From 97f09903b0eef7605652bde8dde463be710f6f6d Mon Sep 17 00:00:00 2001 From: Pablo RUTH Date: Thu, 31 May 2018 17:44:10 +0200 Subject: [PATCH 1/6] add support for api key source on api gateway --- aws/resource_aws_api_gateway_rest_api.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/aws/resource_aws_api_gateway_rest_api.go b/aws/resource_aws_api_gateway_rest_api.go index df6848320b1..bb85b512b30 100644 --- a/aws/resource_aws_api_gateway_rest_api.go +++ b/aws/resource_aws_api_gateway_rest_api.go @@ -35,6 +35,11 @@ func resourceAwsApiGatewayRestApi() *schema.Resource { Optional: true, }, + "api_key_source": { + Type: schema.TypeString, + Optional: true, + }, + "policy": { Type: schema.TypeString, Optional: true, @@ -120,6 +125,10 @@ func resourceAwsApiGatewayRestApiCreate(d *schema.ResourceData, meta interface{} params.EndpointConfiguration = expandApiGatewayEndpointConfiguration(v.([]interface{})) } + if v, ok := d.GetOk("api_key_source"); ok && v.(string) != "" { + params.ApiKeySource = aws.String(v.(string)) + } + if v, ok := d.GetOk("policy"); ok && v.(string) != "" { params.Policy = aws.String(v.(string)) } @@ -198,6 +207,7 @@ func resourceAwsApiGatewayRestApiRead(d *schema.ResourceData, meta interface{}) d.Set("name", api.Name) d.Set("description", api.Description) + d.Set("api_key_source", api.ApiKeySource) // The API returns policy as an escaped JSON string // {\\\"Version\\\":\\\"2012-10-17\\\",...} From ae2235e5032158fb56c670dcb55867cb10524b53 Mon Sep 17 00:00:00 2001 From: Pablo RUTH Date: Thu, 31 May 2018 18:14:34 +0200 Subject: [PATCH 2/6] set default value as HEADER --- aws/resource_aws_api_gateway_rest_api.go | 1 + 1 file changed, 1 insertion(+) diff --git a/aws/resource_aws_api_gateway_rest_api.go b/aws/resource_aws_api_gateway_rest_api.go index bb85b512b30..4a44f36a2bc 100644 --- a/aws/resource_aws_api_gateway_rest_api.go +++ b/aws/resource_aws_api_gateway_rest_api.go @@ -38,6 +38,7 @@ func resourceAwsApiGatewayRestApi() *schema.Resource { "api_key_source": { Type: schema.TypeString, Optional: true, + Default: "HEADER", }, "policy": { From af97fa119cfe4adc6a64c92a551a3e66f6170f03 Mon Sep 17 00:00:00 2001 From: Pablo RUTH Date: Mon, 4 Jun 2018 13:51:21 +0200 Subject: [PATCH 3/6] add acctest check for api_key_source --- aws/resource_aws_api_gateway_rest_api.go | 8 ++++++++ aws/resource_aws_api_gateway_rest_api_test.go | 1 + 2 files changed, 9 insertions(+) diff --git a/aws/resource_aws_api_gateway_rest_api.go b/aws/resource_aws_api_gateway_rest_api.go index 4a44f36a2bc..b7f5c461184 100644 --- a/aws/resource_aws_api_gateway_rest_api.go +++ b/aws/resource_aws_api_gateway_rest_api.go @@ -272,6 +272,14 @@ func resourceAwsApiGatewayRestApiUpdateOperations(d *schema.ResourceData) []*api }) } + if d.HasChange("api_key_source") { + operations = append(operations, &apigateway.PatchOperation{ + Op: aws.String("replace"), + Path: aws.String("/api_key_source"), + Value: aws.String(d.Get("api_key_source").(string)), + }) + } + if d.HasChange("policy") { operations = append(operations, &apigateway.PatchOperation{ Op: aws.String("replace"), diff --git a/aws/resource_aws_api_gateway_rest_api_test.go b/aws/resource_aws_api_gateway_rest_api_test.go index 2799a30aa19..8b1d981e16e 100644 --- a/aws/resource_aws_api_gateway_rest_api_test.go +++ b/aws/resource_aws_api_gateway_rest_api_test.go @@ -98,6 +98,7 @@ func TestAccAWSAPIGatewayRestApi_basic(t *testing.T) { testAccCheckAWSAPIGatewayRestAPIMinimumCompressionSizeAttribute(&conf, 0), resource.TestCheckResourceAttr("aws_api_gateway_rest_api.test", "name", "bar"), resource.TestCheckResourceAttr("aws_api_gateway_rest_api.test", "description", ""), + resource.TestCheckResourceAttr("aws_api_gateway_rest_api.test", "api_key_source", "HEADER"), resource.TestCheckResourceAttr("aws_api_gateway_rest_api.test", "minimum_compression_size", "0"), resource.TestCheckResourceAttrSet("aws_api_gateway_rest_api.test", "created_date"), resource.TestCheckResourceAttrSet("aws_api_gateway_rest_api.test", "execution_arn"), From 9522fa4ad5b93cf4e80c8395b100daea319d92e6 Mon Sep 17 00:00:00 2001 From: Pablo RUTH Date: Mon, 4 Jun 2018 14:15:11 +0200 Subject: [PATCH 4/6] add doc of api_key_source argument --- website/docs/r/api_gateway_rest_api.