From fc1bc5b244b6ad0f710071b899e3140b6aa2ea92 Mon Sep 17 00:00:00 2001
From: Kit Ewbank <Kit_Ewbank@hotmail.com>
Date: Tue, 22 Sep 2020 16:07:03 -0400
Subject: [PATCH] r/aws_apigatewayv2_authorizer: Distinguish between missing
 and zero values for cache TTL.

Acceptance test output:

$ make testacc TEST=./aws/ TESTARGS='-run=TestAccAWSAPIGatewayV2Authorizer_' ACCTEST_PARALLELISM=2
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 2 -run=TestAccAWSAPIGatewayV2Authorizer_ -timeout 120m
=== RUN   TestAccAWSAPIGatewayV2Authorizer_basic
=== PAUSE TestAccAWSAPIGatewayV2Authorizer_basic
=== RUN   TestAccAWSAPIGatewayV2Authorizer_disappears
=== PAUSE TestAccAWSAPIGatewayV2Authorizer_disappears
=== RUN   TestAccAWSAPIGatewayV2Authorizer_Credentials
=== PAUSE TestAccAWSAPIGatewayV2Authorizer_Credentials
=== RUN   TestAccAWSAPIGatewayV2Authorizer_JWT
=== PAUSE TestAccAWSAPIGatewayV2Authorizer_JWT
=== RUN   TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialMissingCacheTTL
=== PAUSE TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialMissingCacheTTL
=== RUN   TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialZeroCacheTTL
=== PAUSE TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialZeroCacheTTL
=== CONT  TestAccAWSAPIGatewayV2Authorizer_basic
=== CONT  TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialMissingCacheTTL
--- PASS: TestAccAWSAPIGatewayV2Authorizer_basic (39.77s)
=== CONT  TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialZeroCacheTTL
--- PASS: TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialMissingCacheTTL (88.17s)
=== CONT  TestAccAWSAPIGatewayV2Authorizer_Credentials
--- PASS: TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialZeroCacheTTL (73.00s)
=== CONT  TestAccAWSAPIGatewayV2Authorizer_JWT
--- PASS: TestAccAWSAPIGatewayV2Authorizer_Credentials (86.61s)
=== CONT  TestAccAWSAPIGatewayV2Authorizer_disappears
--- PASS: TestAccAWSAPIGatewayV2Authorizer_JWT (90.80s)
=== CONT  TestAccAWSAPIGatewayV2Authorizer_disappears
    resource_aws_apigatewayv2_authorizer_test.go:58: [INFO] Got non-empty plan, as expected
--- PASS: TestAccAWSAPIGatewayV2Authorizer_disappears (37.71s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	212.532s
---
 aws/resource_aws_apigatewayv2_authorizer.go   |  2 +-
 ...source_aws_apigatewayv2_authorizer_test.go | 58 ++++++++++++++++++-
 2 files changed, 58 insertions(+), 2 deletions(-)

diff --git a/aws/resource_aws_apigatewayv2_authorizer.go b/aws/resource_aws_apigatewayv2_authorizer.go
index cc258fb97571..8fa64f8e410b 100644
--- a/aws/resource_aws_apigatewayv2_authorizer.go
+++ b/aws/resource_aws_apigatewayv2_authorizer.go
@@ -117,7 +117,7 @@ func resourceAwsApiGatewayV2AuthorizerCreate(d *schema.ResourceData, meta interf
 	if v, ok := d.GetOk("authorizer_payload_format_version"); ok {
 		req.AuthorizerPayloadFormatVersion = aws.String(v.(string))
 	}
-	if v, ok := d.GetOk("authorizer_result_ttl_in_seconds"); ok {
+	if v, ok := d.GetOkExists("authorizer_result_ttl_in_seconds"); ok {
 		req.AuthorizerResultTtlInSeconds = aws.Int64(int64(v.(int)))
 	} else if protocolType == apigatewayv2.ProtocolTypeHttp && authorizerType == apigatewayv2.AuthorizerTypeRequest {
 		// Default in the AWS Console is 300 seconds.
diff --git a/aws/resource_aws_apigatewayv2_authorizer_test.go b/aws/resource_aws_apigatewayv2_authorizer_test.go
index cd56daa2d7ca..b934a72c2da2 100644
--- a/aws/resource_aws_apigatewayv2_authorizer_test.go
+++ b/aws/resource_aws_apigatewayv2_authorizer_test.go
@@ -201,7 +201,7 @@ func TestAccAWSAPIGatewayV2Authorizer_JWT(t *testing.T) {
 	})
 }
 
