From a5db312744c0428f5a084379bff05b5da3c2e4bd Mon Sep 17 00:00:00 2001
From: Joao Anselmo <joaoanselmo@ip-10-212-135-76.ec2.internal>
Date: Wed, 4 Feb 2026 11:57:11 -0300
Subject: [PATCH 1/3] change api gateway

---
 modules/api-gateway/gateway.tf | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/modules/api-gateway/gateway.tf b/modules/api-gateway/gateway.tf
index bdb68a3..6e0cb91 100644
--- a/modules/api-gateway/gateway.tf
+++ b/modules/api-gateway/gateway.tf
@@ -1,6 +1,10 @@
 resource "aws_api_gateway_domain_name" "custom_domain" {
-  certificate_arn = local.certificate_arn
-  domain_name     = local.domain
+  domain_name              = local.domain
+  regional_certificate_arn = local.certificate_arn
+
+  endpoint_configuration {
+    types = ["REGIONAL"]
+  }
 }
 
 resource "aws_api_gateway_rest_api" "gateway_api" {
@@ -36,11 +40,11 @@ resource "aws_route53_record" "domain" {
 
   alias {
     evaluate_target_health = true
-    name                   = aws_api_gateway_domain_name.custom_domain.cloudfront_domain_name
-    zone_id                = aws_api_gateway_domain_name.custom_domain.cloudfront_zone_id
+    name                   = aws_api_gateway_domain_name.custom_domain.regional_domain_name
+    zone_id                = aws_api_gateway_domain_name.custom_domain.regional_zone_id
   }
 
   depends_on = [
     aws_api_gateway_domain_name.custom_domain
   ]
-}
\ No newline at end of file
+}

From 8197013ed800b0778b62e06b0dd14400a3bc8049 Mon Sep 17 00:00:00 2001
From: Joao Anselmo <joaoanselmo@ip-10-212-135-76.ec2.internal>
Date: Wed, 4 Feb 2026 12:05:32 -0300
Subject: [PATCH 2/3] change api gateway

---
 modules/api-gateway/README.md    | 54 ++++++++++++++++++++++++++++++++
 modules/api-gateway/gateway.tf   |  9 +++---
 modules/api-gateway/variables.tf | 11 +++++++
 3 files changed, 70 insertions(+), 4 deletions(-)
 create mode 100644 modules/api-gateway/README.md

diff --git a/modules/api-gateway/README.md b/modules/api-gateway/README.md
new file mode 100644
index 0000000..2468353
--- /dev/null
+++ b/modules/api-gateway/README.md
@@ -0,0 +1,54 @@
+# api-gateway
+
+Terraform module to create an API Gateway REST API with a custom domain and Route53 alias record.
+
+## Usage (EDGE - default)
+
+```hcl
+module "api_gateway" {
+  source = "./modules/api-gateway"
+
+  name            = "my-api"
+  domain          = "api.example.com"
+  zone            = "example.com."
+  certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/xxxx"
+}
+```
+
+## Usage (REGIONAL)
+
+```hcl
+module "api_gateway" {
+  source = "./modules/api-gateway"
+
+  name            = "my-api"
+  domain          = "api.example.com"
+  zone            = "example.com."
+  certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/xxxx"
+  endpoint_type   = "REGIONAL"
+}
+```
+
+## Inputs
+
+| Name | Type | Default | Description |
+|---|---|---|---|
+| `api_key_source` | `string` | `"HEADER"` | API Key Source. |
+| `certificate_arn` | `string` | n/a | ACM certificate ARN. For `EDGE`, must be in `us-east-1`. For `REGIONAL`, must be in the same region as the API Gateway. |
+| `domain` | `string` | n/a | Custom domain for the API Gateway. |
+| `endpoint_type` | `string` | `"EDGE"` | Endpoint type for the custom domain. Allowed values: `EDGE`, `REGIONAL`. |
+| `name` | `string` | n/a | API Gateway name. |
+| `private_zone` | `bool` | `false` | Whether the Route53 zone is private. |
+| `zone` | `string` | n/a | Route53 zone name (e.g. `example.com.`). |
+
+## Outputs
+
+| Name | Description |
+|---|---|
+| `id` | API Gateway REST API ID. |
+| `root_resource_api_id` | API Gateway root resource ID. |
+
+## Notes
+
+- The Route53 record is created as an alias to the API Gateway custom domain.
+- The module looks up the Route53 zone by name and `private_zone`.
diff --git a/modules/api-gateway/gateway.tf b/modules/api-gateway/gateway.tf
index 6e0cb91..26d9d74 100644
--- a/modules/api-gateway/gateway.tf
+++ b/modules/api-gateway/gateway.tf
@@ -1,9 +1,10 @@
 resource "aws_api_gateway_domain_name" "custom_domain" {
   domain_name              = local.domain
-  regional_certificate_arn = local.certificate_arn
+  certificate_arn          = var.endpoint_type == "EDGE" ? local.certificate_arn : null
+  regional_certificate_arn = var.endpoint_type == "REGIONAL" ? local.certificate_arn : null
 
