that defines the stage variables for a Stage. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.

A collection of Stage resources that are associated with the ApiKey resource.

A string with a length between [0-1024].

The description of the API.

The validation expression does not apply to the REQUEST authorizer.

The description of the API.

This parameter is not used.

The description for the deployment resource.

The description of the integration.

The description of the model.

The description for the API stage.

The description for the deployment.

Represents the description of an integration.

The description of the model.

The description of the stage.

The description of the API.

This parameter is not used.

The description for the deployment resource.

The description of the integration

The description of the model.

The description for the API stage.

A message summarizing the cause of the status of the VPC link.

A string with a length between [0-2048].

A string with a length between [0-32768].

The schema for the model. For application/json models, this should be JSON schema draft 4 model.

The schema for the model. For application/json models, this should be JSON schema draft 4 model.

The schema for the model. For application/json models, this should be JSON schema draft 4 model.

A string with a length between [1-1024].

A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId.

The ID of the VPC link for a private integration. Supported only for HTTP APIs.

The ID of the VPC link for a private integration. Supported only for HTTP APIs.

The ID of the VPC link for a private integration. Supported only for HTTP APIs.

A string with a length between [1-128].

The name of the API.

The API stage.

The name of the authorizer.

The name of the API.

The API stage.

The name of the authorizer.

The name of the Stage resource for the Deployment resource to create.

Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.

The name of the model. Must be alphanumeric.

The target for the route.

The name of the stage.

The name of the VPC link.

The user-friendly name of the certificate that will be used by the edge-optimized endpoint for this domain name.

Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.

The name of the model. Must be alphanumeric.

The target for the route.

The name of the stage.

The name of the API.

The API stage.

The name of the authorizer.

Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.

The name of the model.

The target for the route.

The name of the VPC link.

The name of the VPC link.

A string with a length between [0-1600].

A string with a length between [1-256].

The content-type for the model, for example, "application/json".

The content-type for the model, for example, "application/json".

The content-type for the model, for example, "application/json".

A string with a length between [1-512].

The domain name.

The name of the DomainName resource.

If you specify a server name, API Gateway uses it to verify the hostname on the integration\'s certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting.

If you specify a server name, API Gateway uses it to verify the hostname on the integration\'s certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting.

A string with a length between [1-64].

A version identifier for the API.

Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.

A version identifier for the API.

Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.

Specifies the integration\'s HTTP method type.

Specifies the format of the payload sent to an integration. Required for HTTP APIs.

The operation name for the route.

Specifies the integration\'s HTTP method type.

Specifies the format of the payload sent to an integration. Required for HTTP APIs.

The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket.

The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket.

The operation name for the route.

A version identifier for the API.

Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.

Specifies the integration\'s HTTP method type.

Specifies the format of the payload sent to an integration. Required for HTTP APIs.

The operation name for the route.

A list of subnet IDs to include in the VPC link.

A list of subnet IDs to include in the VPC link.

A list of subnet IDs to include in the VPC link.

Represents the input parameters for a TagResource request.

Represents a collection of tags associated with the resource.

A collection of tags associated with the API.

The collection of tags. Each tag element is associated with a given resource.

The collection of tags associated with a domain name.

The collection of tags. Each tag element is associated with a given resource.

A list of tags.

The collection of tags associated with a domain name.

The collection of tags. Each tag element is associated with a given resource.

The collection of tags. Each tag element is associated with a given resource.

Tags for the VPC link.

Represents a template.

A mapping of identifier keys to templates. The value is an actual template script. The key is typically a SelectionKey which is chosen based on evaluating a selection expression.

Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.

The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.

Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.

The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.

Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.

The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.

The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.

The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.

The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.

The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.

The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.

A limit has been exceeded. See the accompanying error message for details.

Represents the input parameters for an UpdateApi request.

Represents the input parameters for an UpdateApiMapping request.

The input parameters for an UpdateAuthorizer request.

Represents the input parameters for an UpdateDeployment request.

Represents the input parameters for an UpdateDomainName request.

Represents the input parameters for an UpdateIntegration request.

Represents the input parameters for an UpdateIntegrationResponse request.

Represents the input parameters for an UpdateModel request. Supported only for WebSocket APIs.

Represents the input parameters for an UpdateRoute request.

Represents the input parameters for an UpdateRouteResponse request.

Represents the input parameters for an UpdateStage request.

Represents the input parameters for an UpdateVpcLink request.

A string representation of a URI with a length between [1-2048].

The authorizer\'s Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda function URI, for example, arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. In general, the URI has this form: arn:aws:apigateway:{region}:lambda:path/{service_api} , where {region} is the same as the region hosting the Lambda function, path indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial /. For Lambda functions, this is usually of the form /2015-03-31/functions/[FunctionARN]/invocations. Supported only for REQUEST authorizers.

This property is part of quick create. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs.

