From e25c8ae6f302916d652b4b0aa924bad4c97ac522 Mon Sep 17 00:00:00 2001 From: Mohamed Elasmar <71043312+moelasmar@users.noreply.github.com> Date: Mon, 17 Jan 2022 15:29:18 -0800 Subject: [PATCH 1/2] use a default dict in case if a template contains an empty components property in the Open Api definition body instead of failing, as Components property is an optional property in the OpenApi definition. --- samtranslator/model/api/api_generator.py | 1 + .../input/api_with_none_components.yaml | 37 +++++ .../output/api_with_none_components.json | 123 ++++++++++++++++ .../aws-cn/api_with_none_components.json | 131 ++++++++++++++++++ .../aws-us-gov/api_with_none_components.json | 131 ++++++++++++++++++ tests/translator/test_translator.py | 1 + 6 files changed, 424 insertions(+) create mode 100644 tests/translator/input/api_with_none_components.yaml create mode 100644 tests/translator/output/api_with_none_components.json create mode 100644 tests/translator/output/aws-cn/api_with_none_components.json create mode 100644 tests/translator/output/aws-us-gov/api_with_none_components.json diff --git a/samtranslator/model/api/api_generator.py b/samtranslator/model/api/api_generator.py index c1a07fcdf..e73aa987f 100644 --- a/samtranslator/model/api/api_generator.py +++ b/samtranslator/model/api/api_generator.py @@ -999,6 +999,7 @@ def _openapi_postprocess(self, definition_body): ): if definition_body.get("securityDefinitions"): components = definition_body.get("components", Py27Dict()) + components = components if components else Py27Dict() components["securitySchemes"] = definition_body["securityDefinitions"] definition_body["components"] = components del definition_body["securityDefinitions"] diff --git a/tests/translator/input/api_with_none_components.yaml b/tests/translator/input/api_with_none_components.yaml new file mode 100644 index 000000000..7cad904f7 --- /dev/null +++ b/tests/translator/input/api_with_none_components.yaml @@ -0,0 +1,37 @@ +Resources: + GetHtmlFunction: + Type: AWS::Serverless::Function + Properties: + CodeUri: s3://sam-demo-bucket/member_portal.zip + Handler: index.handler + Runtime: nodejs12.x + ExplicitApi: + Type: AWS::Serverless::Api + Properties: + StageName: Prod + DefinitionBody: + info: + version: '1.0' + title: + Ref: AWS::StackName + securityDefinitions: # 1 Add security definition + CognitoAuthorizer: + type: "apiKey" + name: "Authorization" + in: "header" + x-amazon-apigateway-authtype: "cognito_user_pools" + x-amazon-apigateway-authorizer: + providerARNs: + - # userPool ARN + type: "cognito_user_pools" + paths: + "/{proxy+}": + x-amazon-apigateway-any-method: + x-amazon-apigateway-integration: + httpMethod: POST + type: aws_proxy + uri: + Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations + responses: { } + components: + openapi: '3.0.0' diff --git a/tests/translator/output/api_with_none_components.json b/tests/translator/output/api_with_none_components.json new file mode 100644 index 000000000..236ec8c47 --- /dev/null +++ b/tests/translator/output/api_with_none_components.json @@ -0,0 +1,123 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "Arn", + "GetHtmlFunctionRole" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment61b3921bb7" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApiDeployment61b3921bb7": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 61b3921bb7522c20a8e0de1d24c974267f3ec17b", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + } + } + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/output/aws-cn/api_with_none_components.json b/tests/translator/output/aws-cn/api_with_none_components.json new file mode 100644 index 000000000..5f7d1aa07 --- /dev/null +++ b/tests/translator/output/aws-cn/api_with_none_components.json @@ -0,0 +1,131 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "Arn", + "GetHtmlFunctionRole" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment61b3921bb7" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApiDeployment61b3921bb7": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 61b3921bb7522c20a8e0de1d24c974267f3ec17b", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + } + } + }, + "Parameters": { + "endpointConfigurationTypes": "REGIONAL" + }, + "EndpointConfiguration": { + "Types": [ + "REGIONAL" + ] + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/output/aws-us-gov/api_with_none_components.json b/tests/translator/output/aws-us-gov/api_with_none_components.json new file mode 100644 index 000000000..83fb7900c --- /dev/null +++ b/tests/translator/output/aws-us-gov/api_with_none_components.json @@ -0,0 +1,131 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "Arn", + "GetHtmlFunctionRole" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment61b3921bb7" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApiDeployment61b3921bb7": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 61b3921bb7522c20a8e0de1d24c974267f3ec17b", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + } + } + }, + "Parameters": { + "endpointConfigurationTypes": "REGIONAL" + }, + "EndpointConfiguration": { + "Types": [ + "REGIONAL" + ] + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/test_translator.py b/tests/translator/test_translator.py index 577ad266e..165b7b1a4 100644 --- a/tests/translator/test_translator.py +++ b/tests/translator/test_translator.py @@ -457,6 +457,7 @@ class TestTranslatorEndToEnd(AbstractTestTranslator): "function_with_auth_mechanism_for_self_managed_kafka", "function_with_vpc_permission_for_self_managed_kafka", "function_with_event_filtering", + "api_with_none_components", ], [ ("aws", "ap-southeast-1"), From ed5adfdd0b74ba2c01da7e6234ac53a2496f1a77 Mon Sep 17 00:00:00 2001 From: Mohamed Elasmar <71043312+moelasmar@users.noreply.github.com> Date: Mon, 17 Jan 2022 18:02:51 -0800 Subject: [PATCH 2/2] add some comments to the code, and more test cases --- samtranslator/model/api/api_generator.py | 3 + ...th_security_definition_and_components.yaml | 43 ++++++ ...security_definition_and_no_components.yaml | 36 +++++ ...urity_definition_and_none_components.yaml} | 0 ...th_security_definition_and_components.json | 133 +++++++++++++++++ ...security_definition_and_no_components.json | 123 +++++++++++++++ ...urity_definition_and_none_components.json} | 0 ...th_security_definition_and_components.json | 141 ++++++++++++++++++ ...security_definition_and_no_components.json | 131 ++++++++++++++++ ...urity_definition_and_none_components.json} | 0 ...th_security_definition_and_components.json | 141 ++++++++++++++++++ ...security_definition_and_no_components.json | 131 ++++++++++++++++ ...urity_definition_and_none_components.json} | 0 tests/translator/test_translator.py | 4 +- 14 files changed, 885 insertions(+), 1 deletion(-) create mode 100644 tests/translator/input/api_with_security_definition_and_components.yaml create mode 100644 tests/translator/input/api_with_security_definition_and_no_components.yaml rename tests/translator/input/{api_with_none_components.yaml => api_with_security_definition_and_none_components.yaml} (100%) create mode 100644 tests/translator/output/api_with_security_definition_and_components.json create mode 100644 tests/translator/output/api_with_security_definition_and_no_components.json rename tests/translator/output/{api_with_none_components.json => api_with_security_definition_and_none_components.json} (100%) create mode 100644 tests/translator/output/aws-cn/api_with_security_definition_and_components.json create mode 100644 tests/translator/output/aws-cn/api_with_security_definition_and_no_components.json rename tests/translator/output/aws-cn/{api_with_none_components.json => api_with_security_definition_and_none_components.json} (100%) create mode 100644 tests/translator/output/aws-us-gov/api_with_security_definition_and_components.json create mode 100644 tests/translator/output/aws-us-gov/api_with_security_definition_and_no_components.json rename tests/translator/output/aws-us-gov/{api_with_none_components.json => api_with_security_definition_and_none_components.json} (100%) diff --git a/samtranslator/model/api/api_generator.py b/samtranslator/model/api/api_generator.py index e73aa987f..47089a102 100644 --- a/samtranslator/model/api/api_generator.py +++ b/samtranslator/model/api/api_generator.py @@ -999,6 +999,9 @@ def _openapi_postprocess(self, definition_body): ): if definition_body.get("securityDefinitions"): components = definition_body.get("components", Py27Dict()) + # In the previous line, the default value `Py27Dict()` will be only returned only if `components` + # property is not in definition_body dict, but if it exist, and its value is None, so None will be + # returned and not the default value. That is why the below line is required. components = components if components else Py27Dict() components["securitySchemes"] = definition_body["securityDefinitions"] definition_body["components"] = components diff --git a/tests/translator/input/api_with_security_definition_and_components.yaml b/tests/translator/input/api_with_security_definition_and_components.yaml new file mode 100644 index 000000000..143b2bf0c --- /dev/null +++ b/tests/translator/input/api_with_security_definition_and_components.yaml @@ -0,0 +1,43 @@ +Resources: + GetHtmlFunction: + Type: AWS::Serverless::Function + Properties: + CodeUri: s3://sam-demo-bucket/member_portal.zip + Handler: index.handler + Runtime: nodejs12.x + ExplicitApi: + Type: AWS::Serverless::Api + Properties: + StageName: Prod + DefinitionBody: + info: + version: '1.0' + title: + Ref: AWS::StackName + securityDefinitions: # 1 Add security definition + CognitoAuthorizer: + type: "apiKey" + name: "Authorization" + in: "header" + x-amazon-apigateway-authtype: "cognito_user_pools" + x-amazon-apigateway-authorizer: + providerARNs: + - # userPool ARN + type: "cognito_user_pools" + paths: + "/{proxy+}": + x-amazon-apigateway-any-method: + x-amazon-apigateway-integration: + httpMethod: POST + type: aws_proxy + uri: + Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations + responses: { } + components: + schemas: + Error: + type: Object + properties: + message: + type: string + openapi: '3.0.0' diff --git a/tests/translator/input/api_with_security_definition_and_no_components.yaml b/tests/translator/input/api_with_security_definition_and_no_components.yaml new file mode 100644 index 000000000..4f3920614 --- /dev/null +++ b/tests/translator/input/api_with_security_definition_and_no_components.yaml @@ -0,0 +1,36 @@ +Resources: + GetHtmlFunction: + Type: AWS::Serverless::Function + Properties: + CodeUri: s3://sam-demo-bucket/member_portal.zip + Handler: index.handler + Runtime: nodejs12.x + ExplicitApi: + Type: AWS::Serverless::Api + Properties: + StageName: Prod + DefinitionBody: + info: + version: '1.0' + title: + Ref: AWS::StackName + securityDefinitions: # 1 Add security definition + CognitoAuthorizer: + type: "apiKey" + name: "Authorization" + in: "header" + x-amazon-apigateway-authtype: "cognito_user_pools" + x-amazon-apigateway-authorizer: + providerARNs: + - # userPool ARN + type: "cognito_user_pools" + paths: + "/{proxy+}": + x-amazon-apigateway-any-method: + x-amazon-apigateway-integration: + httpMethod: POST + type: aws_proxy + uri: + Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations + responses: { } + openapi: '3.0.0' diff --git a/tests/translator/input/api_with_none_components.yaml b/tests/translator/input/api_with_security_definition_and_none_components.yaml similarity index 100% rename from tests/translator/input/api_with_none_components.yaml rename to tests/translator/input/api_with_security_definition_and_none_components.yaml diff --git a/tests/translator/output/api_with_security_definition_and_components.json b/tests/translator/output/api_with_security_definition_and_components.json new file mode 100644 index 000000000..d6cf67085 --- /dev/null +++ b/tests/translator/output/api_with_security_definition_and_components.json @@ -0,0 +1,133 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "GetHtmlFunctionRole", + "Arn" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiDeployment195f5bf5d0": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 195f5bf5d07bf7af9c64f0649d2724425b106350", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment195f5bf5d0" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + }, + "schemas": { + "Error": { + "type": "Object", + "properties": { + "message": { + "type": "string" + } + } + } + } + } + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/output/api_with_security_definition_and_no_components.json b/tests/translator/output/api_with_security_definition_and_no_components.json new file mode 100644 index 000000000..69c13968b --- /dev/null +++ b/tests/translator/output/api_with_security_definition_and_no_components.json @@ -0,0 +1,123 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "GetHtmlFunctionRole", + "Arn" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment407993a935" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApiDeployment407993a935": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 407993a9358b76c8e74599b2c0b914409ee0da64", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + } + } + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/output/api_with_none_components.json b/tests/translator/output/api_with_security_definition_and_none_components.json similarity index 100% rename from tests/translator/output/api_with_none_components.json rename to tests/translator/output/api_with_security_definition_and_none_components.json diff --git a/tests/translator/output/aws-cn/api_with_security_definition_and_components.json b/tests/translator/output/aws-cn/api_with_security_definition_and_components.json new file mode 100644 index 000000000..b1f5e6e92 --- /dev/null +++ b/tests/translator/output/aws-cn/api_with_security_definition_and_components.json @@ -0,0 +1,141 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "GetHtmlFunctionRole", + "Arn" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiDeployment195f5bf5d0": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 195f5bf5d07bf7af9c64f0649d2724425b106350", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment195f5bf5d0" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + }, + "schemas": { + "Error": { + "type": "Object", + "properties": { + "message": { + "type": "string" + } + } + } + } + } + }, + "Parameters": { + "endpointConfigurationTypes": "REGIONAL" + }, + "EndpointConfiguration": { + "Types": [ + "REGIONAL" + ] + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/output/aws-cn/api_with_security_definition_and_no_components.json b/tests/translator/output/aws-cn/api_with_security_definition_and_no_components.json new file mode 100644 index 000000000..27bd3ad28 --- /dev/null +++ b/tests/translator/output/aws-cn/api_with_security_definition_and_no_components.json @@ -0,0 +1,131 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "GetHtmlFunctionRole", + "Arn" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment407993a935" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApiDeployment407993a935": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 