From 23677d49aa69d66597b36455ee81305c74ee98a4 Mon Sep 17 00:00:00 2001 From: Lucas <12496191+lucashuy@users.noreply.github.com> Date: Wed, 26 Jul 2023 10:25:58 -0700 Subject: [PATCH 1/6] Added V2 Authorizer property mapping --- .../hooks/prepare/property_builder.py | 15 +++++++ .../terraform/hooks/prepare/prepare_base.py | 40 +++++++++++++++++++ .../terraform/hooks/prepare/test_translate.py | 7 ++++ 3 files changed, 62 insertions(+) diff --git a/samcli/hook_packages/terraform/hooks/prepare/property_builder.py b/samcli/hook_packages/terraform/hooks/prepare/property_builder.py index e0aef64fb5..b941465af7 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/property_builder.py +++ b/samcli/hook_packages/terraform/hooks/prepare/property_builder.py @@ -28,6 +28,7 @@ from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_INTEGRATION as CFN_AWS_APIGATEWAY_V2_INTEGRATION from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_ROUTE as CFN_AWS_APIGATEWAY_V2_ROUTE from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_STAGE as CFN_AWS_APIGATEWAY_V2_STAGE +from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_AUTHORIZER as CFN_AWS_APIGATEWAY_V2_AUTHORIZER from samcli.lib.utils.resources import AWS_LAMBDA_FUNCTION as CFN_AWS_LAMBDA_FUNCTION from samcli.lib.utils.resources import AWS_LAMBDA_LAYERVERSION as CFN_AWS_LAMBDA_LAYER_VERSION @@ -49,6 +50,7 @@ TF_AWS_API_GATEWAY_V2_ROUTE = "aws_apigatewayv2_route" TF_AWS_API_GATEWAY_V2_STAGE = "aws_apigatewayv2_stage" TF_AWS_API_GATEWAY_V2_INTEGRATION = "aws_apigatewayv2_integration" +TF_AWS_API_GATEWAY_V2_AUTHORIZER = "aws_apigatewayv2_authorizer" def _build_code_property(tf_properties: dict, resource: TFResource) -> Any: @@ -412,6 +414,16 @@ def _add_property(cfn_prop, tf_prop): "PayloadFormatVersion": _get_property_extractor("payload_format_version"), } +AWS_API_GATEWAY_V2_AUTHORIZER_PROPERTY_BUILDER_MAPPING: PropertyBuilderMapping = { + "ApiId": _get_property_extractor("api_id"), + "AuthorizerType": _get_property_extractor("authorizer_type"), + "AuthorizerUri": _get_property_extractor("authorizer_uri"), + "Name": _get_property_extractor("name"), + "AuthorizerPayloadFormatVersion": _get_property_extractor("authorizer_payload_format_version"), + "IdentitySource": _get_property_extractor("identity_sources"), + "EnableSimpleResponses": _get_property_extractor("enable_simple_responses"), +} + RESOURCE_TRANSLATOR_MAPPING: Dict[str, ResourceTranslator] = { TF_AWS_LAMBDA_FUNCTION: ResourceTranslator(CFN_AWS_LAMBDA_FUNCTION, AWS_LAMBDA_FUNCTION_PROPERTY_BUILDER_MAPPING), TF_AWS_LAMBDA_LAYER_VERSION: ResourceTranslator( @@ -450,4 +462,7 @@ def _add_property(cfn_prop, tf_prop): TF_AWS_API_GATEWAY_V2_INTEGRATION: ResourceTranslator( CFN_AWS_APIGATEWAY_V2_INTEGRATION, AWS_API_GATEWAY_V2_INTEGRATION_PROPERTY_BUILDER_MAPPING ), + TF_AWS_API_GATEWAY_V2_AUTHORIZER: ResourceTranslator( + CFN_AWS_APIGATEWAY_V2_AUTHORIZER, AWS_API_GATEWAY_V2_AUTHORIZER_PROPERTY_BUILDER_MAPPING + ), } diff --git a/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py b/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py index b34196781d..eb59543577 100644 --- a/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py +++ b/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py @@ -5,6 +5,7 @@ from samcli.hook_packages.terraform.hooks.prepare.translate import AWS_PROVIDER_NAME, NULL_RESOURCE_PROVIDER_NAME from samcli.lib.utils.resources import ( + AWS_APIGATEWAY_V2_AUTHORIZER, AWS_LAMBDA_FUNCTION as CFN_AWS_LAMBDA_FUNCTION, AWS_LAMBDA_LAYERVERSION, AWS_APIGATEWAY_RESOURCE, @@ -61,6 +62,7 @@ def setUp(self) -> None: self.apigwv2_route_name = "my_apigwv2_route" self.apigwv2_stage_name = "my_apigwv2_stage" self.apigwv2_integration_name = "my_apigwv2_integration" + self.apigwv2_authorizer_name = "my_authorizer_v2" self.tf_function_common_properties: dict = { "function_name": self.zip_function_name, @@ -941,6 +943,44 @@ def setUp(self) -> None: "Metadata": {"SamResourceId": f"aws_apigatewayv2_integration.