The authorizer\'s Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda function URI, for example, arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. In general, the URI has this form: arn:aws:apigateway:{region}:lambda:path/{service_api} , where {region} is the same as the region hosting the Lambda function, path indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial /. For Lambda functions, this is usually of the form /2015-03-31/functions/[FunctionARN]/invocations. Supported only for REQUEST authorizers.

For a Lambda integration, specify the URI of a Lambda function.

For an HTTP integration, specify a fully-qualified URL.

For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.

For a Lambda integration, specify the URI of a Lambda function.

For an HTTP integration, specify a fully-qualified URL.

For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.

The base domain of the identity provider that issues JSON Web Tokens. For example, an Amazon Cognito user pool has the following format: https://cognito-idp.{region}.amazonaws.com/{userPoolId} . Required for the JWT authorizer type. Supported only for HTTP APIs.

An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, s3://bucket-name/key-name . The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object.

An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, s3://bucket-name/key-name . The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object.

This property is part of quick create. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. The value provided updates the integration URI and integration type. You can update a quick-created target, but you can\'t remove it from an API. Supported only for HTTP APIs.

The authorizer\'s Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda function URI, for example, arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations. In general, the URI has this form: arn:aws:apigateway:{region}:lambda:path/{service_api} , where {region} is the same as the region hosting the Lambda function, path indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial /. For Lambda functions, this is usually of the form /2015-03-31/functions/[FunctionARN]/invocations. Supported only for REQUEST authorizers.

For a Lambda integration, specify the URI of a Lambda function.

For an HTTP integration, specify a fully-qualified URL.

For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.

Represents a VPC link.

The status of the VPC link.

The status of the VPC link.

The version of the VPC link.

The version of the VPC link.

Represents a collection of VPCLinks.

Specifies whether an API is managed by API Gateway. You can\'t update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.

Avoid validating models when creating a deployment. Supported only for WebSocket APIs.

Specifies whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs

Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.

Specifies whether credentials are included in the CORS request. Supported only for HTTP APIs.

Avoid validating models when creating a deployment. Supported only for WebSocket APIs.

Specifies whether a Lambda authorizer returns a response in a simple format. By default, a Lambda authorizer must return an IAM policy. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs

Specifies whether an API key is required for the route. Supported only for WebSocket APIs.

Specifies whether updates to an API automatically trigger a new deployment. The default value is false.

Specifies whether a deployment was automatically released.

Specifies whether an integration is managed by API Gateway. If you created an API using using quick create, the resulting integration is managed by API Gateway. You can update a managed integration, but you can\'t delete it.

Whether or not the parameter is required.

Specifies whether a route is managed by API Gateway. If you created an API using quick create, the $default route is managed by API Gateway. You can\'t modify the $default route key.

Specifies whether an API key is required for this route. Supported only for WebSocket APIs.

Specifies whether (true) or not (false) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.

Specifies whether detailed metrics are enabled.

Specifies whether a stage is managed by API Gateway. If you created an API using quick create, the $default stage is managed by API Gateway. You can\'t modify the $default stage.

Specifies whether updates to an API automatically trigger a new deployment. The default value is false.

Avoid validating models when creating a deployment. Supported only for WebSocket APIs.

Specifies whether a Lambda authorizer returns a response in a simple format. By default, a Lambda authorizer must return an IAM policy. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs

Specifies whether an API key is required for the route. Supported only for WebSocket APIs.

Specifies whether updates to an API automatically trigger a new deployment. The default value is false.

Specifies the throttling rate limit.

Specifies the throttling burst limit.

The elements from this collection.

The elements from this collection.

The elements from this collection.

The elements from this collection.

The elements from this collection.

The elements from this collection.

The elements from this collection.

The elements from this collection.

The elements from this collection.

The elements from this collection.

The elements from this collection.

A collection of VPC links.

The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.

The warning messages reported when failonwarnings is turned on during API import.

A list of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list. See RFC 7519. Supported only for HTTP APIs.

A list of warnings that API Gateway returns while processing your truststore. Invalid certificates produce warnings. Mutual TLS is still enabled, but some clients might not be able to access your API. To resolve warnings, upload a new truststore to S3, and then update you domain name to use the new version.

The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.

Describes the error encountered.

Describes the error encountered.

May contain additional feedback on the status of an API deployment.

A domain name for the API.

An optional text message containing detailed information about status of the domain name migration.

The Amazon Route 53 Hosted Zone ID of the endpoint.

The OpenAPI definition. Supported only for HTTP APIs.

The limit type.

Describes the error encountered.

Describes the error encountered.

The resource type.

The OpenAPI definition. Supported only for HTTP APIs.

Describes the status of the last deployment of a stage. Supported only for stages with autoDeploy enabled.

The template value.

The timestamp when the API was created.

The date and time when the Deployment resource was created.

The timestamp when the certificate that was used by edge-optimized endpoint for this domain name was uploaded.

The timestamp when the stage was created.

The timestamp when the stage was last updated.

The timestamp when the VPC link was created.