HTTP API Gateway
This example shows a basic http api gateway configuration.
HTTP Api Gateway resource
- Fully managed, serverless HTTP Api Gateway with pay-per-request pricing.
Basic example
resources:myHttpApiGateway:type: http-api-gatewayproperties:# Determines the shape of the event delivered to your integrations.## - Payload can be also set on the integration level (when configuring `events` for your workload).# This value is only used if the payload format is not set on the integration level.# - To understand differences between payload formats, refer to# [AWS Docs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format)## - Type: enum: [1.0, 2.0]# - Required: false# - Allowed values: [1.0, 2.0]payloadFormat: 1.0# Configures CORS (Cross-Origin Resource Sharing) HTTP headers for this HTTP API Gateway.## - If CORS is configured using this property, CORS headers returned from your application are ignored and replaced## - Type: object# - Required: falsecors:# Enables CORS (Cross-Origin Resource Sharing)## If you do not specify any additional properties, default CORS configuration is used:# - `AllowedMethods`: Inferred from methods used by integrations associated with the api gateway# - `AllowedOrigins`: `*`# - `AllowedHeaders`: `Content-Type`, `X-Amz-Date`, `Authorization`, `X-Api-Key`, `X-Amz-Security-Token`, `X-Amz-User-Agent`## - Type: boolean# - Required: true# - Default: falseenabled: true# Origins to accepts cross-domain requests from## - Origin is a combination of scheme (protocol), hostname (domain), and port of the URL# - Example origin: https://foo.example## - Type: array<string># - Required: false# - Default: *allowedOrigins:- https://example.com- https://app.example.com# Allowed HTTP headers## - Each header name in the `Access-Control-Request-Headers` header of a preflight request must match a corresponding entry in the rule.## - Type: array<string># - Required: falseallowedHeaders:- Content-Type- Authorization# Allowed HTTP methods## - By default, Stacktape determines allowed methods based on the event integrations associated with gateway## - Type: array<object (reference)># - Required: falseallowedMethods:- GET- POST- PUT- DELETE# Configures the presence of credentials in the CORS request## - Type: boolean# - Required: falseallowCredentials: true# Response headers that should be made available to scripts running in the browser, in response to a cross-origin request## - Type: array<string># - Required: falseexposedResponseHeaders:- example-value# Time in seconds that browser can cache the response for a preflight request## - Type: number# - Required: falsemaxAge: 3600# Configures logging of the requests coming to the HTTP API Gateway (access logs)## - Stored properties are: `requestId`, `ip`, `requestTime`, `httpMethod`, `routeKey`, `status`, `protocol` and `responseLength`.# - You can configure log format. Supported values are `CLF`, `JSON`, `XML` and `CSV`.# - You can browse your logs in 2 ways:# - go to the log group page in the AWS CloudWatch console. You can use `stacktape stack-info` command to get a# direct link.# - use [stacktape logs command](https://docs.stacktape.com/cli/commands/logs/) to print logs to the console## - Type: object# - Required: falselogging:# Disables the collection of access logs to CloudWatch## - Type: boolean# - Required: false# - Default: falsedisabled: false# Configures format of the stored access logs## - Stored properties are: `requestId`, `ip`, `requestTime`, `httpMethod`, `routeKey`, `status`, `protocol` and `responseLength`.## - Type: enum: [CLF, CSV, JSON, XML]# - Required: false# - Default: JSON# - Allowed values: [CLF, CSV, JSON, XML]format: JSON# Amount of days the logs will be retained in the log group## - Type: enum: [1, 120, 14, 150, 180, 1827, 3, 30, 365, 3653, 400, 5, 545, 60, 7, 731, 90]# - Required: false# - Default: 30# - Allowed values: [1, 120, 14, 150, 180, 1827, 3, 30, 365, 3653, 400, 5, 545, 60, 7, 731, 90]retentionDays: 30# Configures forwarding of logs to specified destination## - Log forwarding is done using [Amazon Kinesis Data Firehose](https://aws.amazon.com/kinesis/data-firehose/) delivery stream.# - When using log forwarding, you will incur costs based on the amount of data being transferred to the destination (~$0.03 per transferred GB).# Refer to [AWS Kinesis Firehose Pricing](https://aws.amazon.com/kinesis/data-firehose/pricing/?nc=sn&loc=3) page to see details.# - Currently supported destinations for logs:# - `http-endpoint`# - delivers logs to any HTTP endpoint.# - The endpoint must follow [Firehose request and response specifications](https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html).# (Many of the third party vendors are compliant with this specifications out of the box.)# - `datadog`# - delivers logs to [Datadog](https://www.datadoghq.com/).# - `highlight`# - delivers logs to [Highlight.io](https://www.highlight.io/) project.