feat: Link Lambda Authorizer to Rest API (aws#5219)

* Link RestApiId property for Lambda Authorizers * Updated docstring * Format files --------- Co-authored-by: Mohamed Elasmar <[email protected]>
lucashuy · Jun 22, 2023 · a9a02e7 · a9a02e7
1 parent 23c3990
commit a9a02e7
Show file tree

Hide file tree

Showing 4 changed files with 101 additions and 4 deletions.
diff --git a/samcli/hook_packages/terraform/hooks/prepare/exceptions.py b/samcli/hook_packages/terraform/hooks/prepare/exceptions.py
@@ -207,6 +207,18 @@ class GatewayAuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException(
     """
 
 
+class OneGatewayAuthorizerToRestApiLinkingLimitationException(OneResourceLinkingLimitationException):
+    """
+    Exception specific for Gateway Authorizer linking to more than one Rest API
+    """
+
+
+class GatewayAuthorizerToRestApiLocalVariablesLinkingLimitationException(LocalVariablesLinkingLimitationException):
+    """
+    Exception specific for Gateway Authorizer linking to Rest APIs using locals.
+    """
+
+
 class OneGatewayMethodToGatewayAuthorizerLinkingLimitationException(OneResourceLinkingLimitationException):
     """
     Exception specific for Gateway Method linking to more than one Gateway Authorizer

diff --git a/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py b/samcli/hook_packages/terraform/hooks/prepare/resource_linking.py
@@ -10,6 +10,7 @@
 from samcli.hook_packages.terraform.hooks.prepare.exceptions import (
     FunctionLayerLocalVariablesLinkingLimitationException,
     GatewayAuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException,
+    GatewayAuthorizerToRestApiLocalVariablesLinkingLimitationException,
     GatewayMethodToGatewayAuthorizerLocalVariablesLinkingLimitationException,
     GatewayResourceToApiGatewayIntegrationLocalVariablesLinkingLimitationException,
     GatewayResourceToApiGatewayIntegrationResponseLocalVariablesLinkingLimitationException,
@@ -19,6 +20,7 @@
     LambdaFunctionToApiGatewayIntegrationLocalVariablesLinkingLimitationException,
     LocalVariablesLinkingLimitationException,
     OneGatewayAuthorizerToLambdaFunctionLinkingLimitationException,
+    OneGatewayAuthorizerToRestApiLinkingLimitationException,
     OneGatewayMethodToGatewayAuthorizerLinkingLimitationException,
     OneGatewayResourceToApiGatewayIntegrationLinkingLimitationException,
     OneGatewayResourceToApiGatewayIntegrationResponseLinkingLimitationException,
@@ -1546,7 +1548,7 @@ def _link_gateway_authorizer_to_lambda_function_call_back(
 def _link_gateway_authorizer_to_lambda_function(
     authorizer_config_resources: Dict[str, TFResource],
     authorizer_cfn_resources: Dict[str, List],
-    authorizer_tf_resources: Dict[str, Dict],
+    lamda_function_resources: Dict[str, Dict],
 ) -> None:
     """
     Iterate through all the resources and link the corresponding Authorizer to each Lambda Function
@@ -1557,8 +1559,8 @@ def _link_gateway_authorizer_to_lambda_function(
         Dictionary of configuration Authorizer resources
     authorizer_cfn_resources: Dict[str, List]
         Dictionary containing resolved configuration address of CFN Authorizer resources
-    lambda_layers_terraform_resources: Dict[str, Dict]
-        Dictionary of all actual terraform layers resources (not configuration resources). The dictionary's key is the
+    lamda_function_resources: Dict[str, Dict]
+        Dictionary of Terraform Lambda Function resources (not configuration resources). The dictionary's key is the
         calculated logical id for each resource
     """
     exceptions = ResourcePairExceptions(
@@ -1568,7 +1570,7 @@ def _link_gateway_authorizer_to_lambda_function(
     resource_linking_pair = ResourceLinkingPair(
         source_resource_cfn_resource=authorizer_cfn_resources,
         source_resource_tf_config=authorizer_config_resources,
-        destination_resource_tf=authorizer_tf_resources,
+        destination_resource_tf=lamda_function_resources,
         tf_destination_attribute_name="invoke_arn",
         terraform_link_field_name="authorizer_uri",
         cfn_link_field_name="AuthorizerUri",
@@ -1579,6 +1581,42 @@ def _link_gateway_authorizer_to_lambda_function(
     ResourceLinker(resource_linking_pair).link_resources()
 