-func TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer(t *testing.T) {
+func TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialMissingCacheTTL(t *testing.T) {
 	var apiId string
 	var v apigatewayv2.GetAuthorizerOutput
 	resourceName := "aws_apigatewayv2_authorizer.test"
@@ -273,6 +273,62 @@ func TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer(t *testing.
 	})
 }
 
+func TestAccAWSAPIGatewayV2Authorizer_HttpApiLambdaRequestAuthorizer_InitialZeroCacheTTL(t *testing.T) {
+	var apiId string
+	var v apigatewayv2.GetAuthorizerOutput
+	resourceName := "aws_apigatewayv2_authorizer.test"
+	lambdaResourceName := "aws_lambda_function.test"
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSAPIGatewayV2AuthorizerDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSAPIGatewayV2AuthorizerConfig_httpApiLambdaRequestAuthorizerUpdated(rName, 0),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSAPIGatewayV2AuthorizerExists(resourceName, &apiId, &v),
+					resource.TestCheckResourceAttr(resourceName, "authorizer_credentials_arn", ""),
+					resource.TestCheckResourceAttr(resourceName, "authorizer_payload_format_version", "1.0"),
+					resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", "0"),
+					resource.TestCheckResourceAttr(resourceName, "authorizer_type", "REQUEST"),
+					resource.TestCheckResourceAttrPair(resourceName, "authorizer_uri", lambdaResourceName, "invoke_arn"),
+					resource.TestCheckResourceAttr(resourceName, "enable_simple_responses", "false"),
+					resource.TestCheckResourceAttr(resourceName, "identity_sources.#", "2"),
+					tfawsresource.TestCheckTypeSetElemAttr(resourceName, "identity_sources.*", "$request.querystring.User"),
+					tfawsresource.TestCheckTypeSetElemAttr(resourceName, "identity_sources.*", "$context.routeKey"),
+					resource.TestCheckResourceAttr(resourceName, "jwt_configuration.#", "0"),
+					resource.TestCheckResourceAttr(resourceName, "name", rName),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportStateIdFunc: testAccAWSAPIGatewayV2AuthorizerImportStateIdFunc(resourceName),
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+			{
+				Config: testAccAWSAPIGatewayV2AuthorizerConfig_httpApiLambdaRequestAuthorizerUpdated(rName, 600),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSAPIGatewayV2AuthorizerExists(resourceName, &apiId, &v),
+					resource.TestCheckResourceAttr(resourceName, "authorizer_credentials_arn", ""),
+					resource.TestCheckResourceAttr(resourceName, "authorizer_payload_format_version", "1.0"),
+					resource.TestCheckResourceAttr(resourceName, "authorizer_result_ttl_in_seconds", "600"),
+					resource.TestCheckResourceAttr(resourceName, "authorizer_type", "REQUEST"),
+					resource.TestCheckResourceAttrPair(resourceName, "authorizer_uri", lambdaResourceName, "invoke_arn"),
+					resource.TestCheckResourceAttr(resourceName, "enable_simple_responses", "false"),
+					resource.TestCheckResourceAttr(resourceName, "identity_sources.#", "2"),
+					tfawsresource.TestCheckTypeSetElemAttr(resourceName, "identity_sources.*", "$request.querystring.User"),
+					tfawsresource.TestCheckTypeSetElemAttr(resourceName, "identity_sources.*", "$context.routeKey"),
+					resource.TestCheckResourceAttr(resourceName, "jwt_configuration.#", "0"),
+					resource.TestCheckResourceAttr(resourceName, "name", rName),
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckAWSAPIGatewayV2AuthorizerDestroy(s *terraform.State) error {
 	conn := testAccProvider.Meta().(*AWSClient).apigatewayv2conn