## Refer to [our docs](https://docs.stacktape.com/configuration/log-forwarding/) for more information.## > Logs that fail to be delivered to the destination even after multiple retries (time spend on retries can be configured) are put into bucket with name `{stackName}-{resourceName}-logs-{generatedHash}`## - Type: union (anyOf)# - Required: false## - Type: object# - Required: falselogForwarding:## - Type: string# - Required: truetype: http-endpoint## - Type: object# - Required: trueproperties:# HTTPS endpoint where logs will be forwarded## - Type: string# - Required: trueendpointUrl: https://example.com# Specifies whether to use GZIP compression for the request## - When enabled, Firehose uses the content encoding to compress the body of a request before sending the request to the destination## - Type: boolean# - Required: falsegzipEncodingEnabled: true# Parameters included in each call to HTTP endpoint## - Key/Value pairs containing additional metadata you wish to send to the HTTP endpoint.# - Parameters are delivered within **X-Amz-Firehose-Common-Attributes** header as a JSON object with following format: `{"commonAttributes":{"param1":"val1", "param2":"val2"}}`## - Type: object# - Required: false# Amount of time spend on retries.## - The total amount of time that Kinesis Data Firehose spends on retries.# - This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails.# - Logs that fail to be delivered to the HTTP endpoint even after multiple retries (time spend on retries can be configured) are put into bucket with name `{stackName}-{resourceName}-logs-{generatedHash}`## - Type: number# - Required: falseretryDuration: 100# Access key (credentials), needed for authenticating with endpoint## - Access key is carried within a **X-Amz-Firehose-Access-Key** header# - The configured key is copied verbatim into the value of this header.The contents can be arbitrary and can potentially represent a JWT token or an ACCESS_KEY.# - It is recommended to use [secret](https://docs.stacktape.com/resources/secrets/) for storing your access key.## - Type: string# - Required: falseaccessKey: example-value# Attaches a custom domains to this HTTP API Gateway## Stacktape allows you to connect your custom domain names to some of your resources# (Web Service, HTTP API Gateways, Application Load Balancers and Buckets with CDNs).## Connecting a custom domain to the resource does 2 things:# - **Creates DNS records**:# - If you use your custom domain with a resource, Stacktape automatically creates a DNS record (during deploy) pointing the specified domain name to the resource.# - **Adds TLS certificates**# - If the origin resource (HTTP API Gateway, Application Load Balancer or CDN) uses HTTPS protocol, Stacktape takes care of# issuing and attaching correct (free, AWS-managed) certificate to the resource.# This means, you do not have to deal with TLS termination as it is handled by the connected resource.# - If you want to use your own certificates, you can configure `customCertificateArns`.## > To manage a custom domain, it first needs to be added to your AWS account.# > This means that a [hosted zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/AboutHZWorkingWith.html)# > (collection of records managed together for a given domain)# > for your domain exists in your AWS account and your domain registrar's name servers are pointing to it.# > To learn more, refer to [Adding a domain guide](https://docs.stacktape.com/other-resources/domains-and-certificates/#adding-domain).## - Type: array<object (reference)># - Required: falsecustomDomains:- domainName: api.example.comcustomCertificateArn: example-value# Configures AWS Cloudfront CDN (Content Delivery Network) to be in front of your HTTP API Gateway## - CDN is a globally distributed network that can cache responses from your HTTP API Gateway at the edge - close to your users.# - AWS Cloudfront has 205 edge locations on 6 continents.# - The CDN is used to:# - reduce latency & improve load times# - reduce bandwidth costs# - reduce the amount of traffic coming to the origin# - improve security# - The "origin" is the resource (HTTP API Gateway) to which CDN is attached.# CDN caches responses from the origin at the edge for specified amount of time.# - If the content requested by the client is in the CDN cache,# the CDN immediately returns it to the client without making a request to the origin.# - If the content is NOT in the cache, the CDN makes a request to the Origin.# The response from the origin is then forwarded to the client, and cached at the edge.## - Type: object# - Required: falsecdn:# Enables the CDN### - Type: boolean# - Required: true# - Default: falseenabled: true# Configures custom caching options## - Configures the caching behavior of your edge distribution (what & when should stay in cache, and when to refetch it from the origin).# - When response from the origin does not contain neither `cache-control` nor `expires` headers default caching behaviour is used.