From 01a782b73eb4b2179f120b60f61b9c9ddb4929a4 Mon Sep 17 00:00:00 2001
From: Michael Brewer <michael.brewer@gyft.com>
Date: Thu, 20 Jan 2022 14:21:47 -0800
Subject: [PATCH] fix(data-classes): All for underscore in resource name

When building a authorizer response we should allow for underscores in the resource
---
 .../api_gateway_authorizer_event.py           |  2 +-
 .../test_api_gateway_authorizer.py            | 21 +++++++++++++++++--
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/aws_lambda_powertools/utilities/data_classes/api_gateway_authorizer_event.py b/aws_lambda_powertools/utilities/data_classes/api_gateway_authorizer_event.py
index 327d37238aa..64d051e6234 100644
--- a/aws_lambda_powertools/utilities/data_classes/api_gateway_authorizer_event.py
+++ b/aws_lambda_powertools/utilities/data_classes/api_gateway_authorizer_event.py
@@ -356,7 +356,7 @@ class APIGatewayAuthorizerResponse:
     - https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-lambda-authorizer-output.html
     """
 
-    path_regex = r"^[/.a-zA-Z0-9-\*]+$"
+    path_regex = r"^[/.a-zA-Z0-9-_\*]+$"
     """The regular expression used to validate resource paths for the policy"""
 
     def __init__(
diff --git a/tests/functional/data_classes/test_api_gateway_authorizer.py b/tests/functional/data_classes/test_api_gateway_authorizer.py
index b7584ccc4a8..137efaaa419 100644
--- a/tests/functional/data_classes/test_api_gateway_authorizer.py
+++ b/tests/functional/data_classes/test_api_gateway_authorizer.py
@@ -24,14 +24,14 @@ def test_authorizer_response_no_statement(builder: APIGatewayAuthorizerResponse)
 
 def test_authorizer_response_invalid_verb(builder: APIGatewayAuthorizerResponse):
     with pytest.raises(ValueError, match="Invalid HTTP verb: 'INVALID'"):
-        # GIVEN a invalid http_method
+        # GIVEN an invalid http_method
         # WHEN calling deny_method
         builder.deny_route(http_method="INVALID", resource="foo")
 
 
 def test_authorizer_response_invalid_resource(builder: APIGatewayAuthorizerResponse):
     with pytest.raises(ValueError, match="Invalid resource path: \$."):  # noqa: W605
-        # GIVEN a invalid resource path "$"
+        # GIVEN an invalid resource path "$"
         # WHEN calling deny_method
         builder.deny_route(http_method=HttpVerb.GET.value, resource="$")
 
@@ -178,3 +178,20 @@ def test_deny_all():
         "Effect": "Deny",
         "Resource": ["*"],
     }
+
+
+def test_authorizer_response_allow_route_with_underscore(builder: APIGatewayAuthorizerResponse):
+    builder.allow_route(http_method="GET", resource="/has_underscore")
+    assert builder.asdict() == {
+        "principalId": "foo",
+        "policyDocument": {
+            "Version": "2012-10-17",
+            "Statement": [
+                {
+                    "Action": "execute-api:Invoke",
+                    "Effect": "Allow",
+                    "Resource": ["arn:aws:execute-api:us-west-1:123456789:fantom/dev/GET/has_underscore"],
+                }
+            ],
+        },
+    }