407993a9358b76c8e74599b2c0b914409ee0da64", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + } + } + }, + "Parameters": { + "endpointConfigurationTypes": "REGIONAL" + }, + "EndpointConfiguration": { + "Types": [ + "REGIONAL" + ] + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/output/aws-cn/api_with_none_components.json b/tests/translator/output/aws-cn/api_with_security_definition_and_none_components.json similarity index 100% rename from tests/translator/output/aws-cn/api_with_none_components.json rename to tests/translator/output/aws-cn/api_with_security_definition_and_none_components.json diff --git a/tests/translator/output/aws-us-gov/api_with_security_definition_and_components.json b/tests/translator/output/aws-us-gov/api_with_security_definition_and_components.json new file mode 100644 index 000000000..665cedf94 --- /dev/null +++ b/tests/translator/output/aws-us-gov/api_with_security_definition_and_components.json @@ -0,0 +1,141 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "GetHtmlFunctionRole", + "Arn" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiDeployment195f5bf5d0": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 195f5bf5d07bf7af9c64f0649d2724425b106350", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment195f5bf5d0" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + }, + "schemas": { + "Error": { + "type": "Object", + "properties": { + "message": { + "type": "string" + } + } + } + } + } + }, + "Parameters": { + "endpointConfigurationTypes": "REGIONAL" + }, + "EndpointConfiguration": { + "Types": [ + "REGIONAL" + ] + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/output/aws-us-gov/api_with_security_definition_and_no_components.json b/tests/translator/output/aws-us-gov/api_with_security_definition_and_no_components.json new file mode 100644 index 000000000..fd188a2b3 --- /dev/null +++ b/tests/translator/output/aws-us-gov/api_with_security_definition_and_no_components.json @@ -0,0 +1,131 @@ +{ + "Resources": { + "GetHtmlFunction": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": "sam-demo-bucket", + "S3Key": "member_portal.zip" + }, + "Handler": "index.handler", + "Role": { + "Fn::GetAtt": [ + "GetHtmlFunctionRole", + "Arn" + ] + }, + "Runtime": "nodejs12.x", + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "GetHtmlFunctionRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "sts:AssumeRole" + ], + "Effect": "Allow", + "Principal": { + "Service": [ + "lambda.amazonaws.com" + ] + } + } + ] + }, + "ManagedPolicyArns": [ + "arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] + } + }, + "ExplicitApiProdStage": { + "Type": "AWS::ApiGateway::Stage", + "Properties": { + "DeploymentId": { + "Ref": "ExplicitApiDeployment407993a935" + }, + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Prod" + } + }, + "ExplicitApiDeployment407993a935": { + "Type": "AWS::ApiGateway::Deployment", + "Properties": { + "Description": "RestApi deployment id: 407993a9358b76c8e74599b2c0b914409ee0da64", + "RestApiId": { + "Ref": "ExplicitApi" + }, + "StageName": "Stage" + } + }, + "ExplicitApi": { + "Type": "AWS::ApiGateway::RestApi", + "Properties": { + "Body": { + "info": { + "version": "1.0", + "title": { + "Ref": "AWS::StackName" + } + }, + "paths": { + "/{proxy+}": { + "x-amazon-apigateway-any-method": { + "x-amazon-apigateway-integration": { + "httpMethod": "POST", + "type": "aws_proxy", + "uri": { + "Fn::Sub": "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GetHtmlFunction.Arn}/invocations" + } + }, + "responses": {} + } + } + }, + "openapi": "3.0.0", + "components": { + "securitySchemes": { + "CognitoAuthorizer": { + "x-amazon-apigateway-authtype": "cognito_user_pools", + "type": "apiKey", + "name": "Authorization", + "x-amazon-apigateway-authorizer": { + "providerARNs": [ + null + ], + "type": "cognito_user_pools" + }, + "in": "header" + } + } + } + }, + "Parameters": { + "endpointConfigurationTypes": "REGIONAL" + }, + "EndpointConfiguration": { + "Types": [ + "REGIONAL" + ] + } + } + } + } +} \ No newline at end of file diff --git a/tests/translator/output/aws-us-gov/api_with_none_components.json b/tests/translator/output/aws-us-gov/api_with_security_definition_and_none_components.json similarity index 100% rename from tests/translator/output/aws-us-gov/api_with_none_components.json rename to tests/translator/output/aws-us-gov/api_with_security_definition_and_none_components.json diff --git a/tests/translator/test_translator.py b/tests/translator/test_translator.py index 165b7b1a4..278c5793c 100644 --- a/tests/translator/test_translator.py +++ b/tests/translator/test_translator.py @@ -457,7 +457,9 @@ class TestTranslatorEndToEnd(AbstractTestTranslator): "function_with_auth_mechanism_for_self_managed_kafka", "function_with_vpc_permission_for_self_managed_kafka", "function_with_event_filtering", - "api_with_none_components", + "api_with_security_definition_and_components", + "api_with_security_definition_and_none_components", + "api_with_security_definition_and_no_components", ], [ ("aws", "ap-southeast-1"),