Skip to main content

aws_api_gateway_methods Resource

Use the aws_api_gateway_methods InSpec audit resource to test properties of multiple API Gateway methods.

The AWS::ApiGateway::Method resource creates API Gateway methods that define the parameters and body that clients must send in their requests.

For additional information, including details on parameters and properties, see the AWS APIGateway Method documentation.


This resource is available in the Chef InSpec AWS resource pack.

For information on configuring your AWS environment for Chef InSpec and creating an InSpec profile that uses the InSpec AWS resource pack, see the Chef InSpec documentation on the AWS cloud platform.


Ensure that a API Gateway method exists.

describe aws_api_gateway_method(rest_api_id: 'REST_API_ID', resource_id: 'RESOURCE_ID', http_method: 'HTTP_METHOD') do
  it { should exist }


rest_api_id (required)

The ID of the RestApi resource in which API Gateway creates the method.

resource_id (required)

The ID of an API Gateway resource. For root resource methods, specify the RestApi root resource ID, such as { "Fn::GetAtt": ["MyRestApi", "RootResourceId"] }.

http_method (required)

The HTTP method that clients use to call this method.


The HTTP method that clients use to call this method.
The method’s authorization type. Valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, CUSTOM for using a custom authorizer, or COGNITO_USER_POOLS for using a Cognito user pool.
The identifier of an Authorizer to use on this method. The authorizationType must be CUSTOM.
A boolean flag specifying whether a valid ApiKey is required to invoke this method.
The identifier of a RequestValidator for request validation.
A human-friendly operation identifier for the method.
A key-value map defining required or optional method request parameters that can be accepted by API Gateway.
A key is a method request parameter name matching the pattern of method.request.{location}.{name}, where the location is querystring, path, or header, and name is a valid and unique parameter name.
The value associated with the key is a Boolean flag indicating whether the parameter is required (true) or optional (false).
The method request parameter names defined here are available in Integration to be mapped to integration request parameters or templates.
A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key).
Gets a method response associated with a given HTTP status code.
Gets the method’s integration responsible for passing the client-submitted request to the back end and performing necessary transformations to make the request compliant with the back end.
A list of authorization scopes configured on the method.


Ensure an HTTP method is a GET request.

describe aws_api_gateway_methods(rest_api_id: 'REST_API_ID', resource_id: 'RESOURCE_ID', http_method: 'HTTP_METHOD') do
  its('http_method') { should include 'GET' }


For a full list of available matchers, see our Universal Matchers page.

This resource has the following special matchers.


Use should to test that the entity exists.

describe aws_api_gateway_methods(rest_api_id: 'REST_API_ID', resource_id: 'RESOURCE_ID', http_method: 'HTTP_METHOD') do
  it { should exist }

Use should_not to test the entity does not exist.

describe aws_api_gateway_methods(rest_api_id: 'REST_API_ID', resource_id: 'RESOURCE_ID', http_method: 'HTTP_METHOD') do
  it { should_not exist }


Use should to check if the method name is available.

describe aws_api_gateway_methods(rest_api_id: 'REST_API_ID', resource_id: 'RESOURCE_ID', http_method: 'HTTP_METHOD') do
  it { should be_available }

AWS Permissions

Your Principal will need the APIGateway:Client:Methods action with Effect set to Allow.

Edit this page on GitHub

Thank you for your feedback!


Search Results