[ aws . apigateway ]
Sets up a method’s integration.
See also: AWS API Documentation
put-integration
--rest-api-id <value>
--resource-id <value>
--http-method <value>
--type <value>
[--integration-http-method <value>]
[--uri <value>]
[--connection-type <value>]
[--connection-id <value>]
[--credentials <value>]
[--request-parameters <value>]
[--request-templates <value>]
[--passthrough-behavior <value>]
[--cache-namespace <value>]
[--cache-key-parameters <value>]
[--content-handling <value>]
[--timeout-in-millis <value>]
[--tls-config <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
[--cli-binary-format <value>]
[--no-cli-pager]
[--cli-auto-prompt]
[--no-cli-auto-prompt]
--rest-api-id
(string)
The string identifier of the associated RestApi.
--resource-id
(string)
Specifies a put integration request’s resource ID.
--http-method
(string)
Specifies the HTTP method for the integration.
--type
(string)
Specifies a put integration input’s type.
Possible values:
HTTP
AWS
MOCK
HTTP_PROXY
AWS_PROXY
--integration-http-method
(string)
The HTTP method for the integration.
--uri
(string)
Specifies Uniform Resource Identifier (URI) of the integration endpoint. For HTTP or
HTTP_PROXY
integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification, for either standard integration, whereconnectionType
is notVPC_LINK
, or private integration, whereconnectionType
isVPC_LINK
. For a private HTTP integration, the URI is not used for routing. ForAWS
orAWS_PROXY
integrations, the URI is of the formarn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api
}. Here, {Region} is the API Gateway region (e.g., us-east-1); {service} is the name of the integrated Amazon Web Services service (e.g., s3); and {subdomain} is a designated subdomain supported by certain Amazon Web Services service for fast host-name lookup. action can be used for an Amazon Web Services service action-based API, using an Action={name}&{p1}={v1}&p2={v2}… query string. The ensuing {service_api} refers to a supported action {name} plus any required input parameters. Alternatively, path can be used for an Amazon Web Services service path-based API. The ensuing service_api refers to the path to an Amazon Web Services service resource, including the region of the integrated Amazon Web Services service, if applicable. For example, for integration with the S3 API ofGetObject
, theuri
can be eitherarn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key}
orarn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}
.
--connection-type
(string)
The type of the network connection to the integration endpoint. The valid value is
INTERNET
for connections through the public routable internet orVPC_LINK
for private connections between API Gateway and a network load balancer in a VPC. The default value isINTERNET
.Possible values:
INTERNET
VPC_LINK
--connection-id
(string)
The ID of the VpcLink used for the integration. Specify this value only if you specify
VPC_LINK
as the connection type.
--credentials
(string)
Specifies whether credentials are required for a put integration.
--request-parameters
(map)
A key-value map specifying request parameters that are passed from the method request to the back end. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request parameter value must match the pattern of
method.request.{location}.{name}
, wherelocation
isquerystring
,path
, orheader
andname
must be a valid and unique method request parameter name.key -> (string)
value -> (string)
Shorthand Syntax:
KeyName1=string,KeyName2=string
JSON Syntax:
{"string": "string"
...}
--request-templates
(map)
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.
key -> (string)
value -> (string)
Shorthand Syntax:
KeyName1=string,KeyName2=string
JSON Syntax:
{"string": "string"
...}
--passthrough-behavior
(string)
Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the
requestTemplates
property on the Integration resource. There are three valid values:WHEN_NO_MATCH
,WHEN_NO_TEMPLATES
, andNEVER
.
--cache-namespace
(string)
Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the
cacheNamespace
. You can specify the samecacheNamespace
across resources to return the same cached data for requests to different resources.
--cache-key-parameters
(list)
A list of request parameters whose values API Gateway caches. To be valid values for
cacheKeyParameters
, these parameters must also be specified for MethodrequestParameters
.(string)
Syntax:
"string" "string" ...
--content-handling
(string)
Specifies how to handle request payload content type conversions. Supported values are
CONVERT_TO_BINARY
andCONVERT_TO_TEXT
, with the following behaviors:If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the
passthroughBehavior
is configured to support payload pass-through.Possible values:
CONVERT_TO_BINARY
CONVERT_TO_TEXT
--timeout-in-millis
(integer)
Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.