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/api_gateway_rest_api.html.markdown b/website/docs/r/api_gateway_rest_api.html.markdown index cbe0e1c147f..e6965aff199 100644 --- a/website/docs/r/api_gateway_rest_api.html.markdown +++ b/website/docs/r/api_gateway_rest_api.html.markdown @@ -44,6 +44,7 @@ The following arguments are supported: * `minimum_compression_size` - (Optional) Minimum response size to compress for the REST API. Integer between -1 and 10485760 (10MB). Setting a value greater than -1 will enable compression, -1 disables compression (default). * `body` - (Optional) An OpenAPI specification that defines the set of routes and integrations to create as part of the REST API. * `policy` - (Optional) JSON formatted policy document that controls access to the API Gateway +* `api_key_source` - (Optional) The source of the API key for requests. Valid values are HEADER (default) and AUTHORIZER. __Note__: If the `body` argument is provided, the OpenAPI specification will be used to configure the resources, methods and integrations for the Rest API. If this argument is provided, the following resources should not be managed as separate ones, as updates may cause manual resource updates to be overwritten: From b8584d9e4eac55162ccc7c4266555351e39d0a45 Mon Sep 17 00:00:00 2001 From: Pablo RUTH Date: Mon, 4 Jun 2018 14:22:55 +0200 Subject: [PATCH 5/6] fix patch path for api key source --- aws/resource_aws_api_gateway_rest_api.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_api_gateway_rest_api.go b/aws/resource_aws_api_gateway_rest_api.go index b7f5c461184..4cffe461f7e 100644 --- a/aws/resource_aws_api_gateway_rest_api.go +++ b/aws/resource_aws_api_gateway_rest_api.go @@ -275,7 +275,7 @@ func resourceAwsApiGatewayRestApiUpdateOperations(d *schema.ResourceData) []*api if d.HasChange("api_key_source") { operations = append(operations, &apigateway.PatchOperation{ Op: aws.String("replace"), - Path: aws.String("/api_key_source"), + Path: aws.String("/apiKeySource"), Value: aws.String(d.Get("api_key_source").(string)), }) } From 5968ab16a168381e5b23a741f87b641bbcdcd592 Mon Sep 17 00:00:00 2001 From: Pablo RUTH Date: Mon, 4 Jun 2018 14:28:12 +0200 Subject: [PATCH 6/6] add test case for api_key_source --- aws/resource_aws_api_gateway_rest_api_test.go | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/aws/resource_aws_api_gateway_rest_api_test.go b/aws/resource_aws_api_gateway_rest_api_test.go index 8b1d981e16e..ecea4730134 100644 --- a/aws/resource_aws_api_gateway_rest_api_test.go +++ b/aws/resource_aws_api_gateway_rest_api_test.go @@ -205,6 +205,36 @@ func TestAccAWSAPIGatewayRestApi_EndpointConfiguration(t *testing.T) { }) } +func TestAccAWSAPIGatewayRestApi_api_key_source(t *testing.T) { + expectedAPIKeySource := "HEADER" + expectedUpdateAPIKeySource := "AUTHORIZER" + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSAPIGatewayRestAPIDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSAPIGatewayRestAPIConfigWithAPIKeySource, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("aws_api_gateway_rest_api.test", "api_key_source", expectedAPIKeySource), + ), + }, + { + Config: testAccAWSAPIGatewayRestAPIConfigWithUpdateAPIKeySource, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("aws_api_gateway_rest_api.test", "api_key_source", expectedUpdateAPIKeySource), + ), + }, + { + Config: testAccAWSAPIGatewayRestAPIConfig, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("aws_api_gateway_rest_api.test", "api_key_source", expectedAPIKeySource), + ), + }, + }, + }) +} + func TestAccAWSAPIGatewayRestApi_policy(t *testing.T) { expectedPolicyText := `{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":"*"},"Action":"execute-api:Invoke","Resource":"*","Condition":{"IpAddress":{"aws:SourceIp":"123.123.123.123/32"}}}]}` expectedUpdatePolicyText := `{"Version":"2012-10-17","Statement":[{"Effect":"Deny","Principal":{"AWS":"*"},"Action":"execute-api:Invoke","Resource":"*"}]}` @@ -428,6 +458,19 @@ resource "aws_api_gateway_rest_api" "test" { `, rName) } +const testAccAWSAPIGatewayRestAPIConfigWithAPIKeySource = ` +resource "aws_api_gateway_rest_api" "test" { + name = "bar" + api_key_source = "HEADER" +} +` +const testAccAWSAPIGatewayRestAPIConfigWithUpdateAPIKeySource = ` +resource "aws_api_gateway_rest_api" "test" { + name = "bar" + api_key_source = "AUTHORIZER" +} +` + const testAccAWSAPIGatewayRestAPIConfigWithPolicy = ` resource "aws_api_gateway_rest_api" "test" { name = "bar"