Add aws_api_gateway_api_key resource

builtin/providers/aws/provider.go

@@ -115,6 +115,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_ami_copy":                         resourceAwsAmiCopy(),
 			"aws_ami_from_instance":                resourceAwsAmiFromInstance(),
 			"aws_api_gateway_rest_api":             resourceAwsApiGatewayRestApi(),
+			"aws_api_gateway_api_key":              resourceAwsApiGatewayApiKey(),
 			"aws_api_gateway_model":                resourceAwsApiGatewayModel(),
 			"aws_api_gateway_resource":             resourceAwsApiGatewayResource(),
 			"aws_api_gateway_method":               resourceAwsApiGatewayMethod(),

builtin/providers/aws/resource_aws_api_gateway_api_key.go

@@ -0,0 +1,166 @@
+package aws
+
+import (
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/aws/aws-sdk-go/service/apigateway"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/helper/schema"
+)
+
+func resourceAwsApiGatewayApiKey() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAwsApiGatewayApiKeyCreate,
+		Read:   resourceAwsApiGatewayApiKeyRead,
+		Update: resourceAwsApiGatewayApiKeyUpdate,
+		Delete: resourceAwsApiGatewayApiKeyDelete,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"description": &schema.Schema{
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"enabled": &schema.Schema{
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  true,
+			},
+
+			"stage_key": &schema.Schema{
+				Type:     schema.TypeSet,
+				Optional: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"rest_api_id": &schema.Schema{
+							Type:     schema.TypeString,
+							Required: true,
+						},
+
+						"stage_name": &schema.Schema{
+							Type:     schema.TypeString,
+							Required: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func resourceAwsApiGatewayApiKeyCreate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).apigateway
+	log.Printf("[DEBUG] Creating API Gateway API Key")
+
+	apiKey, err := conn.CreateApiKey(&apigateway.CreateApiKeyInput{
+		Name:        aws.String(d.Get("name").(string)),
+		Description: aws.String(d.Get("description").(string)),
+		Enabled:     aws.Bool(d.Get("enabled").(bool)),
+		StageKeys:   expandApiGatewayStageKeys(d),
+	})
+	if err != nil {
+		return fmt.Errorf("Error creating API Gateway: %s", err)
+	}
+
+	d.SetId(*apiKey.Id)
+
+	return resourceAwsApiGatewayApiKeyRead(d, meta)
+}
+
+func resourceAwsApiGatewayApiKeyRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).apigateway
+	log.Printf("[DEBUG] Reading API Gateway API Key: %s", d.Id())
+
+	apiKey, err := conn.GetApiKey(&apigateway.GetApiKeyInput{
+		ApiKey: aws.String(d.Id()),
+	})
+	if err != nil {
+		if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NotFoundException" {
+			d.SetId("")
+			return nil
+		}
+
+		return err
+	}
+
+	d.Set("name", apiKey.Name)
+	d.Set("description", apiKey.Description)
+	d.Set("enabled", apiKey.Enabled)
+
+	return nil
+}
+
+func resourceAwsApiGatewayApiKeyUpdateOperations(d *schema.ResourceData) []*apigateway.PatchOperation {
+	operations := make([]*apigateway.PatchOperation, 0)
+	if d.HasChange("enabled") {
+		isEnabled := "false"
+		if d.Get("enabled").(bool) {
+			isEnabled = "true"
+		}
+		operations = append(operations, &apigateway.PatchOperation{
+			Op:    aws.String("replace"),
+			Path:  aws.String("/enabled"),
+			Value: aws.String(isEnabled),
+		})
+	}
+
+	if d.HasChange("description") {
+		operations = append(operations, &apigateway.PatchOperation{
+			Op:    aws.String("replace"),
+			Path:  aws.String("/description"),
+			Value: aws.String(d.Get("description").(string)),
+		})
+	}
+
+	if d.HasChange("stage_key") {
+		operations = append(operations, expandApiGatewayStageKeyOperations(d)...)
+	}
+	return operations
+}
+
+func resourceAwsApiGatewayApiKeyUpdate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).apigateway
+
+	log.Printf("[DEBUG] Updating API Gateway API Key: %s", d.Id())
+
+	_, err := conn.UpdateApiKey(&apigateway.UpdateApiKeyInput{
+		ApiKey:          aws.String(d.Id()),
+		PatchOperations: resourceAwsApiGatewayApiKeyUpdateOperations(d),
+	})
+	if err != nil {
+		return err
+	}
+
+	return resourceAwsApiGatewayApiKeyRead(d, meta)
+}
+
+func resourceAwsApiGatewayApiKeyDelete(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).apigateway
+	log.Printf("[DEBUG] Deleting API Gateway API Key: %s", d.Id())
+
+	return resource.Retry(5*time.Minute, func() error {
+		_, err := conn.DeleteApiKey(&apigateway.DeleteApiKeyInput{
+			ApiKey: aws.String(d.Id()),
+		})
+
+		if err == nil {
+			return nil
+		}
+
+		if apigatewayErr, ok := err.(awserr.Error); ok && apigatewayErr.Code() == "NotFoundException" {
+			return nil
+		}
+
+		return resource.RetryError{Err: err}
+	})
+}

