Merge pull request #12643 from DrFaust92/r/api_gateway_authorizer_zer…

…o_ttl r/api_gateway_authorizer - fix to allow zero value for `authorizer_result_ttl_in_seconds`
hashicorp · Jul 27, 2020 · 6f24322 · 6f24322
2 parents 172839d + 4751175
commit 6f24322
Show file tree

Hide file tree

Showing 2 changed files with 160 additions and 150 deletions.
diff --git a/aws/resource_aws_api_gateway_authorizer.go b/aws/resource_aws_api_gateway_authorizer.go
@@ -64,8 +64,9 @@ func resourceAwsApiGatewayAuthorizer() *schema.Resource {
 				}, false),
 			},
 			"authorizer_credentials": {
-				Type:     schema.TypeString,
-				Optional: true,
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateArn,
 			},
 			"authorizer_result_ttl_in_seconds": {
 				Type:         schema.TypeInt,
@@ -93,10 +94,11 @@ func resourceAwsApiGatewayAuthorizerCreate(d *schema.ResourceData, meta interfac
 	conn := meta.(*AWSClient).apigatewayconn
 
 	input := apigateway.CreateAuthorizerInput{
-		IdentitySource: aws.String(d.Get("identity_source").(string)),
-		Name:           aws.String(d.Get("name").(string)),
-		RestApiId:      aws.String(d.Get("rest_api_id").(string)),
-		Type:           aws.String(d.Get("type").(string)),
+		IdentitySource:               aws.String(d.Get("identity_source").(string)),
+		Name:                         aws.String(d.Get("name").(string)),
+		RestApiId:                    aws.String(d.Get("rest_api_id").(string)),
+		Type:                         aws.String(d.Get("type").(string)),
+		AuthorizerResultTtlInSeconds: aws.Int64(int64(d.Get("authorizer_result_ttl_in_seconds").(int))),
 	}
 
 	if err := validateAuthorizerType(d); err != nil {
@@ -108,23 +110,21 @@ func resourceAwsApiGatewayAuthorizerCreate(d *schema.ResourceData, meta interfac
 	if v, ok := d.GetOk("authorizer_credentials"); ok {
 		input.AuthorizerCredentials = aws.String(v.(string))
 	}
-	if v, ok := d.GetOk("authorizer_result_ttl_in_seconds"); ok {
-		input.AuthorizerResultTtlInSeconds = aws.Int64(int64(v.(int)))
-	}
+
 	if v, ok := d.GetOk("identity_validation_expression"); ok {
 		input.IdentityValidationExpression = aws.String(v.(string))
 	}
 	if v, ok := d.GetOk("provider_arns"); ok {
-		input.ProviderARNs = expandStringList(v.(*schema.Set).List())
+		input.ProviderARNs = expandStringSet(v.(*schema.Set))
 	}
 
 	log.Printf("[INFO] Creating API Gateway Authorizer: %s", input)
 	out, err := conn.CreateAuthorizer(&input)
 	if err != nil {
-		return fmt.Errorf("Error creating API Gateway Authorizer: %s", err)
+		return fmt.Errorf("error creating API Gateway Authorizer: %w", err)
 	}
 
-	d.SetId(*out.Id)
+	d.SetId(aws.StringValue(out.Id))
 
 	return resourceAwsApiGatewayAuthorizerRead(d, meta)
 }
@@ -162,7 +162,7 @@ func resourceAwsApiGatewayAuthorizerRead(d *schema.ResourceData, meta interface{
 	d.Set("identity_validation_expression", authorizer.IdentityValidationExpression)
 	d.Set("name", authorizer.Name)
 	d.Set("type", authorizer.Type)
-	d.Set("provider_arns", flattenStringList(authorizer.ProviderARNs))
+	d.Set("provider_arns", flattenStringSet(authorizer.ProviderARNs))
 
 	return nil
 }
@@ -254,7 +254,7 @@ func resourceAwsApiGatewayAuthorizerUpdate(d *schema.ResourceData, meta interfac
 	log.Printf("[INFO] Updating API Gateway Authorizer: %s", input)
 	_, err := conn.UpdateAuthorizer(&input)
 	if err != nil {
-		return fmt.Errorf("Updating API Gateway Authorizer failed: %s", err)
+		return fmt.Errorf("updating API Gateway Authorizer failed: %w", err)
 	}
 
 	return resourceAwsApiGatewayAuthorizerRead(d, meta)
@@ -272,7 +272,7 @@ func resourceAwsApiGatewayAuthorizerDelete(d *schema.ResourceData, meta interfac
 		// XXX: Figure out a way to delete the method that depends on the authorizer first
 		// otherwise the authorizer will be dangling until the API is deleted
 		if !strings.Contains(err.Error(), apigateway.ErrCodeConflictException) {
-			return fmt.Errorf("Deleting API Gateway Authorizer failed: %s", err)
+			return fmt.Errorf("deleting API Gateway Authorizer failed: %w", err)
 		}
 	}
 
@@ -303,7 +303,7 @@ func validateAuthorizerType(d *schema.ResourceData) error {
 	}
 	// provider_arns is required for authorizer COGNITO_USER_POOLS.
 	if authType == apigateway.AuthorizerTypeCognitoUserPools {
-		if v, ok := d.GetOk("provider_arns"); !ok || len(v.(*schema.Set).List()) == 0 {
+		if v, ok := d.GetOk("provider_arns"); !ok || v.(*schema.Set).Len() == 0 {
 			return fmt.Errorf("provider_arns must be set non-empty when authorizer type is %s", authType)
 		}
 	}