Skip to content

Commit f2964e3

Browse files
authored
fix: add AWS_IAM as a valid authorizer type for gateway commands (aws#820)
1 parent e64e8e2 commit f2964e3

4 files changed

Lines changed: 15 additions & 4 deletions

File tree

docs/commands.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -276,7 +276,7 @@ agentcore add gateway \
276276
| `--name <name>` | Gateway name |
277277
| `--description <desc>` | Gateway description |
278278
| `--runtimes <names>` | Comma-separated runtime names to expose through this gateway |
279-
| `--authorizer-type <type>` | `NONE` (default) or `CUSTOM_JWT` |
279+
| `--authorizer-type <type>` | `NONE` (default), `AWS_IAM`, or `CUSTOM_JWT` |
280280
| `--discovery-url <url>` | OIDC discovery URL (required for CUSTOM_JWT) |
281281
| `--allowed-audience <values>` | Comma-separated allowed audiences (required for CUSTOM_JWT) |
282282
| `--allowed-clients <values>` | Comma-separated allowed client IDs (required for CUSTOM_JWT) |

src/cli/commands/add/__tests__/validate.test.ts

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,11 @@ const validGatewayOptionsNone: AddGatewayOptions = {
5555
authorizerType: 'NONE',
5656
};
5757

58+
const validGatewayOptionsIam: AddGatewayOptions = {
59+
name: 'test-gateway',
60+
authorizerType: 'AWS_IAM',
61+
};
62+
5863
const validGatewayOptionsJwt: AddGatewayOptions = {
5964
name: 'test-gateway',
6065
authorizerType: 'CUSTOM_JWT',
@@ -343,6 +348,7 @@ describe('validate', () => {
343348
// AC14: Valid options pass
344349
it('passes for valid options', () => {
345350
expect(validateAddGatewayOptions(validGatewayOptionsNone)).toEqual({ valid: true });
351+
expect(validateAddGatewayOptions(validGatewayOptionsIam)).toEqual({ valid: true });
346352
expect(validateAddGatewayOptions(validGatewayOptionsJwt)).toEqual({ valid: true });
347353
});
348354

src/cli/commands/add/validate.ts

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ import { ConfigIO, findConfigRoot } from '../../../lib';
22
import {
33
AgentNameSchema,
44
BuildTypeSchema,
5+
GatewayAuthorizerTypeSchema,
56
GatewayExceptionLevelSchema,
67
GatewayNameSchema,
78
ModelProviderSchema,
@@ -305,8 +306,12 @@ export function validateAddGatewayOptions(options: AddGatewayOptions): Validatio
305306
return { valid: false, error: nameResult.error.issues[0]?.message ?? 'Invalid gateway name' };
306307
}
307308

308-
if (options.authorizerType && !['NONE', 'CUSTOM_JWT'].includes(options.authorizerType)) {
309-
return { valid: false, error: 'Invalid authorizer type. Use NONE or CUSTOM_JWT' };
309+
if (options.authorizerType) {
310+
const result = GatewayAuthorizerTypeSchema.safeParse(options.authorizerType);
311+
if (!result.success) {
312+
const valid = GatewayAuthorizerTypeSchema.options.join(', ');
313+
return { valid: false, error: `Invalid authorizer type. Use ${valid}` };
314+
}
310315
}
311316

312317
if (options.authorizerType === 'CUSTOM_JWT') {

src/cli/primitives/GatewayPrimitive.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -162,7 +162,7 @@ export class GatewayPrimitive extends BasePrimitive<AddGatewayOptions, Removable
162162
.option('--name <name>', 'Gateway name [non-interactive]')
163163
.option('--description <desc>', 'Gateway description [non-interactive]')
164164
.option('--runtimes <runtimes>', 'Comma-separated runtime names to expose through this gateway [non-interactive]')
165-
.option('--authorizer-type <type>', 'Authorizer type: NONE or CUSTOM_JWT [non-interactive]')
165+
.option('--authorizer-type <type>', 'Authorizer type: NONE, AWS_IAM, or CUSTOM_JWT [non-interactive]')
166166
.option('--discovery-url <url>', 'OIDC discovery URL (for CUSTOM_JWT) [non-interactive]')
167167
.option('--allowed-audience <audience>', 'Comma-separated allowed audiences (for CUSTOM_JWT) [non-interactive]')
168168
.option('--allowed-clients <clients>', 'Comma-separated allowed client IDs (for CUSTOM_JWT) [non-interactive]')

0 commit comments

Comments
 (0)