 
+def _link_gateway_authorizer_to_rest_api(
+    authorizer_config_resources: Dict[str, TFResource],
+    authorizer_cfn_resources: Dict[str, List],
+    rest_api_resource: Dict[str, Dict],
+) -> None:
+    """
+    Iterate through all the resources and link the corresponding Authorizer to each Rest Api
+
+    Parameters
+    ----------
+    authorizer_config_resources: Dict[str, TFResource]
+        Dictionary of configuration Authorizer resources
+    authorizer_cfn_resources: Dict[str, List]
+        Dictionary containing resolved configuration address of CFN Authorizer resources
+    rest_api_resource: Dict[str, Dict]
+        Dictionary of Terraform Rest Api resources (not configuration resources). The dictionary's key is the
+        calculated logical id for each resource
+    """
+    exceptions = ResourcePairExceptions(
+        multiple_resource_linking_exception=OneGatewayAuthorizerToRestApiLinkingLimitationException,
+        local_variable_linking_exception=GatewayAuthorizerToRestApiLocalVariablesLinkingLimitationException,
+    )
+    resource_linking_pair = ResourceLinkingPair(
+        source_resource_cfn_resource=authorizer_cfn_resources,
+        source_resource_tf_config=authorizer_config_resources,
+        destination_resource_tf=rest_api_resource,
+        tf_destination_attribute_name="id",
+        terraform_link_field_name="rest_api_id",
+        cfn_link_field_name="RestApiId",
+        terraform_resource_type_prefix=API_GATEWAY_REST_API_RESOURCE_ADDRESS_PREFIX,
+        cfn_resource_update_call_back_function=_link_gateway_resource_to_gateway_rest_apis_rest_api_id_call_back,
+        linking_exceptions=exceptions,
+    )
+    ResourceLinker(resource_linking_pair).link_resources()
+
+
 def _link_gateway_method_to_gateway_authorizer_call_back(
     gateway_method_cfn_resource: Dict, authorizer_resources: List[ReferenceType]
 ) -> None:

diff --git a/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py b/samcli/hook_packages/terraform/hooks/prepare/resources/resource_links.py
@@ -13,6 +13,7 @@
 )
 from samcli.hook_packages.terraform.hooks.prepare.resource_linking import (
     _link_gateway_authorizer_to_lambda_function,
+    _link_gateway_authorizer_to_rest_api,
     _link_gateway_integration_responses_to_gateway_resource,
     _link_gateway_integration_responses_to_gateway_rest_apis,
     _link_gateway_integrations_to_function_resource,
@@ -79,6 +80,11 @@
         dest=TF_AWS_LAMBDA_FUNCTION,
         linking_func=_link_gateway_authorizer_to_lambda_function,
     ),
+    LinkingPairCaller(
+        source=TF_AWS_API_GATEWAY_AUTHORIZER,
+        dest=TF_AWS_API_GATEWAY_REST_API,
+        linking_func=_link_gateway_authorizer_to_rest_api,
+    ),
     LinkingPairCaller(
         source=TF_AWS_API_GATEWAY_METHOD,
         dest=TF_AWS_API_GATEWAY_AUTHORIZER,