# - Default caching behaviour depends on the type of origin the CDN is attached to:# - **bucket** - by default objects are cached for 6 months (or until the CDN cache is invalidated).# - **http-api-gateway** and **application-load-balancer** - by default responses are not cached.## - Type: object# - Required: falsecachingOptions:# Only responses to the requests with these methods will be cached## - Possible values are:# - `['GET', 'HEAD']`# - `['GET', 'HEAD', 'OPTIONS']`## - Type: array<string># - Required: falsecacheMethods:- GET# The minimum amount of time in seconds that the objects will stay in the CDN cache before another request is sent to the origin## - To learn more about cache expiration, refer to [AWS Docs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html)## - Type: number# - Required: falseminTTL: 100# The maximum amount of time in seconds that the objects will stay in the CDN cache before another request is sent to the origin## - To learn more about cache expiration, refer to [AWS Docs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html)## - Type: number# - Required: falsemaxTTL: 100# The default amount of time in seconds that the objects will stay in the CDN cache before another request is sent to the origin## - To learn more about cache expiration, refer to [AWS Docs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html)## - Type: number# - Required: falsedefaultTTL: 100# Disables compression of the objects served by the CDN## - Compression is enabled by default.# - Compression can significantly reduce the size of the responses from the CDN.# In some cases, less than a quarter the size of the original. This can result in a better performance# and lower transfer costs.# - The CDN compresses objects using the `Gzip` and `Brotli` compression methods.# - If the viewer supports both formats, Brotli version is used.# - The client must indicate that it accepts compressed files using the `Accept-Encoding` HTTP header.# - To learn more about compression, refer to [AWS Docs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html)## - Type: boolean# - Required: false# - Default: falsedisableCompression: false# Configures HTTP headers, cookies, and URL query strings to include in the cache key## - By default the cache key depends on the type of origin the CDN routes to:# - **bucket** - only `url path` is part of the cache key# - **http-api-gateway** and **application-load-balancer** - only `url path` and `query string` are part of the cache key# - The values included in the cache key are automatically forwarded in the requests that the CDN sends to the origin.## - Type: object# - Required: falsecacheKeyParameters:# Configures cookies that will be included in the cache key## - By default no cookies are included in the cache key.## - Type: object# - Required: falsecookies:# No cookies are included in the cache key## - Type: boolean# - Required: falsenone: true# Only the listed cookies are included in the cache key## - Type: array<string># - Required: falsewhitelist:- example-value# All cookies except the ones listed are included in the cache key## - Type: array<string># - Required: falseallExcept:- example-value# All cookies are included in the cache key## - Type: boolean# - Required: falseall: true# Configures headers that will be included included in the cache key## - By default no headers (except `Accept-Encoding` for compression to work) are included in the cache key.## - Type: object# - Required: falseheaders:# No headers are included in the cache key## - Type: boolean# - Required: falsenone: true# Only the headers listed are included in the cache key## - Type: array<string># - Required: falsewhitelist:- example-value# Configures query parameters that will be included in the cache key## - The query params included in the cache key are automatically forwarded in the requests that the CDN sends to the origin.# - By default no query params are included in the cache key.## - Type: object# - Required: falsequeryString:# All query params are included in the cache key## - Type: boolean# - Required: falseall: true# No query params are included in the cache key## - Type: boolean# - Required: falsenone: true# Only the query parameters listed are included in the cache key## - Type: array<string># - Required: falsewhitelist:- example-value# Specifies id of pre-created cache policy that you wish to use## - Use this in a case you wish to use pre-created cache policy, instead of configuring `ttl`, `cacheKeyParameters` and other options.## - Type: string# - Required: falsecachePolicyId: example-value# Configures which parts of the request are forwarded to the origin (headers, query parameters, cookies etc.)