builtin/providers/aws/resource_aws_api_gateway_api_key_test.go

@@ -0,0 +1,176 @@
+package aws
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/aws/aws-sdk-go/service/apigateway"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSAPIGatewayApiKey_basic(t *testing.T) {
+	var conf apigateway.ApiKey
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSAPIGatewayApiKeyDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccAWSAPIGatewayApiKeyConfig,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSAPIGatewayApiKeyExists("aws_api_gateway_api_key.test", &conf),
+					testAccCheckAWSAPIGatewayApiKeyStageKeyAttribute(&conf),
+					resource.TestCheckResourceAttr(
+						"aws_api_gateway_api_key.test", "name", "foo"),
+					resource.TestCheckResourceAttr(
+						"aws_api_gateway_api_key.test", "description", "bar"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAWSAPIGatewayApiKeyStageKeyAttribute(conf *apigateway.ApiKey) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		if len(conf.StageKeys) != 1 {
+			return fmt.Errorf("Expected one apikey. Got %d", len(conf.StageKeys))
+		}
+		if !strings.Contains(*conf.StageKeys[0], "test") {
+			return fmt.Errorf("Expected apikey for test. Got %q", *conf.StageKeys[0])
+		}
+		return nil
+	}
+}
+
+func testAccCheckAWSAPIGatewayApiKeyExists(n string, res *apigateway.ApiKey) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("No API Gateway ApiKey ID is set")
+		}
+
+		conn := testAccProvider.Meta().(*AWSClient).apigateway
+
+		req := &apigateway.GetApiKeyInput{
+			ApiKey: aws.String(rs.Primary.ID),
+		}
+		describe, err := conn.GetApiKey(req)
+		if err != nil {
+			return err
+		}
+
+		if *describe.Id != rs.Primary.ID {
+			return fmt.Errorf("APIGateway ApiKey not found")
+		}
+
+		*res = *describe
+
+		return nil
+	}
+}
+
+func testAccCheckAWSAPIGatewayApiKeyDestroy(s *terraform.State) error {
+	conn := testAccProvider.Meta().(*AWSClient).apigateway
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_api_gateway_api_key" {
+			continue
+		}
+
+		describe, err := conn.GetApiKeys(&apigateway.GetApiKeysInput{})
+
+		if err == nil {
+			if len(describe.Items) != 0 &&
+				*describe.Items[0].Id == rs.Primary.ID {
+				return fmt.Errorf("API Gateway ApiKey still exists")
+			}
+		}
+
+		aws2err, ok := err.(awserr.Error)
+		if !ok {
+			return err
+		}
+		if aws2err.Code() != "NotFoundException" {
+			return err
+		}
+
+		return nil
+	}
+
+	return nil
+}
+
+const testAccAWSAPIGatewayApiKeyConfig = `
+resource "aws_api_gateway_rest_api" "test" {
+  name = "test"
+}
+
+resource "aws_api_gateway_resource" "test" {
+  rest_api_id = "${aws_api_gateway_rest_api.test.id}"
+  parent_id = "${aws_api_gateway_rest_api.test.root_resource_id}"
+  path_part = "test"
+}
+
+resource "aws_api_gateway_method" "test" {
+  rest_api_id = "${aws_api_gateway_rest_api.test.id}"
+  resource_id = "${aws_api_gateway_resource.test.id}"
+  http_method = "GET"
+  authorization = "NONE"
+}
+
+resource "aws_api_gateway_method_response" "error" {
+  rest_api_id = "${aws_api_gateway_rest_api.test.id}"
+  resource_id = "${aws_api_gateway_resource.test.id}"
+  http_method = "${aws_api_gateway_method.test.http_method}"
+  status_code = "400"
+}
+
+resource "aws_api_gateway_integration" "test" {
+  rest_api_id = "${aws_api_gateway_rest_api.test.id}"
+  resource_id = "${aws_api_gateway_resource.test.id}"
+  http_method = "${aws_api_gateway_method.test.http_method}"
+
+  type = "HTTP"
+  uri = "https://www.google.de"
+  integration_http_method = "GET"
+}
+
+resource "aws_api_gateway_integration_response" "test" {
+  rest_api_id = "${aws_api_gateway_rest_api.test.id}"
+  resource_id = "${aws_api_gateway_resource.test.id}"
+  http_method = "${aws_api_gateway_integration.test.http_method}"
+  status_code = "${aws_api_gateway_method_response.error.status_code}"
+}
+
+resource "aws_api_gateway_deployment" "test" {
+  depends_on = ["aws_api_gateway_integration.test"]
+
+  rest_api_id = "${aws_api_gateway_rest_api.test.id}"
+  stage_name = "test"
+  description = "This is a test"
+
+  variables = {
+    "a" = "2"
+  }
+}
+
+resource "aws_api_gateway_api_key" "test" {
+  name = "foo"
+  description = "bar"
+  enabled = true
+
+  stage_key {
+    rest_api_id = "${aws_api_gateway_rest_api.test.id}"
+    stage_name = "${aws_api_gateway_deployment.test.stage_name}"
+  }
+}
+`

