From 3848777314d895c76ecaa2636e681f61632d7179 Mon Sep 17 00:00:00 2001 From: Joshua Luo Date: Thu, 29 Jun 2023 19:51:14 -0500 Subject: [PATCH 1/3] Add aws_opensearchserverless_security_config data source --- .changelog/32321.txt | 3 + .../security_config_data_source.go | 121 ++++++++++++++++++ .../security_config_data_source_test.go | 65 ++++++++++ .../service_package_gen.go | 4 + ...chserverless_security_config.html.markdown | 47 +++++++ 5 files changed, 240 insertions(+) create mode 100644 .changelog/32321.txt create mode 100644 internal/service/opensearchserverless/security_config_data_source.go create mode 100644 internal/service/opensearchserverless/security_config_data_source_test.go create mode 100644 website/docs/d/opensearchserverless_security_config.html.markdown diff --git a/.changelog/32321.txt b/.changelog/32321.txt new file mode 100644 index 000000000000..e0c671137998 --- /dev/null +++ b/.changelog/32321.txt @@ -0,0 +1,3 @@ +```release-note:new-data-source +aws_opensearchserverless_security_config +``` \ No newline at end of file diff --git a/internal/service/opensearchserverless/security_config_data_source.go b/internal/service/opensearchserverless/security_config_data_source.go new file mode 100644 index 000000000000..559b5643c1c1 --- /dev/null +++ b/internal/service/opensearchserverless/security_config_data_source.go @@ -0,0 +1,121 @@ +package opensearchserverless + +import ( + "context" + "time" + + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/hashicorp/terraform-plugin-framework/datasource" + "github.com/hashicorp/terraform-plugin-framework/datasource/schema" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-provider-aws/internal/create" + "github.com/hashicorp/terraform-provider-aws/internal/framework" + "github.com/hashicorp/terraform-provider-aws/internal/framework/flex" + "github.com/hashicorp/terraform-provider-aws/names" +) + +// @FrameworkDataSource(name="Security Config") +func newDataSourceSecurityConfig(context.Context) (datasource.DataSourceWithConfigure, error) { + return &dataSourceSecurityConfig{}, nil +} + +const ( + DSNameSecurityConfig = "Security Config Data Source" +) + +type dataSourceSecurityConfig struct { + framework.DataSourceWithConfigure +} + +func (d *dataSourceSecurityConfig) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) { // nosemgrep:ci.meta-in-func-name + resp.TypeName = "aws_opensearchserverless_security_config" +} + +func (d *dataSourceSecurityConfig) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) { + resp.Schema = schema.Schema{ + Attributes: map[string]schema.Attribute{ + "config_version": schema.StringAttribute{ + Computed: true, + }, + "created_date": schema.StringAttribute{ + Computed: true, + }, + "description": schema.StringAttribute{ + Computed: true, + }, + "id": schema.StringAttribute{ + Required: true, + }, + "last_modified_date": schema.StringAttribute{ + Computed: true, + }, + "type": schema.StringAttribute{ + Computed: true, + }, + }, + Blocks: map[string]schema.Block{ + "saml_options": schema.SingleNestedBlock{ + Attributes: map[string]schema.Attribute{ + "group_attribute": schema.StringAttribute{ + Computed: true, + }, + "metadata": schema.StringAttribute{ + Computed: true, + }, + "session_timeout": schema.Int64Attribute{ + Computed: true, + }, + "user_attribute": schema.StringAttribute{ + Computed: true, + }, + }, + }, + }, + } +} + +func (d *dataSourceSecurityConfig) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) { + conn := d.Meta().OpenSearchServerlessClient(ctx) + + var data dataSourceSecurityConfigData + resp.Diagnostics.Append(req.Config.Get(ctx, &data)...) + if resp.Diagnostics.HasError() { + return + } + + out, err := FindSecurityConfigByID(ctx, conn, data.ID.ValueString()) + if err != nil { + resp.Diagnostics.AddError( + create.ProblemStandardMessage(names.OpenSearchServerless, create.ErrActionReading, DSNameSecurityConfig, data.ID.String(), err), + err.Error(), + ) + return + } + + createdDate := time.UnixMilli(aws.ToInt64(out.CreatedDate)) + data.CreatedDate = flex.StringValueToFramework(ctx, createdDate.Format(time.RFC3339)) + + data.ConfigVersion = flex.StringToFramework(ctx, out.ConfigVersion) + data.Description = flex.StringToFramework(ctx, out.Description) + data.ID = flex.StringToFramework(ctx, out.Id) + + lastModifiedDate := time.UnixMilli(aws.ToInt64(out.LastModifiedDate)) + data.LastModifiedDate = flex.StringValueToFramework(ctx, lastModifiedDate.Format(time.RFC3339)) + + data.Type = flex.StringValueToFramework(ctx, out.Type) + + samlOptions := flattenSAMLOptions(ctx, out.SamlOptions) + data.SamlOptions = samlOptions + + resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) +} + +type dataSourceSecurityConfigData struct { + ConfigVersion types.String `tfsdk:"config_version"` + CreatedDate types.String `tfsdk:"created_date"` + Description types.String `tfsdk:"description"` + ID types.String `tfsdk:"id"` + LastModifiedDate types.String `tfsdk:"last_modified_date"` + SamlOptions types.Object `tfsdk:"saml_options"` + Type types.String `tfsdk:"type"` +} diff --git a/internal/service/opensearchserverless/security_config_data_source_test.go b/internal/service/opensearchserverless/security_config_data_source_test.go new file mode 100644 index 000000000000..0d48c7cf9a95 --- /dev/null +++ b/internal/service/opensearchserverless/security_config_data_source_test.go @@ -0,0 +1,65 @@ +package opensearchserverless_test + +import ( + "fmt" + "testing" + + "github.com/aws/aws-sdk-go-v2/service/opensearchserverless/types" + sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-provider-aws/internal/acctest" + "github.com/hashicorp/terraform-provider-aws/names" +) + +func TestAccOpenSearchServerlessSecurityConfigDataSource_basic(t *testing.T) { + ctx := acctest.Context(t) + + var securityconfig types.SecurityConfigDetail + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + resourceName := "aws_opensearchserverless_security_config.test" + dataSourceName := "data.aws_opensearchserverless_security_config.