## - Type: object# - Required: falseforwardingOptions:# Adds static headers that the CDN will add to all requests sent to the origin## - Type: array<object (reference)># - Required: falsecustomRequestHeaders:- headerName: myHeaderNamevalue: example-value# Configured methods that will be forwarded by the CDN to the origin## - If not set, all methods are forwarded## - Type: array<string># - Required: falseallowedMethods:- GET- POST- PUT- DELETE# Configured cookies forwarded to the origin## - If not set, all cookies are forwarded# - All cookies that are part of the cache key (see `cachingOptions`) are automatically forwarded to the origin.## - Type: object# - Required: falsecookies:# No cookies are forwarded to the origin## - Type: boolean# - Required: falsenone: true# Only the cookies listed are forwarded to the origin## - Type: array<string># - Required: falsewhitelist:- example-value# All cookies are forwarded to the origin## - Type: boolean# - Required: falseall: true# Configured headers will be forwarded to the origin## - If not set, all headers are forwarded# - All headers that are part of the cache key (see `cachingOptions`) are automatically forwarded to the origin.## > Warning: `Authorization` header must be set to be used as a cache key parameter within the caching options in order to be forwarded to the origin. This is to avoid unauthorized access to the resources.## - Type: object# - Required: falseheaders:# No headers are forwarded to the origin## - Type: boolean# - Required: falsenone: true# Only the headers listed are forwarded to the origin## - Type: array<string># - Required: falsewhitelist:- example-value# All viewer headers are forwarded to the origin## - Type: boolean# - Required: falseallViewer: true# All viewer headers and additional listed CDN headers are forwarded to the origin## - Type: array<string># - Required: falseallViewerAndWhitelistCloudFront:- example-value# All viewer headers except those that are explicitly specified are forwarded to the origin## - Type: array<string># - Required: falseallExcept:- example-value# Configured query params will be forwarded to the origin## - If not set, all query string parameters are forwarded# - All query string parameters that are part of the cache key (see `cachingOptions`) are automatically forwarded to the origin.## - Type: object# - Required: falsequeryString:# All query params are forwarded to the origin## - Type: boolean# - Required: falseall: true# No query params are forwarded to the origin## - Type: boolean# - Required: falsenone: true# Only the query parameters listed are forwarded to the origin## - Type: array<string># - Required: falsewhitelist:- example-value# Specifies id of pre-created origin request policy that you wish to use## - Use this in a case you wish to use pre-created origin request policy, instead of configuring `cookies`, `headers` and `queryString` options.## - Type: string# - Required: falseoriginRequestPolicyId: example-value# Enables you to redirect specific requests to a different origin## - Each incoming request to the CDN is first evaluated against route rewrites. The requested path is compared with path pattern specified in route rewrite.# - If the requested path matches the path pattern specified by route rewrite, the request is sent to the configured route.# - Route rewrites are evaluated in order. The first match is where the request will be sent to.# - If no match is found, request is sent to the default origin (the one that the CDN is attached to).## **Example use cases**:# - Most of the content you are serving is a static content# served from a bucket (static website). Some content however needs to be# rendered dynamically by a lambda function. You can route paths that need# to be rendered dynamically to the Lambda function.# - You want to cache your `jpg` files longer than# other files. You can create route rewrite that will catch every path# ending with `jpg` and set custom caching options for these paths.## - Type: array<object (reference)># - Required: falserouteRewrites:- path: example-valueroutePrefix: example-value# Attaches a custom domains to this CDN## Stacktape allows you to connect your custom domain names to some of your resources# (Web Service, Nextjs web, HTTP API Gateways, Application Load Balancers and Buckets with CDNs).## Connecting a custom domain to the resource does 2 things:# - **Creates DNS records**:# - If you use your custom domain with a resource, Stacktape automatically creates a DNS record (during deploy) pointing the specified domain name to the resource.# - **Adds TLS certificates**# - If the origin resource (HTTP API Gateway, Application Load Balancer or CDN) uses HTTPS protocol, Stacktape takes care of# issuing and attaching correct (free, AWS-managed) certificate to the resource.# This means, you do not have to deal with TLS termination as it is handled by the connected resource.# - If you want to use your own certificates, you can configure `customCertificateArns`.## > To manage a custom domain, it first needs to be added to your AWS account.