   endpoint_configuration {
-    types = ["REGIONAL"]
+    types = [var.endpoint_type]
   }
 }
 
@@ -40,8 +41,8 @@ resource "aws_route53_record" "domain" {
 
   alias {
     evaluate_target_health = true
-    name                   = aws_api_gateway_domain_name.custom_domain.regional_domain_name
-    zone_id                = aws_api_gateway_domain_name.custom_domain.regional_zone_id
+    name                   = var.endpoint_type == "REGIONAL" ? aws_api_gateway_domain_name.custom_domain.regional_domain_name : aws_api_gateway_domain_name.custom_domain.cloudfront_domain_name
+    zone_id                = var.endpoint_type == "REGIONAL" ? aws_api_gateway_domain_name.custom_domain.regional_zone_id : aws_api_gateway_domain_name.custom_domain.cloudfront_zone_id
   }
 
   depends_on = [
diff --git a/modules/api-gateway/variables.tf b/modules/api-gateway/variables.tf
index 31c469e..ea60cbf 100644
--- a/modules/api-gateway/variables.tf
+++ b/modules/api-gateway/variables.tf
@@ -29,6 +29,17 @@ variable "api_key_source" {
   default     = "HEADER"
 }
 
+variable "endpoint_type" {
+  description = "API Gateway custom domain endpoint type: EDGE or REGIONAL"
+  type        = string
+  default     = "EDGE"
+
+  validation {
+    condition     = contains(["EDGE", "REGIONAL"], var.endpoint_type)
+    error_message = "endpoint_type must be either \"EDGE\" or \"REGIONAL\"."
+  }
+}
+
 locals {
   domain          = var.domain
   name            = var.name

From 82f27e85b72d141c134705053aa1755d229110a8 Mon Sep 17 00:00:00 2001
From: Joao Anselmo <joaoanselmo@MBPMIB009575.local>
Date: Wed, 4 Feb 2026 14:17:05 -0300
Subject: [PATCH 3/3] create dns var

---
 modules/api-gateway/gateway.tf   | 1 +
 modules/api-gateway/variables.tf | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/modules/api-gateway/gateway.tf b/modules/api-gateway/gateway.tf
index 26d9d74..a51f447 100644
--- a/modules/api-gateway/gateway.tf
+++ b/modules/api-gateway/gateway.tf
@@ -35,6 +35,7 @@ EOF
 }
 
 resource "aws_route53_record" "domain" {
+  count   = var.create_dns ? 1 : 0
   name    = local.domain
   type    = "A"
   zone_id = data.aws_route53_zone.zone.id
diff --git a/modules/api-gateway/variables.tf b/modules/api-gateway/variables.tf
index ea60cbf..025c58a 100644
--- a/modules/api-gateway/variables.tf
+++ b/modules/api-gateway/variables.tf
@@ -8,6 +8,12 @@ variable "zone" {
   type        = string
 }
 
+variable "create_dns" {
+  description = "Whether to create the Route53 DNS record"
+  type        = bool
+  default     = true
+}
+
 variable "certificate_arn" {
   type = string
 }