{self.apigwv2_integration_name}"}, } + self.tf_apigwv2_authorizer_common_attributes: dict = { + "type": "aws_apigatewayv2_authorizer", + "provider_name": AWS_PROVIDER_NAME, + } + + self.tf_apigwv2_authorizer_properties: dict = { + "api_id": "aws_apigatewayv2_api.my_api.id", + "authorizer_type": "REQUEST", + "authorizer_uri": "aws_lambda_function.authorizerv2.invoke_arn", + "name": self.apigwv2_authorizer_name, + "authorizer_payload_format_version": "2.0", + "identity_sources": ["$request.header.hello"], + "enable_simple_responses": False + } + + self.expected_cfn_apigwv2_authorizer_properties: dict = { + "ApiId": "aws_apigatewayv2_api.my_api.id", + "AuthorizerType": "REQUEST", + "AuthorizerUri": "aws_lambda_function.authorizerv2.invoke_arn", + "Name": self.apigwv2_authorizer_name, + "AuthorizerPayloadFormatVersion": "2.0", + "IdentitySource": ["$request.header.hello"], + "EnableSimpleResponses": False + } + + self.tf_apigwv2_authorizer_resource: dict = { + **self.tf_apigwv2_authorizer_common_attributes, + "values": self.tf_apigwv2_authorizer_properties, + "address": f"aws_api_gateway_authorizer.{self.apigwv2_authorizer_name}", + "name": self.apigwv2_authorizer_name, + } + + self.expectedv2_cfn_apigw_authorizer: dict = { + "Type": AWS_APIGATEWAY_V2_AUTHORIZER, + "Properties": self.expected_cfn_apigwv2_authorizer_properties, + "Metadata": {"SamResourceId": f"aws_api_gateway_authorizer.{self.apigwv2_authorizer_name}"}, + } + self.tf_json_with_root_module_only: dict = { "planned_values": { "root_module": { diff --git a/tests/unit/hook_packages/terraform/hooks/prepare/test_translate.py b/tests/unit/hook_packages/terraform/hooks/prepare/test_translate.py index 41c3f36b7f..902b7b62df 100644 --- a/tests/unit/hook_packages/terraform/hooks/prepare/test_translate.py +++ b/tests/unit/hook_packages/terraform/hooks/prepare/test_translate.py @@ -6,6 +6,7 @@ from tests.unit.hook_packages.terraform.hooks.prepare.prepare_base import PrepareHookUnitBase from samcli.hook_packages.terraform.hooks.prepare.property_builder import ( + AWS_API_GATEWAY_V2_AUTHORIZER_PROPERTY_BUILDER_MAPPING, AWS_LAMBDA_FUNCTION_PROPERTY_BUILDER_MAPPING, REMOTE_DUMMY_VALUE, AWS_API_GATEWAY_RESOURCE_PROPERTY_BUILDER_MAPPING, @@ -1146,6 +1147,12 @@ def test_translating_apigwv2_integration(self): ) self.assertEqual(translated_cfn_properties, self.expected_cfn_apigwv2_integration_properties) + def test_translating_apigwv2_authorizer(self): + translated_cfn_properties = _translate_properties( + self.tf_apigwv2_authorizer_properties, AWS_API_GATEWAY_V2_AUTHORIZER_PROPERTY_BUILDER_MAPPING, Mock() + ) + self.assertEqual(translated_cfn_properties, self.expected_cfn_apigwv2_authorizer_properties) + class TestUnresolvableAttributeCheck(TestCase): @patch("samcli.hook_packages.terraform.hooks.prepare.translate.RESOURCE_TRANSLATOR_MAPPING") From c98f98c28cb84ce3be9483d705d0e87182dbc57a Mon Sep 17 00:00:00 2001 From: Lucas <12496191+lucashuy@users.noreply.github.com> Date: Wed, 26 Jul 2023 10:31:25 -0700 Subject: [PATCH 2/6] make format --- .../hook_packages/terraform/hooks/prepare/property_builder.py | 2 +- .../hook_packages/terraform/hooks/prepare/prepare_base.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/samcli/hook_packages/terraform/hooks/prepare/property_builder.py b/samcli/hook_packages/terraform/hooks/prepare/property_builder.py index b941465af7..dce739f1cf 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/property_builder.py +++ b/samcli/hook_packages/terraform/hooks/prepare/property_builder.py @@ -25,10 +25,10 @@ from samcli.lib.utils.resources import AWS_APIGATEWAY_RESTAPI as CFN_AWS_APIGATEWAY_RESTAPI from samcli.lib.utils.resources import AWS_APIGATEWAY_STAGE as CFN_AWS_APIGATEWAY_STAGE from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_API as CFN_AWS_APIGATEWAY_V2_API +from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_AUTHORIZER as CFN_AWS_APIGATEWAY_V2_AUTHORIZER from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_INTEGRATION as CFN_AWS_APIGATEWAY_V2_INTEGRATION from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_ROUTE as CFN_AWS_APIGATEWAY_V2_ROUTE