# > This means that a [hosted zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/AboutHZWorkingWith.html)# > (collection of records managed together for a given domain)# > for your domain exists in your AWS account and your domain registrar's name servers are pointing to it.# > To learn more, refer to [Adding a domain guide](https://docs.stacktape.com/other-resources/domains-and-certificates/#adding-domain).## - Type: array<object (reference)># - Required: falsecustomDomains:- domainName: api.example.comcustomCertificateArn: example-value# Configures Edge function triggers## - You can associate `edge-lambda-function` with CDN to be executed:# - `onRequest` - function is executed when CDN receives a request from a client(viewer) before checking CDN cache# - `onResponse` - function is executed before returning the response to the client(viewer)## - Potential use-cases for using edge functions:# - generating immediate HTTP response without the need to check CDN cache or forward to the origin# - modifying request (i.e rewrite url, headers etc) before forwarding to the origin# - inspection of cookies# - inspection/validation of authorization headers and tokens## - Type: object# - Required: falseedgeFunctions:# Name of the edge-lambda-function in the config## - `onRequest` function is triggered when CDN receives a request from a client(viewer):# - You can modify the request before forwarding it to the origin# - You can return immediate response to the client(viewer)# - You can make network calls to external resources to confirm user credentials, or fetch additional content# - The body of the request is exposed to the function with some restrictions# (refer to [AWS docs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-restrictions.html#lambda-at-edge-restrictions-request-body) for more details)## - Type: string# - Required: falseonRequest: example-value# Name of the edge-lambda-function in the config## - `onResponse` function is triggered before CDN returns response to the client(viewer):# - You can modify the response (headers, cookies) before returning to the client# - The function does not execute in following cases:# - When the origin returns an HTTP status code of 400 or higher.# - When the response is generated from a function that was triggered by a viewer request event (`onRequest` function).## - Type: string# - Required: falseonResponse: example-value# Name of the edge-lambda-function in the config## > Use `onOriginRequest` trigger only if you are an advanced user and know what you are doing.# > Using this trigger can **override the default behaviour configured by Stacktape**.# > Stacktape uses pre-configured lambdas together with this trigger when using CDN with:# > - **bucket** - Stacktape uses this trigger with pre-configured lambda to correctly resolve URLs# > - **web-service, http-api-gateway, application-load-balancer** - Stacktape uses this trigger with pre-configured lambda to adjust headers before sending to origin# - `onOriginRequest` function is triggered after CDN receives a request from a client(viewer) but before the request is send to the origin:# - This means that function is NOT triggered when response is found in the cache (as no request to origin needs to happen)# - You can modify the request before forwarding it to the origin# - You can return immediate response to the client(viewer) - the response will be cached same way as if it was from the origin# - You can make network calls to external resources to confirm user credentials, or fetch additional content# - The body of the request is exposed to the function with some restrictions# (refer to [AWS docs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-restrictions.html#lambda-at-edge-restrictions-request-body) for more details)## - Type: string# - Required: falseonOriginRequest: example-value# Name of the edge-lambda-function in the config## - `onOriginResponse` function is triggered after origin returns response but before it is sent back to the client(viewer):# - You can modify the response (headers, cookies) before returning to the client - the response will be cached same way as if it was from the origin# - You can update the response status.## - Type: string# - Required: falseonOriginResponse: example-value# Configures locations from which the CDN serves traffic## - Higher price class results in more locations that serve your traffic.# - This can result in better performance in some regions, but is more costly.# - Example: If your users are located only in US & Europe, you can save money by configuring `PriceClass_100`# - To learn more about price classes, refer to [AWS docs](https://aws.amazon.com/cloudfront/pricing/)## - Type: enum: [PriceClass_100, PriceClass_200, PriceClass_All]# - Required: false# - Default: PriceClass_All# - Allowed values: [PriceClass_100, PriceClass_200, PriceClass_All]cloudfrontPriceClass: PriceClass_All# Prefixes requests to the origin with specified prefix## - Incoming requests will be prefixed with `defaultRoutePrefix` before being forwarded to the origin.