github.com/gabrielperezs/terraform@v0.7.0-rc2.0.20160715084931-f7da2612946f/builtin/providers/aws/resource_aws_api_gateway_authorizer.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/apigateway" 10 "github.com/hashicorp/terraform/helper/schema" 11 ) 12 13 func resourceAwsApiGatewayAuthorizer() *schema.Resource { 14 return &schema.Resource{ 15 Create: resourceAwsApiGatewayAuthorizerCreate, 16 Read: resourceAwsApiGatewayAuthorizerRead, 17 Update: resourceAwsApiGatewayAuthorizerUpdate, 18 Delete: resourceAwsApiGatewayAuthorizerDelete, 19 20 Schema: map[string]*schema.Schema{ 21 "authorizer_uri": &schema.Schema{ 22 Type: schema.TypeString, 23 Required: true, 24 }, 25 "identity_source": &schema.Schema{ 26 Type: schema.TypeString, 27 Optional: true, 28 Default: "method.request.header.Authorization", 29 }, 30 "name": &schema.Schema{ 31 Type: schema.TypeString, 32 Required: true, 33 }, 34 "rest_api_id": &schema.Schema{ 35 Type: schema.TypeString, 36 Required: true, 37 ForceNew: true, 38 }, 39 "type": &schema.Schema{ 40 Type: schema.TypeString, 41 Optional: true, 42 Default: "TOKEN", 43 }, 44 "authorizer_credentials": &schema.Schema{ 45 Type: schema.TypeString, 46 Optional: true, 47 }, 48 "authorizer_result_ttl_in_seconds": &schema.Schema{ 49 Type: schema.TypeInt, 50 Optional: true, 51 ValidateFunc: validateIntegerInRange(0, 3600), 52 }, 53 "identity_validation_expression": &schema.Schema{ 54 Type: schema.TypeString, 55 Optional: true, 56 }, 57 }, 58 } 59 } 60 61 func resourceAwsApiGatewayAuthorizerCreate(d *schema.ResourceData, meta interface{}) error { 62 conn := meta.(*AWSClient).apigateway 63 64 input := apigateway.CreateAuthorizerInput{ 65 AuthorizerUri: aws.String(d.Get("authorizer_uri").(string)), 66 IdentitySource: aws.String(d.Get("identity_source").(string)), 67 Name: aws.String(d.Get("name").(string)), 68 RestApiId: aws.String(d.Get("rest_api_id").(string)), 69 Type: aws.String(d.Get("type").(string)), 70 } 71 72 if v, ok := d.GetOk("authorizer_credentials"); ok { 73 input.AuthorizerCredentials = aws.String(v.(string)) 74 } 75 if v, ok := d.GetOk("authorizer_result_ttl_in_seconds"); ok { 76 input.AuthorizerResultTtlInSeconds = aws.Int64(int64(v.(int))) 77 } 78 if v, ok := d.GetOk("identity_validation_expression"); ok { 79 input.IdentityValidationExpression = aws.String(v.(string)) 80 } 81 82 log.Printf("[INFO] Creating API Gateway Authorizer: %s", input) 83 out, err := conn.CreateAuthorizer(&input) 84 if err != nil { 85 return fmt.Errorf("Error creating API Gateway Authorizer: %s", err) 86 } 87 88 d.SetId(*out.Id) 89 90 return resourceAwsApiGatewayAuthorizerRead(d, meta) 91 } 92 93 func resourceAwsApiGatewayAuthorizerRead(d *schema.ResourceData, meta interface{}) error { 94 conn := meta.(*AWSClient).apigateway 95 96 log.Printf("[INFO] Reading API Gateway Authorizer %s", d.Id()) 97 input := apigateway.GetAuthorizerInput{ 98 AuthorizerId: aws.String(d.Id()), 99 RestApiId: aws.String(d.Get("rest_api_id").