from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_STAGE as CFN_AWS_APIGATEWAY_V2_STAGE -from samcli.lib.utils.resources import AWS_APIGATEWAY_V2_AUTHORIZER as CFN_AWS_APIGATEWAY_V2_AUTHORIZER from samcli.lib.utils.resources import AWS_LAMBDA_FUNCTION as CFN_AWS_LAMBDA_FUNCTION from samcli.lib.utils.resources import AWS_LAMBDA_LAYERVERSION as CFN_AWS_LAMBDA_LAYER_VERSION diff --git a/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py b/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py index eb59543577..feb182d378 100644 --- a/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py +++ b/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py @@ -955,7 +955,7 @@ def setUp(self) -> None: "name": self.apigwv2_authorizer_name, "authorizer_payload_format_version": "2.0", "identity_sources": ["$request.header.hello"], - "enable_simple_responses": False + "enable_simple_responses": False, } self.expected_cfn_apigwv2_authorizer_properties: dict = { @@ -965,7 +965,7 @@ def setUp(self) -> None: "Name": self.apigwv2_authorizer_name, "AuthorizerPayloadFormatVersion": "2.0", "IdentitySource": ["$request.header.hello"], - "EnableSimpleResponses": False + "EnableSimpleResponses": False, } self.tf_apigwv2_authorizer_resource: dict = { From 9538c04cf1545818d9dba800baf20d8ab79f310d Mon Sep 17 00:00:00 2001 From: Lucas <12496191+lucashuy@users.noreply.github.com> Date: Wed, 26 Jul 2023 11:07:52 -0700 Subject: [PATCH 3/6] Link a V2 Authorizer to a Lambda Function --- .../terraform/hooks/prepare/exceptions.py | 14 ++++++ .../hooks/prepare/resource_linking.py | 38 ++++++++++++++++ .../hooks/prepare/resources/apigw.py | 11 ++++- .../hooks/prepare/resources/resource_links.py | 7 +++ .../prepare/resources/resource_properties.py | 3 ++ .../hooks/prepare/test_resource_linking.py | 43 +++++++++++++++++++ 6 files changed, 115 insertions(+), 1 deletion(-) diff --git a/samcli/hook_packages/terraform/hooks/prepare/exceptions.py b/samcli/hook_packages/terraform/hooks/prepare/exceptions.py index 9b0f8cee50..f1b1be4871 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/exceptions.py +++ b/samcli/hook_packages/terraform/hooks/prepare/exceptions.py @@ -287,6 +287,20 @@ class GatewayV2RouteToGatewayV2ApiLocalVariablesLinkingLimitationException(Local """ +class OneGatewayV2AuthorizerToLambdaFunctionLinkingLimitationException(OneResourceLinkingLimitationException): + """ + Exception specific for Gateway V2 Authorizer linking to more than one Lambda Function + """ + + +class GatewayV2AuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException( + LocalVariablesLinkingLimitationException +): + """ + Exception specific for Gateway V2 Authorizer linking to Lambda Function using locals. + """ + + class InvalidSamMetadataPropertiesException(UserException): pass diff --git a/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py b/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py index 808c18a351..665a36ea6d 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py +++ b/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py @@ -16,6 +16,7 @@ GatewayResourceToApiGatewayIntegrationResponseLocalVariablesLinkingLimitationException, GatewayResourceToApiGatewayMethodLocalVariablesLinkingLimitationException, GatewayResourceToGatewayRestApiLocalVariablesLinkingLimitationException, + GatewayV2AuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException, GatewayV2IntegrationToGatewayV2ApiLocalVariablesLinkingLimitationException, GatewayV2IntegrationToLambdaFunctionLocalVariablesLinkingLimitationException, GatewayV2RouteToGatewayV2ApiLocalVariablesLinkingLimitationException, @@ -30,6 +31,7 @@ OneGatewayResourceToApiGatewayIntegrationResponseLinkingLimitationException, OneGatewayResourceToApiGatewayMethodLinkingLimitationException, OneGatewayResourceToRestApiLinkingLimitationException, + OneGatewayV2AuthorizerToLambdaFunctionLinkingLimitationException, OneGatewayV2IntegrationToGatewayV2ApiLinkingLimitationException, OneGatewayV2IntegrationToLambdaFunctionLinkingLimitationException, OneGatewayV2RouteToGatewayV2ApiLinkingLimitationException, @@ -2002,3 +2004,39 @@ def _link_gateway_v2_route_to_api( linking_exceptions=exceptions, ) ResourceLinker(resource_linking_pair).link_resources() + + +def _link_gateway_v2_authorizer_to_lambda_function( + authorizer_config_resources: Dict[str, TFResource], + authorizer_cfn_resources: Dict[str, List], + lamda_function_resources: Dict[str, Dict], +) -> None: + """ + Iterate through all the resources and link the corresponding V2 Authorizer to each Lambda Function + + Parameters + ---------- + authorizer_config_resources: Dict[str, TFResource] + Dictionary of configuration Authorizer resources + authorizer_cfn_resources: Dict[str, List] + Dictionary containing resolved configuration address of CFN Authorizer resources + lamda_function_resources: Dict[str, Dict] + Dictionary of Terraform Lambda Function resources (not configuration resources). The dictionary's key is the + calculated logical id for each resource + """ + exceptions = ResourcePairExceptions( + multiple_resource_linking_exception=OneGatewayV2AuthorizerToLambdaFunctionLinkingLimitationException, + local_variable_linking_exception=GatewayV2AuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException, + ) + resource_linking_pair = ResourceLinkingPair( + source_resource_cfn_resource=authorizer_cfn_resources, + source_resource_tf_config=authorizer_config_resources, + destination_resource_tf=lamda_function_resources, + tf_destination_attribute_name="invoke_arn", + terraform_link_field_name="authorizer_uri", + cfn_link_field_name="AuthorizerUri", + terraform_resource_type_prefix=LAMBDA_FUNCTION_RESOURCE_ADDRESS_PREFIX, + cfn_resource_update_call_back_function=_link_gateway_authorizer_to_lambda_function_call_back, + linking_exceptions=exceptions, + ) + ResourceLinker(resource_linking_pair).link_resources() diff --git a/samcli/hook_packages/terraform/hooks/prepare/resources/apigw.py b/samcli/hook_packages/terraform/hooks/prepare/resources/apigw.py index 50bb29fecc..7688debe49 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/resources/apigw.py +++ b/samcli/hook_packages/terraform/hooks/prepare/resources/apigw.py @@ -137,13 +137,22 @@ def __init__(self): class ApiGatewayV2IntegrationProperties(ResourceProperties): """ - Contains the collection logic of the required properties for linking the aws_api_gateway_v2_authorizer resources. + Contains the collection logic of the required properties for linking the aws_api_gateway_v2_integration resources. """ def __init__(self): super(ApiGatewayV2IntegrationProperties, self).__init__() +class ApiGatewayV2AuthorizerProperties(ResourceProperties): + """ + Contains the collection logic of the required properties for linking the aws_api_gateway_v2_authorizer resources. + """ + + def __init__(self): + super(ApiGatewayV2AuthorizerProperties, self).__init__() + + def add_integrations_to_methods( gateway_methods_cfn: Dict[str, List], gateway_integrations_cfn: Dict[str, List] ) -> None: diff --git a/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py b/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py index b308e6b2c1..38647dd99a 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py +++ b/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py @@ -9,6 +9,7 @@ TF_AWS_API_GATEWAY_REST_API, TF_AWS_API_GATEWAY_STAGE, TF_AWS_API_GATEWAY_V2_API, + TF_AWS_API_GATEWAY_V2_AUTHORIZER, TF_AWS_API_GATEWAY_V2_INTEGRATION, TF_AWS_API_GATEWAY_V2_ROUTE, TF_AWS_LAMBDA_FUNCTION, @@ -27,6 +28,7 @@ _link_gateway_methods_to_gateway_rest_apis, _link_gateway_resources_to_gateway_rest_apis, _link_gateway_stage_to_rest_api, + _link_gateway_v2_authorizer_to_lambda_function, _link_gateway_v2_integration_to_api, _link_gateway_v2_integration_to_lambda_function, _link_gateway_v2_route_to_api, @@ -117,4 +119,9 @@ dest=TF_AWS_API_GATEWAY_V2_API, linking_func=_link_gateway_v2_route_to_api, ), + LinkingPairCaller( + source=TF_AWS_API_GATEWAY_V2_AUTHORIZER, + dest=TF_AWS_LAMBDA_FUNCTION, + linking_func=_link_gateway_v2_authorizer_to_lambda_function, + ), ] diff --git a/samcli/hook_packages/terraform/hooks/prepare/resources/resource_properties.py