def test_can_auto_resource_policy_with_cfn(sample_app):
swagger_gen = CFNSwaggerGenerator()
rest_api = RestAPI(
resource_name='dev',
swagger_doc={},
lambda_function=None,
minimum_compression="",
api_gateway_stage="xyz",
endpoint_type="PRIVATE",
policy=IAMPolicy({
'Statement': [{
"Effect": "Allow",
"Principal": "*",
"Action": "execute-api:Invoke",
"Resource": "arn:aws:execute-api:*:*:*/*",
"Condition": {
"StringEquals": {
"aws:SourceVpce": "vpce-abc123"
}
}
}]
})
)
doc = swagger_gen.generate_swagger(sample_app, rest_api)
assert doc['x-amazon-apigateway-policy'] == {
'Statement': [{
'Action': 'execute-api:Invoke',
'Condition': {'StringEquals': {
'aws:SourceVpce': 'vpce-abc123'}},
'Effect': 'Allow',
'Principal': '*',
'Resource': 'arn:aws:execute-api:*:*:*/*',
}]
}
def test_can_vpce(sample_app, swagger_gen):
rest_api = RestAPI(
resource_name='dev',
swagger_doc={},
lambda_function=None,
minimum_compression="",
api_gateway_stage="xyz",
endpoint_type="PRIVATE",
vpce_ids=["vpce-12346", "vpce-abc123"],
)
doc = swagger_gen.generate_swagger(sample_app, rest_api)
assert doc['x-amazon-apigateway-endpoint-configuration'] == {
"vpcEndpointIds": ["vpce-12346", "vpce-abc123"]
}