(string)), 100 } 101 102 authorizer, err := conn.GetAuthorizer(&input) 103 if err != nil { 104 if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NotFoundException" { 105 log.Printf("[WARN] No API Gateway Authorizer found: %s", input) 106 d.SetId("") 107 return nil 108 } 109 return err 110 } 111 log.Printf("[DEBUG] Received API Gateway Authorizer: %s", authorizer) 112 113 d.Set("authorizer_credentials", authorizer.AuthorizerCredentials) 114 d.Set("authorizer_result_ttl_in_seconds", authorizer.AuthorizerResultTtlInSeconds) 115 d.Set("authorizer_uri", authorizer.AuthorizerUri) 116 d.Set("identity_source", authorizer.IdentitySource) 117 d.Set("identity_validation_expression", authorizer.IdentityValidationExpression) 118 d.Set("name", authorizer.Name) 119 d.Set("type", authorizer.Type) 120 121 return nil 122 } 123 124 func resourceAwsApiGatewayAuthorizerUpdate(d *schema.ResourceData, meta interface{}) error { 125 conn := meta.(*AWSClient).apigateway 126 127 input := apigateway.UpdateAuthorizerInput{ 128 AuthorizerId: aws.String(d.Id()), 129 RestApiId: aws.String(d.Get("rest_api_id").(string)), 130 } 131 132 operations := make([]*apigateway.PatchOperation, 0) 133 134 if d.HasChange("authorizer_uri") { 135 operations = append(operations, &apigateway.PatchOperation{ 136 Op: aws.String("replace"), 137 Path: aws.String("/authorizerUri"), 138 Value: aws.String(d.Get("authorizer_uri").(string)), 139 }) 140 } 141 if d.HasChange("identity_source") { 142 operations = append(operations, &apigateway.PatchOperation{ 143 Op: aws.String("replace"), 144 Path: aws.String("/identitySource"), 145 Value: aws.String(d.Get("identity_source").(string)), 146 }) 147 } 148 if d.HasChange("name") { 149 operations = append(operations, &apigateway.PatchOperation{ 150 Op: aws.String("replace"), 151 Path: aws.String("/name"), 152 Value: aws.String(d.Get("name").(string)), 153 }) 154 } 155 if d.HasChange("type") { 156 operations = append(operations, &apigateway.PatchOperation{ 157 Op: aws.String("replace"), 158 Path: aws.String("/type"), 159 Value: aws.String(d.Get("type").(string)), 160 }) 161 } 162 if d.HasChange("authorizer_credentials") { 163 operations = append(operations, &apigateway.PatchOperation{ 164 Op: aws.String("replace"), 165 Path: aws.String("/authorizerCredentials"), 166 Value: aws.String(d.Get("authorizer_credentials").(string)), 167 }) 168 } 169 if d.HasChange("authorizer_result_ttl_in_seconds") { 170 operations = append(operations, &apigateway.PatchOperation{ 171 Op: aws.String("replace"), 172 Path: aws.String("/authorizerResultTtlInSeconds"), 173 Value: aws.String(fmt.Sprintf("%d", d.Get("authorizer_result_ttl_in_seconds").(int))), 174 }) 175 } 176 if d.HasChange("identity_validation_expression") { 177 operations = append(operations, &apigateway.PatchOperation{ 178 Op: aws.String("replace"), 179 Path: aws.String("/identityValidationExpression"), 180 Value: aws.String(d.Get("identity_validation_expression").(string)), 181 }) 182 } 183 input.PatchOperations = operations 184 185 log.Printf("[INFO] Updating API Gateway Authorizer: %s", input) 186 _, err := conn.UpdateAuthorizer(&input) 187 if err != nil { 188 return fmt.Errorf("Updating API Gateway Authorizer failed: %s", err) 189 } 190 191 return resourceAwsApiGatewayAuthorizerRead(d, meta) 192 } 193 194 func resourceAwsApiGatewayAuthorizerDelete(d *schema.ResourceData, meta interface{}) error { 195 conn := meta.(*AWSClient).apigateway 196 input := apigateway.DeleteAuthorizerInput{ 197 AuthorizerId: aws.String(d.Id()), 198 RestApiId: aws.String(d.Get("rest_api_id").(string)), 199 } 200 log.Printf("[INFO] Deleting API Gateway Authorizer: %s", input) 201 _, err := conn.DeleteAuthorizer(&input) 202 if err != nil { 203 return fmt.Errorf("Deleting API Gateway Authorizer failed: %s", err) 204 } 205 206 return nil 207 }