b/samcli/hook_packages/terraform/hooks/prepare/resources/resource_properties.py index ce15cbf048..f675d51a8c 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/resources/resource_properties.py +++ b/samcli/hook_packages/terraform/hooks/prepare/resources/resource_properties.py @@ -10,6 +10,7 @@ TF_AWS_API_GATEWAY_REST_API, TF_AWS_API_GATEWAY_STAGE, TF_AWS_API_GATEWAY_V2_API, + TF_AWS_API_GATEWAY_V2_AUTHORIZER, TF_AWS_API_GATEWAY_V2_INTEGRATION, TF_AWS_API_GATEWAY_V2_ROUTE, TF_AWS_LAMBDA_FUNCTION, @@ -22,6 +23,7 @@ ApiGatewayRestApiProperties, ApiGatewayStageProperties, ApiGatewayV2ApiProperties, + ApiGatewayV2AuthorizerProperties, ApiGatewayV2IntegrationProperties, ApiGatewayV2RouteProperties, ) @@ -58,4 +60,5 @@ def get_resource_property_mapping() -> Dict[str, ResourceProperties]: TF_AWS_API_GATEWAY_V2_ROUTE: ApiGatewayV2RouteProperties(), TF_AWS_API_GATEWAY_V2_INTEGRATION: ApiGatewayV2IntegrationProperties(), TF_AWS_API_GATEWAY_V2_API: ApiGatewayV2ApiProperties(), + TF_AWS_API_GATEWAY_V2_AUTHORIZER: ApiGatewayV2AuthorizerProperties(), } diff --git a/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py b/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py index ae562f8823..e4593151e4 100644 --- a/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py +++ b/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py @@ -9,6 +9,7 @@ GatewayAuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException, GatewayAuthorizerToRestApiLocalVariablesLinkingLimitationException, GatewayMethodToGatewayAuthorizerLocalVariablesLinkingLimitationException, + GatewayV2AuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException, InvalidResourceLinkingException, LocalVariablesLinkingLimitationException, ONE_LAMBDA_LAYER_LINKING_ISSUE_LINK, @@ -17,6 +18,7 @@ OneGatewayAuthorizerToLambdaFunctionLinkingLimitationException, OneGatewayAuthorizerToRestApiLinkingLimitationException, OneGatewayMethodToGatewayAuthorizerLinkingLimitationException, + OneGatewayV2AuthorizerToLambdaFunctionLinkingLimitationException, OneLambdaLayerLinkingLimitationException, FunctionLayerLocalVariablesLinkingLimitationException, OneGatewayResourceToApiGatewayMethodLinkingLimitationException, @@ -55,6 +57,7 @@ _link_gateway_authorizer_to_rest_api, _link_gateway_method_to_gateway_authorizer, _link_gateway_method_to_gateway_authorizer_call_back, + _link_gateway_v2_authorizer_to_lambda_function, _resolve_module_output, _resolve_module_variable, _build_module, @@ -2688,3 +2691,43 @@ def test_link_gateway_v2_integration_to_api_callback( _link_gateway_v2_resource_to_api_callback(gateway_resource, logical_ids) input_gateway_v2_integration["Properties"]["ApiId"] = expected_api_reference self.assertEqual(gateway_resource, input_gateway_v2_integration) + + @patch( + "samcli.hook_packages.terraform.hooks.prepare.resource_linking._link_gateway_authorizer_to_lambda_function_call_back" + ) + @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourceLinker") + @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourceLinkingPair") + @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourcePairExceptions") + def test_link_gateway_v2_authorizer_to_lambda_function( + self, + mock_resource_linking_exceptions, + mock_resource_linking_pair, + mock_resource_linker, + mock_link_gateway_authorizer_to_lambda_function_call_back, + ): + v2_authorizer_cfn_resources = Mock() + v2_authorizer_config_resources = Mock() + lambda_function_resources = Mock() + + _link_gateway_v2_authorizer_to_lambda_function( + v2_authorizer_config_resources, v2_authorizer_cfn_resources, lambda_function_resources + ) + + mock_resource_linking_exceptions.assert_called_once_with( + multiple_resource_linking_exception=OneGatewayV2AuthorizerToLambdaFunctionLinkingLimitationException, + local_variable_linking_exception=GatewayV2AuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException, + ) + + mock_resource_linking_pair.assert_called_once_with( + source_resource_cfn_resource=v2_authorizer_cfn_resources, + source_resource_tf_config=v2_authorizer_config_resources, + destination_resource_tf=lambda_function_resources, + tf_destination_attribute_name="invoke_arn", + terraform_link_field_name="authorizer_uri", + cfn_link_field_name="AuthorizerUri", + terraform_resource_type_prefix=LAMBDA_FUNCTION_RESOURCE_ADDRESS_PREFIX, + cfn_resource_update_call_back_function=mock_link_gateway_authorizer_to_lambda_function_call_back, + linking_exceptions=mock_resource_linking_exceptions(), + ) + + mock_resource_linker.assert_called_once_with(mock_resource_linking_pair()) From b4b991a04b11592f5e926cf4c2555e647d6dac2d Mon Sep 17 00:00:00 2001 From: Lucas <12496191+lucashuy@users.noreply.github.com> Date: Wed, 26 Jul 2023 11:20:14 -0700 Subject: [PATCH 4/6] Link V2 Authorizers to V2 Api --- .../terraform/hooks/prepare/exceptions.py | 14 +++++++ .../hooks/prepare/resource_linking.py | 39 ++++++++++++++++++ .../hooks/prepare/resources/resource_links.py | 6 +++ .../hooks/prepare/test_resource_linking.py | 41 +++++++++++++++++++ 4 files changed, 100 insertions(+) diff --git a/samcli/hook_packages/terraform/hooks/prepare/exceptions.py b/samcli/hook_packages/terraform/hooks/prepare/exceptions.py index f1b1be4871..ff0d1cfb9f 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/exceptions.py +++ b/samcli/hook_packages/terraform/hooks/prepare/exceptions.py @@ -301,6 +301,20 @@ class GatewayV2AuthorizerToLambdaFunctionLocalVariablesLinkingLimitationExceptio """ +class OneGatewayV2AuthorizerToGatewayV2ApiLinkingLimitationException(OneResourceLinkingLimitationException): + """ + Exception specific for Gateway V2 Authorizer linking to more than one Gateway V2 API + """ + + +class GatewayV2AuthorizerToGatewayV2ApiLocalVariablesLinkingLimitationException( + LocalVariablesLinkingLimitationException +): + """ + Exception specific for Gateway V2 Authorizer linking to Gateway V2 API using locals. + """ + + class InvalidSamMetadataPropertiesException(UserException): pass diff --git a/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py b/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py index 665a36ea6d..f4c66f2030 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py +++ b/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py @@ -16,6 +16,7 @@ GatewayResourceToApiGatewayIntegrationResponseLocalVariablesLinkingLimitationException, GatewayResourceToApiGatewayMethodLocalVariablesLinkingLimitationException, GatewayResourceToGatewayRestApiLocalVariablesLinkingLimitationException, + GatewayV2AuthorizerToGatewayV2ApiLocalVariablesLinkingLimitationException, GatewayV2AuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException, GatewayV2IntegrationToGatewayV2ApiLocalVariablesLinkingLimitationException, GatewayV2IntegrationToLambdaFunctionLocalVariablesLinkingLimitationException, @@ -31,6 +32,7 @@ OneGatewayResourceToApiGatewayIntegrationResponseLinkingLimitationException, OneGatewayResourceToApiGatewayMethodLinkingLimitationException, OneGatewayResourceToRestApiLinkingLimitationException, + OneGatewayV2AuthorizerToGatewayV2ApiLinkingLimitationException, OneGatewayV2AuthorizerToLambdaFunctionLinkingLimitationException, OneGatewayV2IntegrationToGatewayV2ApiLinkingLimitationException, OneGatewayV2IntegrationToLambdaFunctionLinkingLimitationException, @@ -2040,3 +2042,40 @@ def _link_gateway_v2_authorizer_to_lambda_function( linking_exceptions=exceptions, ) ResourceLinker(resource_linking_pair).link_resources() + + +def _link_gateway_v2_authorizer_to_api( + v2_authorizer_config_resources: Dict[str, TFResource], + v2_authorizer_config_address_cfn_resources_map: Dict[str, List], + api_resources: Dict[str, Dict], +) -> None: + """ + Iterate through all the resources and link the corresponding + Gateway V2 Authorizer resources to each Gateway V2 Api + + Parameters + ---------- + v2_authorizer_config_resources: Dict[str, TFResource] + Dictionary of configuration Gateway V2 Authorizers + v2_authorizer_config_address_cfn_resources_map: Dict[str, List] + Dictionary containing resolved configuration addresses matched up to the cfn Gateway V2 Authorizer + api_resources: Dict[str, Dict] + Dictionary