From 710bd2cf434db0f6f4b836610d87c2c3afb64837 Mon Sep 17 00:00:00 2001
From: FloRul <rumiel.florian@gmail.com>
Date: Tue, 20 Feb 2024 11:49:30 -0500
Subject: [PATCH] Add API Gateway authorizer and Cognito user pool ARN

---
 terraform/api_gateway.tf | 11 +++++++++++
 terraform/variables.tf   |  6 ++++++
 2 files changed, 17 insertions(+)

diff --git a/terraform/api_gateway.tf b/terraform/api_gateway.tf
index 40e609f..d0a557f 100644
--- a/terraform/api_gateway.tf
+++ b/terraform/api_gateway.tf
@@ -51,6 +51,17 @@ resource "aws_api_gateway_usage_plan_key" "this" {
   usage_plan_id = aws_api_gateway_usage_plan.this.id
 }
 
+## Auth and Authorizer
+resource "aws_api_gateway_authorizer" "this" {
+  name                   = "${var.api_name}-authorizer"
+  rest_api_id            = aws_api_gateway_rest_api.this.id
+  type = "COGNITO_USER_POOLS"
+  provider_arns = [var.cognito_user_pool_arn]
+}
+
+
+## Logging
+
 resource "aws_api_gateway_account" "this" {
   cloudwatch_role_arn = aws_iam_role.this.arn
 }
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 525d83c..a0968d7 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -46,3 +46,9 @@ variable "api_gateway_stage_name" {
   nullable    = false
   type        = string
 }
+
+variable "cognito_user_pool_arn" {
+  nullable = false
+  type     = string
+  default  = "arn:aws:cognito-idp:us-east-1:446872271111:userpool/us-east-1_N0uQPJkjd"
+}