diff --git a/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py b/tests/unit/hook_packages/terraform/hooks/prepare/test_resource_linking.py
@@ -7,13 +7,15 @@
 from parameterized import parameterized
 from samcli.hook_packages.terraform.hooks.prepare.exceptions import (
     GatewayAuthorizerToLambdaFunctionLocalVariablesLinkingLimitationException,
+    GatewayAuthorizerToRestApiLocalVariablesLinkingLimitationException,
     GatewayMethodToGatewayAuthorizerLocalVariablesLinkingLimitationException,
     InvalidResourceLinkingException,
     LocalVariablesLinkingLimitationException,
     ONE_LAMBDA_LAYER_LINKING_ISSUE_LINK,
     LOCAL_VARIABLES_SUPPORT_ISSUE_LINK,
     APPLY_WORK_AROUND_MESSAGE,
     OneGatewayAuthorizerToLambdaFunctionLinkingLimitationException,
+    OneGatewayAuthorizerToRestApiLinkingLimitationException,
     OneGatewayMethodToGatewayAuthorizerLinkingLimitationException,
     OneLambdaLayerLinkingLimitationException,
     FunctionLayerLocalVariablesLinkingLimitationException,
@@ -42,6 +44,7 @@
     _clean_references_list,
     _link_gateway_authorizer_to_lambda_function,
     _link_gateway_authorizer_to_lambda_function_call_back,
+    _link_gateway_authorizer_to_rest_api,
     _link_gateway_method_to_gateway_authorizer,
     _link_gateway_method_to_gateway_authorizer_call_back,
     _resolve_module_output,
@@ -2295,6 +2298,44 @@ def test_link_gateway_method_to_gateway_authorizer_call_back(self, logical_ids,
         original_method["Properties"]["AuthorizerId"] = expected_reference
         self.assertEqual(original_method, new_method)
 
+    @patch(
+        "samcli.hook_packages.terraform.hooks.prepare.resource_linking._link_gateway_resource_to_gateway_rest_apis_rest_api_id_call_back"
+    )
+    @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourceLinker")
+    @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourceLinkingPair")
+    @patch("samcli.hook_packages.terraform.hooks.prepare.resource_linking.ResourcePairExceptions")
+    def test_link_gateway_authorizer_to_rest_api(
+        self,
+        mock_resource_linking_exceptions,
+        mock_resource_linking_pair,
+        mock_resource_linker,
+        mock_link_resource_to_rest_api_call_back,
+    ):
+        authorizer_cfn_resources = Mock()
+        authorizer_config_resources = Mock()
+        rest_api_resources = Mock()
+
+        _link_gateway_authorizer_to_rest_api(authorizer_config_resources, authorizer_cfn_resources, rest_api_resources)
+
+        mock_resource_linking_exceptions.assert_called_once_with(
+            multiple_resource_linking_exception=OneGatewayAuthorizerToRestApiLinkingLimitationException,
+            local_variable_linking_exception=GatewayAuthorizerToRestApiLocalVariablesLinkingLimitationException,
+        )
+
+        mock_resource_linking_pair.assert_called_once_with(
+            source_resource_cfn_resource=authorizer_cfn_resources,
+            source_resource_tf_config=authorizer_config_resources,
+            destination_resource_tf=rest_api_resources,
+            tf_destination_attribute_name="id",
+            terraform_link_field_name="rest_api_id",
+            cfn_link_field_name="RestApiId",
+            terraform_resource_type_prefix=API_GATEWAY_REST_API_RESOURCE_ADDRESS_PREFIX,
+            cfn_resource_update_call_back_function=mock_link_resource_to_rest_api_call_back,
+            linking_exceptions=mock_resource_linking_exceptions(),
+        )
+
+        mock_resource_linker.assert_called_once_with(mock_resource_linking_pair())
+
     @patch(
         "samcli.hook_packages.terraform.hooks.prepare.resource_linking._link_gateway_method_to_gateway_authorizer_call_back"
     )