Skip to content

Support authorization_scopes and request_models on routes #56

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Support authorization_scopes and request_models on routes #56

wants to merge 1 commit into from

Conversation

okdana
Copy link

@okdana okdana commented Sep 22, 2021

Description

Set authorization_scopes and request_models on the created route resource when specified in integrations.

Motivation and Context

I'm experimenting with converting a toy SAM template to Terraform using this module, and found that i couldn't proceed because the module doesn't handle authorization_scopes.

Both this attribute and request_models are commented out in the source because the previous dev didn't know what their structure was. Per the provider source, authorization_scopes is a set(string) and request_models is a map(string).

I'm not sure it really matters, though, since integrations is a map(any) — if i understand correctly, that requires you to use jsonencode() or similar on non-scalar values. That's how some of the integration resource's attributes are currently handled, anyway.

I think the try() method being used here would allow integrations to be changed to a fully typed map(object(...)) whilst retaining backwards compatibility, but i haven't tried making that change myself. (I'm not familiar enough with Terraform or this project to know if it's even desirable.)

Breaking Changes

This shouldn't affect backwards compatibility.

How Has This Been Tested?

  • I have tested and validated these changes using one or more of the provided examples/* projects

I tested this by sourcing my branch of the repo as a local module, adding an integration like the following, and deploying to AWS.

integrations = {
  "GET /hello" = {
    lambda_arn             = module.hello_world_function.lambda_function_arn
    payload_format_version = "2.0"
    authorization_type     = "JWT"
    authorizer_id          = aws_apigatewayv2_authorizer.my_authorizer.id
    authorization_scopes   = jsonencode(["my_scope"])
  }
}

This resulted in the route being associated with the authoriser and having the correct authorisation scopes specified.

If there's further testing i should do, please let me know how; i'm still pretty new to both Terraform and AWS.

@antonbabenko
Copy link
Member

jsonencode() is a hack that can be used when dealing with errors like all elements should be of the same type but I don't think it is necessary here.

Also, there is #54 which implements the support for authorization_scopes and request_models on routes as well as other features - https://github.com/terraform-aws-modules/terraform-aws-apigateway-v2/pull/54/files#diff-dc46acf24afd63ef8c556b77c126ccc6e578bc87e3aa09a931f33d9bf2532fbbR130

I think we can safely close this one and wait for @bryantbiggs to finish #54.

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@okdana @antonbabenko