website/source/docs/providers/aws/r/api_gateway_api_key.html.markdown

@@ -0,0 +1,47 @@
+---
+layout: "aws"
+page_title: "AWS: aws_api_gateway_api_key"
+sidebar_current: "docs-aws-resource-api-gateway-api-key"
+description: |-
+  Provides an API Gateway API Key.
+---
+
+# aws\_api\_gateway\_api\_key
+
+Provides an API Gateway API Key.
+
+## Example Usage
+
+```
+resource "aws_api_gateway_rest_api" "MyDemoAPI" {
+  name = "MyDemoAPI"
+  description = "This is my API for demonstration purposes"
+}
+
+resource "aws_api_gateway_api_key" "MyDemoApiKey" {
+  name = "demo"
+
+  stage_key {
+    rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
+    stage_name = "${aws_api_gateway_deployment.MyDemoDeployment.stage_name}"
+  }
+}
+
+resource "aws_api_gateway_deployment" "MyDemoDeployment" {
+  rest_api_id = "${aws_api_gateway_rest_api.MyDemoAPI.id}"
+  stage_name = "test"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) Name of the API Gateway
+* `description` - (Optional) The API Gateway description
+* `stage_key` - (Optional) applicable API Gateway stages
+
+Stage keys support the following:
+
+* `rest_api_id` - (Required) The ID of the associated APIGateway Rest API.
+* `stage_name` - (Required) The name of the APIGateway stage.

website/source/layouts/aws.erb

@@ -16,6 +16,9 @@
                         <li<%= sidebar_current("docs-aws-resource-api-gateway-rest-api") %>>
                             <a href="/docs/providers/aws/r/api_gateway_rest_api.html">aws_api_gateway_rest_api</a>
                         </li>
+                        <li<%= sidebar_current("docs-aws-resource-api-gateway-api-key") %>>
+                            <a href="/docs/providers/aws/r/api_gateway_api_key.html">aws_api_gateway_api_key</a>
+                        </li>
                         <li<%= sidebar_current("docs-aws-resource-api-gateway-model") %>>
                             <a href="/docs/providers/aws/r/api_gateway_model.html">aws_api_gateway_model</a>
                         </li>