--tls-config
(structure)
Specifies the TLS configuration for an integration.
insecureSkipVerification -> (boolean)
Specifies whether or not API Gateway skips verification that the certificate for an integration endpoint is issued by a supported certificate authority. This isn’t recommended, but it enables you to use certificates that are signed by private certificate authorities, or certificates that are self-signed. If enabled, API Gateway still performs basic certificate validation, which includes checking the certificate’s expiration date, hostname, and presence of a root certificate authority. Supported only for
HTTP
andHTTP_PROXY
integrations.Warning
Enabling
insecureSkipVerification
isn’t recommended, especially for integrations with public HTTPS endpoints. If you enableinsecureSkipVerification
, you increase the risk of man-in-the-middle attacks.Shorthand Syntax:
insecureSkipVerification=booleanJSON Syntax:
{ "insecureSkipVerification": true|false }
--cli-input-json
|--cli-input-yaml
(string) Reads arguments from the JSON string provided. The JSON string follows the format provided by--generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with--cli-input-yaml
.
--generate-cli-skeleton
(string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the valueinput
, prints a sample input JSON that can be used as an argument for--cli-input-json
. Similarly, if providedyaml-input
it will print a sample input YAML that can be used with--cli-input-yaml
. If provided with the valueoutput
, it validates the command inputs and returns a sample output JSON for that command. The generated JSON skeleton is not stable between versions of the AWS CLI and there are no backwards compatibility guarantees in the JSON skeleton generated.Global Options¶
--debug
(boolean)Turn on debug logging.
--endpoint-url
(string)Override command’s default URL with the given URL.
--no-verify-ssl
(boolean)By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.
--no-paginate
(boolean)Disable automatic pagination.
--output
(string)The formatting style for command output.
json
text
table
yaml
yaml-stream
--query
(string)A JMESPath query to use in filtering the response data.
--profile
(string)Use a specific profile from your credential file.
--region
(string)The region to use. Overrides config/env settings.
--version
(string)Display the version of this tool.
--color
(string)Turn on/off color output.
on
off
auto
--no-sign-request
(boolean)Do not sign requests. Credentials will not be loaded if this argument is provided.
--ca-bundle
(string)The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.
--cli-read-timeout
(int)The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.
--cli-connect-timeout
(int)The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.
--cli-binary-format
(string)The formatting style to be used for binary blobs. The default format is base64. The base64 format expects binary blobs to be provided as a base64 encoded string. The raw-in-base64-out format preserves compatibility with AWS CLI V1 behavior and binary values must be passed literally. When providing contents from a file that map to a binary blob
fileb://
will always be treated as binary and use the file contents directly regardless of thecli-binary-format
setting. When usingfile://
the file contents will need to properly formatted for the configuredcli-binary-format
.
base64
raw-in-base64-out
--no-cli-pager
(boolean)Disable cli pager for output.
--cli-auto-prompt
(boolean)Automatically prompt for CLI input parameters.
--no-cli-auto-prompt
(boolean)Disable automatically prompt for CLI input parameters.
Examples¶
Note
To use the following examples, you must have the AWS CLI installed and configured. See the Getting started guide in the AWS CLI User Guide for more information.
Unless otherwise stated, all examples have unix-like quotation rules. These examples will need to be adapted to your terminal’s quoting rules. See Using quotation marks with strings in the AWS CLI User Guide .
To create a MOCK integration request
Command:
aws apigateway put-integration --rest-api-id 1234123412 --resource-id a1b2c3 --http-method GET --type MOCK --request-templates '{ "application/json": "{\"statusCode\": 200}" }'To create a HTTP integration request
Command:
aws apigateway put-integration --rest-api-id 1234123412 --resource-id a1b2c3 --http-method GET --type HTTP --integration-http-method GET --uri 'https://domain.tld/path'To create an AWS integration request with a Lambda Function endpoint
Command:
aws apigateway put-integration --rest-api-id 1234123412 --resource-id a1b2c3 --http-method GET --type AWS --integration-http-method POST --uri 'arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:123412341234:function:function_name/invocations'Output¶
type -> (string)
Specifies an API method integration type. The valid value is one of the following:
For the HTTP and HTTP proxy integrations, each integration can specify a protocol (
http/https
), port and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy integration with aconnectionType
ofVPC_LINK
is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.httpMethod -> (string)
Specifies the integration’s HTTP method type.
uri -> (string)
Specifies Uniform Resource Identifier (URI) of the integration endpoint.
