Skip to main content

api_keys

Creates, updates, deletes or gets an api_key resource or lists api_keys in a region

Overview

Nameapi_keys
TypeResource
DescriptionThe AWS::ApiGateway::ApiKey resource creates a unique key that you can distribute to clients who are executing API Gateway Method resources that require an API key. To specify which API key clients must use, map the API key with the RestApi and Stage resources that include the methods that require a key.
Idaws.apigateway.api_keys

Fields

NameDatatypeDescription
api_key_idstring
customer_idstringAn MKT customer identifier, when integrating with the AWS SaaS Marketplace.
descriptionstringThe description of the ApiKey.
enabledbooleanSpecifies whether the ApiKey can be used by callers.
generate_distinct_idbooleanSpecifies whether (true) or not (false) the key identifier is distinct from the created API key value. This parameter is deprecated and should not be used.
namestringA name for the API key. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the API key name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).
If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
stage_keysarrayDEPRECATED FOR USAGE PLANS - Specifies stages associated with the API key.
tagsarrayThe key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with aws:. The tag value can be up to 256 characters.
valuestringSpecifies a value of the API key.
regionstringAWS region.

Methods

NameAccessible byRequired Params
create_resourceINSERTregion
delete_resourceDELETEdata__Identifier, region
update_resourceUPDATEdata__Identifier, data__PatchDocument, region
list_resourcesSELECTregion
get_resourceSELECTdata__Identifier, region

SELECT examples

Gets all api_keys in a region.

SELECT
region,
api_key_id,
customer_id,
description,
enabled,
generate_distinct_id,
name,
stage_keys,
tags,
value
FROM aws.apigateway.api_keys
WHERE region = 'us-east-1';

Gets all properties from an individual api_key.

SELECT
region,
api_key_id,
customer_id,
description,
enabled,
generate_distinct_id,
name,
stage_keys,
tags,
value
FROM aws.apigateway.api_keys
WHERE region = 'us-east-1' AND data__Identifier = '<APIKeyId>';

INSERT example

Use the following StackQL query and manifest file to create a new api_key resource, using stack-deploy.

/*+ create */
INSERT INTO aws.apigateway.api_keys (
 CustomerId,
 Description,
 Enabled,
 GenerateDistinctId,
 Name,
 StageKeys,
 Tags,
 Value,
 region
)
SELECT 
'{{ CustomerId }}',
 '{{ Description }}',
 '{{ Enabled }}',
 '{{ GenerateDistinctId }}',
 '{{ Name }}',
 '{{ StageKeys }}',
 '{{ Tags }}',
 '{{ Value }}',
'{{ region }}';

DELETE example

/*+ delete */
DELETE FROM aws.apigateway.api_keys
WHERE data__Identifier = '<APIKeyId>'
AND region = 'us-east-1';

Permissions

To operate on the api_keys resource, the following permissions are required:

Create

apigateway:POST,
apigateway:GET,
apigateway:PUT

Read

apigateway:GET

Update

apigateway:GET,
apigateway:PATCH,
apigateway:PUT,
apigateway:DELETE

Delete

apigateway:DELETE,
apigateway:GET

List

apigateway:GET