resource "aws_api_gateway_resource" "transponder-tracker-frontend" {
  parent_id   = aws_api_gateway_rest_api.transponder-tracker.root_resource_id
  path_part   = "/"
  rest_api_id = aws_api_gateway_rest_api.transponder-tracker.id
}

resource "aws_api_gateway_method" "transponder-tracker-frontend" {
  authorization = "NONE"
  http_method   = "GET"
  resource_id   = aws_api_gateway_resource.transponder-tracker-frontend.id
  rest_api_id   = aws_api_gateway_rest_api.transponder-tracker.id
}

resource "aws_api_gateway_integration" "transponder-tracker-frontend" {
  http_method = aws_api_gateway_method.transponder-tracker-frontend.http_method
  resource_id = aws_api_gateway_resource.transponder-tracker-frontend.id
  rest_api_id = aws_api_gateway_rest_api.transponder-tracker.id
  type        = "AWS_PROXY"
  uri         = module.frontend-lambda.invoke_arn
}

resource "aws_lambda_permission" "apigw_lambda_frontend" {
  statement_id  = "AllowExecutionFromAPIGateway"
  action        = "lambda:InvokeFunction"
  function_name = module.frontend-lambda.function_name
  principal     = "apigateway.amazonaws.com"

  # More: http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html
  source_arn = "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.id}:${aws_api_gateway_rest_api.transponder-tracker.id}/*/${aws_api_gateway_method.transponder-tracker-frontend.http_method}${aws_api_gateway_resource.transponder-tracker-frontend.path}"
}