# - Example: If the CDN receives a request with path `/my/resource/url`, the request will be sent to the origin as# `/default_route_prefix/my/resource/url`## - Type: string# - Required: falsedefaultRoutePrefix: example-value# Custom error document URL## - Error document is requested by the CDN if the original request to the origin responds with an error code `404`.# - Example: `/error.html`## - Type: string# - Required: false# - Default: /404.htmlerrorDocument: /404.html# Custom index (root) document served for requests with root path `/`### - Type: string# - Required: false# - Default: '/index.html'indexDocument: '/index.html'# Disables invalidating of the CDN cache after each deployment## - Cache is by default invalidated after every deploy to prevent serving outdated content to your users.# - When invalidating the cache, CDN flushes all the cached content and new requests# will result in a request to the origin (bucket, application-load-balancer, function or http-api-gateway)## - Type: boolean# - Required: false# - Default: falsedisableInvalidationAfterDeploy: false# Name of the 'web-app-firewall' resource to used with your CDN## - You can use `web-app-firewall` to protect your resources from common web exploits that could affect application availability, compromise security, or consume excessive resources.# - Web app firewall protects your application by filtering dangerous requests coming to your app.# You can read more about the firewall [in our docs](https://docs.stacktape.com/security-resources/web-app-firewalls/).## - Type: string# - Required: falseuseFirewall: example-value
LogForwarding alternatives
http-endpoint
This example shows how to configure logforwarding using http-endpoint.
resources:myHttpApiGateway:type: http-api-gatewayproperties:logging:# Configures forwarding of logs to specified destination## - Log forwarding is done using [Amazon Kinesis Data Firehose](https://aws.amazon.com/kinesis/data-firehose/) delivery stream.# - When using log forwarding, you will incur costs based on the amount of data being transferred to the destination (~$0.03 per transferred GB).# Refer to [AWS Kinesis Firehose Pricing](https://aws.amazon.com/kinesis/data-firehose/pricing/?nc=sn&loc=3) page to see details.# - Currently supported destinations for logs:# - `http-endpoint`# - delivers logs to any HTTP endpoint.# - The endpoint must follow [Firehose request and response specifications](https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html).# (Many of the third party vendors are compliant with this specifications out of the box.)# - `datadog`# - delivers logs to [Datadog](https://www.datadoghq.com/).# - `highlight`# - delivers logs to [Highlight.io](https://www.highlight.io/) project.## Refer to [our docs](https://docs.stacktape.com/configuration/log-forwarding/) for more information.## > Logs that fail to be delivered to the destination even after multiple retries (time spend on retries can be configured) are put into bucket with name `{stackName}-{resourceName}-logs-{generatedHash}`## - Type: object# - Required: truelogForwarding:## - Type: string# - Required: truetype: http-endpoint## - Type: object# - Required: trueproperties:# HTTPS endpoint where logs will be forwarded## - Type: string# - Required: trueendpointUrl: https://example.com# Specifies whether to use GZIP compression for the request## - When enabled, Firehose uses the content encoding to compress the body of a request before sending the request to the destination## - Type: boolean# - Required: falsegzipEncodingEnabled: true# Parameters included in each call to HTTP endpoint## - Key/Value pairs containing additional metadata you wish to send to the HTTP endpoint.# - Parameters are delivered within **X-Amz-Firehose-Common-Attributes** header as a JSON object with following format: `{"commonAttributes":{"param1":"val1", "param2":"val2"}}`## - Type: object# - Required: false# Amount of time spend on retries.## - The total amount of time that Kinesis Data Firehose spends on retries.# - This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails.# - Logs that fail to be delivered to the HTTP endpoint even after multiple retries (time spend on retries can be configured) are put into bucket with name `{stackName}-{resourceName}-logs-{generatedHash}`## - Type: number# - Required: falseretryDuration: 100# Access key (credentials), needed for authenticating with endpoint## - Access key is carried within a **X-Amz-Firehose-Access-Key** header# - The configured key is copied verbatim into the value of this header.The contents can be arbitrary and can potentially represent a JWT token or an ACCESS_KEY.# - It is recommended to use [secret](https://docs.stacktape.com/resources/secrets/) for storing your access key.## - Type: string# - Required: falseaccessKey: example-value
highlight
This example shows how to configure logforwarding using highlight.