For
HTTP
orHTTP_PROXY
integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification, for either standard integration, whereconnectionType
is notVPC_LINK
, or private integration, whereconnectionType
isVPC_LINK
. For a private HTTP integration, the URI is not used for routing. ForAWS
orAWS_PROXY
integrations, the URI is of the formarn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}
. Here, {Region} is the API Gateway region (e.g., us-east-1); {service} is the name of the integrated Amazon Web Services service (e.g., s3); and {subdomain} is a designated subdomain supported by certain Amazon Web Services service for fast host-name lookup. action can be used for an Amazon Web Services service action-based API, using an Action={name}&{p1}={v1}&p2={v2}… query string. The ensuing {service_api} refers to a supported action {name} plus any required input parameters. Alternatively, path can be used for an AWS service path-based API. The ensuing service_api refers to the path to an Amazon Web Services service resource, including the region of the integrated Amazon Web Services service, if applicable. For example, for integration with the S3 API of GetObject, the uri can be eitherarn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key}
orarn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}
connectionType -> (string)
The type of the network connection to the integration endpoint. The valid value is
INTERNET
for connections through the public routable internet orVPC_LINK
for private connections between API Gateway and a network load balancer in a VPC. The default value isINTERNET
.connectionId -> (string)
The ID of the VpcLink used for the integration when
connectionType=VPC_LINK
and undefined, otherwise.credentials -> (string)
Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role’s Amazon Resource Name (ARN). To require that the caller’s identity be passed through from the request, specify the string
arn:aws:iam::\*:user/\*
. To use resource-based permissions on supported AWS services, specify null.requestParameters -> (map)
A key-value map specifying request parameters that are passed from the method request to the back end. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request parameter value must match the pattern of
method.request.{location}.{name}
, wherelocation
isquerystring
,path
, orheader
andname
must be a valid and unique method request parameter name.key -> (string)
value -> (string)
requestTemplates -> (map)
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.
key -> (string)
value -> (string)
passthroughBehavior -> (string)
Specifies how the method request body of an unmapped content type will be passed through the integration request to the back end without transformation. A content type is unmapped if no mapping template is defined in the integration or the content type does not match any of the mapped content types, as specified in
requestTemplates
. The valid value is one of the following:WHEN_NO_MATCH
: passes the method request body through the integration request to the back end without transformation when the method request content type does not match any content type associated with the mapping templates defined in the integration request.WHEN_NO_TEMPLATES
: passes the method request body through the integration request to the back end without transformation when no mapping template is defined in the integration request. If a template is defined when this option is selected, the method request of an unmapped content-type will be rejected with an HTTP 415 Unsupported Media Type response.NEVER
: rejects the method request with an HTTP 415 Unsupported Media Type response when either the method request content type does not match any content type associated with the mapping templates defined in the integration request or no mapping template is defined in the integration request.contentHandling -> (string)
Specifies how to handle request payload content type conversions. Supported values are
CONVERT_TO_BINARY
andCONVERT_TO_TEXT
, with the following behaviors:If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the
passthroughBehavior
is configured to support payload pass-through.timeoutInMillis -> (integer)
Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.
cacheNamespace -> (string)
Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the
cacheNamespace
. You can specify the samecacheNamespace
across resources to return the same cached data for requests to different resources.cacheKeyParameters -> (list)
A list of request parameters whose values API Gateway caches. To be valid values for
cacheKeyParameters
, these parameters must also be specified for MethodrequestParameters
.(string)
integrationResponses -> (map)
Specifies the integration’s responses.
key -> (string)
value -> (structure)
Represents an integration response. The status code must map to an existing MethodResponse, and parameters and templates can be used to transform the back-end response.
statusCode -> (string)
Specifies the status code that is used to map the integration response to an existing MethodResponse.
selectionPattern -> (string)
Specifies the regular expression (regex) pattern used to choose an integration response based on the response from the back end. For example, if the success response returns nothing and the error response returns some string, you could use the
.+
regex to match error response. However, make sure that the error response does not contain any newline (\n
) character in such cases. If the back end is an AWS Lambda function, the AWS Lambda function error header is matched. For all other HTTP and AWS back ends, the HTTP status code is matched.responseParameters -> (map)
A key-value map specifying response parameters that are passed to the method response from the back end. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of
method.response.header.{name}
, wherename
is a valid and unique header name. The mapped non-static value must match the pattern ofintegration.response.header.{name}
orintegration.response.body.{JSON-expression}
, wherename
is a valid and unique response header name andJSON-expression
is a valid JSON expression without the$
prefix.key -> (string)
value -> (string)
responseTemplates -> (map)
Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
key -> (string)
value -> (string)
contentHandling -> (string)
Specifies how to handle response payload content type conversions. Supported values are
CONVERT_TO_BINARY
andCONVERT_TO_TEXT
, with the following behaviors:If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.
tlsConfig -> (structure)
Specifies the TLS configuration for an integration.
insecureSkipVerification -> (boolean)
Specifies whether or not API Gateway skips verification that the certificate for an integration endpoint is issued by a supported certificate authority. This isn’t recommended, but it enables you to use certificates that are signed by private certificate authorities, or certificates that are self-signed. If enabled, API Gateway still performs basic certificate validation, which includes checking the certificate’s expiration date, hostname, and presence of a root certificate authority. Supported only for
HTTP
andHTTP_PROXY
integrations.Warning
Enabling
insecureSkipVerification
isn’t recommended, especially for integrations with public HTTPS endpoints. If you enableinsecureSkipVerification
, you increase the risk of man-in-the-middle attacks.