of all Terraform Gateway V2 Api resources (not configuration resources). + The dictionary's key is the calculated logical id for each resource. + """ + exceptions = ResourcePairExceptions( + multiple_resource_linking_exception=OneGatewayV2AuthorizerToGatewayV2ApiLinkingLimitationException, + local_variable_linking_exception=GatewayV2AuthorizerToGatewayV2ApiLocalVariablesLinkingLimitationException, + ) + resource_linking_pair = ResourceLinkingPair( + source_resource_cfn_resource=v2_authorizer_config_address_cfn_resources_map, + source_resource_tf_config=v2_authorizer_config_resources, + destination_resource_tf=api_resources, + tf_destination_attribute_name="id", + terraform_link_field_name="api_id", + cfn_link_field_name="ApiId", + terraform_resource_type_prefix=API_GATEWAY_V2_API_RESOURCE_ADDRESS_PREFIX, + cfn_resource_update_call_back_function=_link_gateway_v2_resource_to_api_callback, + linking_exceptions=exceptions, + ) + ResourceLinker(resource_linking_pair).link_resources() diff --git a/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py b/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py index 38647dd99a..4802b84b07 100644 --- a/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py +++ b/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py @@ -28,6 +28,7 @@ _link_gateway_methods_to_gateway_rest_apis, _link_gateway_resources_to_gateway_rest_apis, _link_gateway_stage_to_rest_api, + _link_gateway_v2_authorizer_to_api, _link_gateway_v2_authorizer_to_lambda_function, _link_gateway_v2_integration_to_api, _link_gateway_v2_integration_to_lambda_function, @@ -124,4 +125,9 @@ dest=TF_AWS_LAMBDA_FUNCTION, linking_func=_link_gateway_v2_authorizer_to_lambda_function, ), + LinkingPairCaller( + source=TF_AWS_API_GATEWAY_V2_AUTHORIZER, + dest=TF_AWS_API_GATEWAY_V2_API, + linking_func=_link_gateway_v2_authorizer_to_api, + ), ] diff --git a/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py b/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py index e4593151e4..0beaa83e0d 100644 --- a/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py +++ b/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py @@ -9,6 +9,7 @@ GatewayAuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException, GatewayAuthorizerToRestApiLocalVariablesLinkingLimitationException, GatewayMethodToGatewayAuthorizerLocalVariablesLinkingLimitationException, + GatewayV2AuthorizerToGatewayV2ApiLocalVariablesLinkingLimitationException, GatewayV2AuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException, InvalidResourceLinkingException, LocalVariablesLinkingLimitationException, @@ -18,6 +19,7 @@ OneGatewayAuthorizerToLambdaFunctionLinkingLimitationException, OneGatewayAuthorizerToRestApiLinkingLimitationException, OneGatewayMethodToGatewayAuthorizerLinkingLimitationException, + OneGatewayV2AuthorizerToGatewayV2ApiLinkingLimitationException, OneGatewayV2AuthorizerToLambdaFunctionLinkingLimitationException, OneLambdaLayerLinkingLimitationException, FunctionLayerLocalVariablesLinkingLimitationException, @@ -57,6 +59,7 @@ _link_gateway_authorizer_to_rest_api, _link_gateway_method_to_gateway_authorizer, _link_gateway_method_to_gateway_authorizer_call_back, + _link_gateway_v2_authorizer_to_api, _link_gateway_v2_authorizer_to_lambda_function, _resolve_module_output, _resolve_module_variable, @@ -2731,3 +2734,41 @@ def test_link_gateway_v2_authorizer_to_lambda_function( ) mock_resource_linker.assert_called_once_with(mock_resource_linking_pair()) + + @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking._link_gateway_v2_resource_to_api_callback") + @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourceLinker") + @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourceLinkingPair") + @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourcePairExceptions") + def test_link_gateway_v2_authorizer_to_api( + self, + mock_resource_linking_exceptions, + mock_resource_linking_pair, + mock_resource_linker, + mock_link_gateway_v2_resource_to_api_callback, + ): + v2_authorizer_cfn_resources = Mock() + v2_authorizer_config_resources = Mock() + v2_api_resources = Mock() + + _link_gateway_v2_authorizer_to_api( + v2_authorizer_config_resources, v2_authorizer_cfn_resources, v2_api_resources + ) + + mock_resource_linking_exceptions.assert_called_once_with( + multiple_resource_linking_exception=OneGatewayV2AuthorizerToGatewayV2ApiLinkingLimitationException, + local_variable_linking_exception=GatewayV2AuthorizerToGatewayV2ApiLocalVariablesLinkingLimitationException, + ) + + mock_resource_linking_pair.assert_called_once_with( + source_resource_cfn_resource=v2_authorizer_cfn_resources, + source_resource_tf_config=v2_authorizer_config_resources, + destination_resource_tf=v2_api_resources, + tf_destination_attribute_name="id", + terraform_link_field_name="api_id", + cfn_link_field_name="ApiId", + terraform_resource_type_prefix=API_GATEWAY_V2_API_RESOURCE_ADDRESS_PREFIX, + cfn_resource_update_call_back_function=mock_link_gateway_v2_resource_to_api_callback, + linking_exceptions=mock_resource_linking_exceptions(), + ) + + mock_resource_linker.assert_called_once_with(mock_resource_linking_pair()) From c850d31bc890138ad9f282c980af8e94790aa549 Mon Sep 17 00:00:00 2001 From: Lucas <12496191+lucashuy@users.noreply.github.com> Date: Thu, 27 Jul 2023 09:30:43 -0700 Subject: [PATCH 5/6] Added missing lines to include new resource in testing suite --- .../terraform/hooks/prepare/prepare_base.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py b/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py index feb182d378..c196061d95 100644 --- a/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py +++ b/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py @@ -971,14 +971,14 @@ def setUp(self) -> None: self.tf_apigwv2_authorizer_resource: dict = { **self.tf_apigwv2_authorizer_common_attributes, "values": self.tf_apigwv2_authorizer_properties, - "address": f"aws_api_gateway_authorizer.{self.apigwv2_authorizer_name}", + "address": f"aws_apigatewayv2_authorizer.{self.apigwv2_authorizer_name}", "name": self.apigwv2_authorizer_name, } - self.expectedv2_cfn_apigw_authorizer: dict = { + self.expected_cfn_apigwv2_authorizer: dict = { "Type": AWS_APIGATEWAY_V2_AUTHORIZER, "Properties": self.expected_cfn_apigwv2_authorizer_properties, - "Metadata": {"SamResourceId": f"aws_api_gateway_authorizer.{self.apigwv2_authorizer_name}"}, + "Metadata": {"SamResourceId": f"aws_apigatewayv2_authorizer.{self.apigwv2_authorizer_name}"}, } self.tf_json_with_root_module_only: dict = { @@ -1001,6 +1001,7 @@ def setUp(self) -> None: self.tf_apigwv2_route_resource, self.tf_apigwv2_stage_resource, self.tf_apigwv2_integration_resource, + self.tf_apigwv2_authorizer_resource, ] } } @@ -1022,9 +1023,10 @@ def setUp(self) -> None: f"AwsApigatewayv2RouteMyApigwv2Route{self.mock_logical_id_hash}": self.expected_cfn_apigwv2_route, f"AwsApigatewayv2StageMyApigwv2Stage{self.mock_logical_id_hash}": self.expected_cfn_apigwv2_stage, f"AwsApigatewayv2IntegrationMyApigwv2Integration{self.mock_logical_id_hash}": self.expected_cfn_apigwv2_integration, + f"AwsApigatewayv2AuthorizerMyAuthorizerV2{self.mock_logical_id_hash}": self.expected_cfn_apigwv2_authorizer, }, } - + self.maxDiff = None self.tf_json_with_root_module_with_sam_metadata_resources: dict = { "planned_values": { "root_module": { From 8b939493292abb91a642a145d017146c172f485a Mon Sep 17 00:00:00 2001 From: Lucas <12496191+lucashuy@users.noreply.github.com> Date: Thu, 27 Jul 2023 09:41:47 -0700 Subject: [PATCH 6/6] Removed max diff pytest option --- tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py b/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py index c196061d95..783384f122 100644 --- a/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py +++ b/tests/unit/hook_packages/terraform/hooks/prepare/prepare_base.py @@ -1026,7 +1026,6 @@ def setUp(self) -> None: f"AwsApigatewayv2AuthorizerMyAuthorizerV2{self.mock_logical_id_hash}": self.expected_cfn_apigwv2_authorizer, }, } - self.maxDiff = None self.tf_json_with_root_module_with_sam_metadata_resources: dict = { "planned_values": { "root_module": {