resources:myHttpApiGateway:type: http-api-gatewayproperties:logging:# Configures forwarding of logs to specified destination## - Log forwarding is done using [Amazon Kinesis Data Firehose](https://aws.amazon.com/kinesis/data-firehose/) delivery stream.# - When using log forwarding, you will incur costs based on the amount of data being transferred to the destination (~$0.03 per transferred GB).# Refer to [AWS Kinesis Firehose Pricing](https://aws.amazon.com/kinesis/data-firehose/pricing/?nc=sn&loc=3) page to see details.# - Currently supported destinations for logs:# - `http-endpoint`# - delivers logs to any HTTP endpoint.# - The endpoint must follow [Firehose request and response specifications](https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html).# (Many of the third party vendors are compliant with this specifications out of the box.)# - `datadog`# - delivers logs to [Datadog](https://www.datadoghq.com/).# - `highlight`# - delivers logs to [Highlight.io](https://www.highlight.io/) project.## Refer to [our docs](https://docs.stacktape.com/configuration/log-forwarding/) for more information.## > Logs that fail to be delivered to the destination even after multiple retries (time spend on retries can be configured) are put into bucket with name `{stackName}-{resourceName}-logs-{generatedHash}`## - Type: object# - Required: truelogForwarding:## - Type: string# - Required: truetype: highlight## - Type: object# - Required: trueproperties:# Id of a [highlight.io](https://www.highlight.io/) project.## - You can get the id of your project in your [highlight.io console](https://app.highlight.io/).## - Type: string# - Required: trueprojectId: example-value# HTTPS endpoint where logs will be forwarded## - By default Stacktape uses `https://pub.highlight.io/v1/logs/firehose`## - Type: string# - Required: false# - Default: https://pub.highlight.io/v1/logs/firehoseendpointUrl: https://pub.highlight.io/v1/logs/firehose
datadog
This example shows how to configure logforwarding using datadog.
resources:myHttpApiGateway:type: http-api-gatewayproperties:logging:# Configures forwarding of logs to specified destination## - Log forwarding is done using [Amazon Kinesis Data Firehose](https://aws.amazon.com/kinesis/data-firehose/) delivery stream.# - When using log forwarding, you will incur costs based on the amount of data being transferred to the destination (~$0.03 per transferred GB).# Refer to [AWS Kinesis Firehose Pricing](https://aws.amazon.com/kinesis/data-firehose/pricing/?nc=sn&loc=3) page to see details.# - Currently supported destinations for logs:# - `http-endpoint`# - delivers logs to any HTTP endpoint.# - The endpoint must follow [Firehose request and response specifications](https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html).# (Many of the third party vendors are compliant with this specifications out of the box.)# - `datadog`# - delivers logs to [Datadog](https://www.datadoghq.com/).# - `highlight`# - delivers logs to [Highlight.io](https://www.highlight.io/) project.## Refer to [our docs](https://docs.stacktape.com/configuration/log-forwarding/) for more information.## > Logs that fail to be delivered to the destination even after multiple retries (time spend on retries can be configured) are put into bucket with name `{stackName}-{resourceName}-logs-{generatedHash}`## - Type: object# - Required: truelogForwarding:## - Type: string# - Required: truetype: datadog## - Type: object# - Required: trueproperties:# API key required to enable delivery of logs to Datadog## - You can get your Datadog API key in [Datadog console](https://app.datadoghq.com/organization-settings/api-keys)# - It is recommended to use [secret](https://docs.stacktape.com/resources/secrets/) for storing your api key.## - Type: string# - Required: trueapiKey: example-value# HTTPS endpoint where logs will be forwarded## - By default Stacktape uses `https://aws-kinesis-http-intake.logs.datadoghq.com/v1/input`# - If your Datadog site is in EU you should probably use `https://aws-kinesis-http-intake.logs.datadoghq.eu/v1/input`## - Type: string# - Required: false# - Default: https://aws-kinesis-http-intake.logs.datadoghq.com/v1/inputendpointUrl: https://aws-kinesis-http-intake.logs.datadoghq.com/v1/input
RouteTo alternatives
application-load-balancer
This example shows how to configure routeto using application-load-balancer.
