Refactor Amplitude API gateway (#67)

- Move from modules to main dir, as this is an end-deployment, not a module
- Rename resources to match Terraform style standards (each type of resources has only one instance, so naming the instances duplicates information; therefore they can be named this, default, main or so)
- Parametrize AWS region
- Break down into sub-files
- Add Terraform output item to show the effective invoke_url
- Rename dir api_gateway to amplitude_api_gateway to express its specificity

amplitude_api_gateway/README.md

@@ -0,0 +1,10 @@
+# Amplitude API gateway
+
+## Deployment
+
+* Create a dedicated workspace in Terraform Cloud.
+* Create a dedicated AWS account.
+* In the account create an IAM user: `terraformer` with the `AmazonAPIGatewayAdministrator` policy attached directly.
+* Create a an IAM access key for the user.
+* In the Terraform Cloud workspace add `env` variables: `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`.
+* Apply.

amplitude_api_gateway/main.tf

@@ -0,0 +1,63 @@
+resource "aws_apigatewayv2_api" "this" {
+  name                         = "dydx-amplitude-proxy"
+  api_key_selection_expression = "$request.header.x-api-key"
+  protocol_type                = "HTTP"
+  route_selection_expression   = "$request.method $request.path"
+
+  cors_configuration {
+    allow_credentials = false
+    allow_headers = [
+      "*"
+    ]
+    allow_methods = [
+      "*"
+    ]
+    allow_origins = [
+      "*"
+    ]
+    expose_headers = [
+      "*"
+    ]
+    max_age = 0
+  }
+
+  tags = {}
+}
+
+resource "aws_apigatewayv2_stage" "this" {
+  name   = "proxy-main"
+  api_id = aws_apigatewayv2_api.this.id
+  tags   = {}
+
+  default_route_settings {
+    detailed_metrics_enabled = false
+    throttling_burst_limit   = 5000
+    throttling_rate_limit    = 10000
+  }
+
+  deployment_id = aws_apigatewayv2_deployment.this.id
+}
+
+resource "aws_apigatewayv2_route" "this" {
+  api_id             = aws_apigatewayv2_api.this.id
+  api_key_required   = false
+  authorization_type = "NONE"
+  route_key          = "ANY /2/httpapi"
+
+  target = "integrations/${aws_apigatewayv2_integration.this.id}"
+}
+
+resource "aws_apigatewayv2_integration" "this" {
+  api_id                 = aws_apigatewayv2_api.this.id
+  connection_type        = "INTERNET"
+  integration_method     = "ANY"
+  integration_type       = "HTTP_PROXY"
+  integration_uri        = "https://api2.amplitude.com/2/httpapi"
+  timeout_milliseconds   = 30000
+  payload_format_version = "1.0"
+}
+
+resource "aws_apigatewayv2_deployment" "this" {
+  depends_on = [aws_apigatewayv2_route.this]
+  api_id     = aws_apigatewayv2_api.this.id
+}

amplitude_api_gateway/output.tf

@@ -0,0 +1,3 @@
+output "invoke_url" {
+  value = aws_apigatewayv2_stage.this.invoke_url
+}

amplitude_api_gateway/providers.tf

@@ -0,0 +1,25 @@
+terraform {
+  cloud {
+    organization = "dydxprotocol"
+
+    workspaces {
+      name = ["amplitude-api-gateway"]
+    }
+  }
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 3.0"
+    }
+  }
+
+  required_version = "~> 1.3.2"
+}
+
+provider "aws" {
+  # Expects the following environment variables:
+  # - AWS_ACCESS_KEY_ID
+  # - AWS_SECRET_ACCESS_KEY
+  region = var.region
+}

amplitude_api_gateway/variables.tf

@@ -0,0 +1,5 @@
+variable "region" {
+  type        = string
+  description = "AWS region for deployment."
+  default     = "ap-northeast-1"
+}