resources:myHttpApiGateway:type: http-api-gatewayproperties:cdn:routeRewrites:items:## - Type: object# - Required: truerouteTo:## - Type: string# - Required: truetype: application-load-balancer## - Type: object# - Required: trueproperties:# Name of the Load balancer## - Type: string# - Required: trueloadBalancerName: myLoadBalancerName# Port of the Load balancer listener## - You need to specify listener port if the load balancer you are routing to uses custom listeners.## - Type: number# - Required: falselistenerPort: 3000# Explicitly sets the origin domain name you wish to use when forwarding to load balancer## - This is required only if the load balancer has no `customDomains` attached and listener uses `customCertificateArns`## - Type: string# - Required: falseoriginDomainName: myOriginDomainName
http-api-gateway
This example shows how to configure routeto using http-api-gateway.
resources:myHttpApiGateway:type: http-api-gatewayproperties:cdn:routeRewrites:items:## - Type: object# - Required: truerouteTo:## - Type: string# - Required: truetype: http-api-gateway## - Type: object# - Required: trueproperties:# Name of the HTTP Api Gateway## - Type: string# - Required: truehttpApiGatewayName: myHttpApiGatewayName
function
This example shows how to configure routeto using function.
resources:myHttpApiGateway:type: http-api-gatewayproperties:cdn:routeRewrites:items:## - Type: object# - Required: truerouteTo:## - Type: string# - Required: truetype: function## - Type: object# - Required: trueproperties:# Name of the Web Service resource## - Type: string# - Required: truefunctionName: myFunctionName
custom-origin
This example shows how to configure routeto using custom-origin.
resources:myHttpApiGateway:type: http-api-gatewayproperties:cdn:routeRewrites:items:## - Type: object# - Required: truerouteTo:## - Type: string# - Required: truetype: custom-origin## - Type: object# - Required: trueproperties:# Domain name of the custom origin.## Example: `mydomain.com` or `domain.example.com`## - Type: string# - Required: truedomainName: api.example.com# Protocol to use when connecting to custom origin.### - Type: enum: [HTTP, HTTPS]# - Required: false# - Default: HTTPS# - Allowed values: [HTTP, HTTPS]protocol: HTTP# Port of the custom origin.## By default port number 443 is used for `HTTPS` origins and port number 80 is used for `HTTP` origins.## - Type: number# - Required: false# - Default: 443port: 3000
bucket
This example shows how to configure routeto using bucket.
resources:myHttpApiGateway:type: http-api-gatewayproperties:cdn:routeRewrites:items:## - Type: object# - Required: truerouteTo:## - Type: string# - Required: truetype: bucket## - Type: object# - Required: trueproperties:# Name of the bucket## - Type: string# - Required: truebucketName: my-example-bucket# Disables URL normalization (ability to use clean urls without the `.html` extension)## - URL normalization is enabled by default.# - URL normalization is useful when you want to serve HTML files from the bucket# - When the URL normalization is enabled, the CDN is able to fetch correct HTML files# from the bucket even when incomplete URL is used (without the `.html` extension)# - This enables you to use URLs such as `<<my-domain.com>>/about` instead of urls# `<<my-domain.com>>/about.html` or `<<my-domain.com>>/about/index.html`## - Type: boolean# - Required: false# - Default: falsedisableUrlNormalization: false