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { + acctest.PreCheck(ctx, t) + acctest.PreCheckPartitionHasService(t, names.OpenSearchServerlessEndpointID) + testAccPreCheck(ctx, t) + }, + ErrorCheck: acctest.ErrorCheck(t, names.OpenSearchServerlessEndpointID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckSecurityConfigDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccSecurityConfigDataSourceConfig_basic(rName, "description", "test-fixtures/idp-metadata.xml"), + Check: resource.ComposeTestCheckFunc( + testAccCheckSecurityConfigExists(ctx, dataSourceName, &securityconfig), + resource.TestCheckResourceAttrSet(dataSourceName, "created_date"), + resource.TestCheckResourceAttrPair(dataSourceName, "config_version", resourceName, "config_version"), + resource.TestCheckResourceAttrPair(dataSourceName, "description", resourceName, "description"), + resource.TestCheckResourceAttrSet(dataSourceName, "last_modified_date"), + resource.TestCheckResourceAttrPair(dataSourceName, "type", resourceName, "type"), + resource.TestCheckResourceAttrPair(dataSourceName, "saml_options.metadata", resourceName, "saml_options.metadata"), + resource.TestCheckResourceAttrPair(dataSourceName, "saml_options.session_timeout", resourceName, "saml_options.session_timeout"), + ), + }, + }, + }) +} + +func testAccSecurityConfigDataSourceConfig_basic(rName string, description string, samlOptions string) string { + return fmt.Sprintf(` +resource "aws_opensearchserverless_security_config" "test" { + name = %[1]q + description = %[2]q + type = "saml" + + saml_options { + metadata = file("%[2]s") + } +} + +data "aws_opensearchserverless_security_config" "test" { + id = aws_opensearchserverless_security_config.test.id +} +`, rName, samlOptions) +} diff --git a/internal/service/opensearchserverless/service_package_gen.go b/internal/service/opensearchserverless/service_package_gen.go index 70f13be6e45c..032ee90d030a 100644 --- a/internal/service/opensearchserverless/service_package_gen.go +++ b/internal/service/opensearchserverless/service_package_gen.go @@ -24,6 +24,10 @@ func (p *servicePackage) FrameworkDataSources(ctx context.Context) []*types.Serv Factory: newDataSourceCollection, Name: "Collection", }, + { + Factory: newDataSourceSecurityConfig, + Name: "Security Config", + }, } } diff --git a/website/docs/d/opensearchserverless_security_config.html.markdown b/website/docs/d/opensearchserverless_security_config.html.markdown new file mode 100644 index 000000000000..9d5fb1b5e897 --- /dev/null +++ b/website/docs/d/opensearchserverless_security_config.html.markdown @@ -0,0 +1,47 @@ +--- +subcategory: "OpenSearch Serverless" +layout: "aws" +page_title: "AWS: aws_opensearchserverless_security_config" +description: |- + Terraform data source for managing an AWS OpenSearch Serverless Security Config. +--- + +# Data Source: aws_opensearchserverless_security_config + +Terraform data source for managing an AWS OpenSearch Serverless Security Config. + +## Example Usage + +### Basic Usage + +```terraform +data "aws_opensearchserverless_security_config" "example" { + id = saml/12345678912/example +} +``` + +## Argument Reference + +The following arguments are required: + +* `id` - (Required) The unique identifier of the security configuration. + +## Attributes Reference + +In addition to all arguments above, the following attributes are exported: + +* `config_version` - The version of the security configuration. +* `created_date` - The date the configuration was created. +* `description` - The description of the security configuration. +* `last_modified_date` - The date the configuration was last modified. +* `saml_options` - SAML options for the security configuration. +* `type` - The type of security configuration. + +### saml_options + +SAML options for the security configuration. + +* `group_attribute` - Group attribute for this SAML integration. +* `metadata` - The XML IdP metadata file generated from your identity provider. +* `session_timeout` - Session timeout, in minutes. Minimum is 5 minutes and maximum is 720 minutes (12 hours). Default is 60 minutes. +* `user_attribute` - User attribute for this SAML integration. From f04ee3c6367cc4bb14ab3dd59b07cf012c1de541 Mon Sep 17 00:00:00 2001 From: Adrian Johnson Date: Fri, 30 Jun 2023 14:10:48 -0500 Subject: [PATCH 2/3] terrafmt docs --- .../docs/d/opensearchserverless_security_config.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/d/opensearchserverless_security_config.html.markdown b/website/docs/d/opensearchserverless_security_config.html.markdown index 9d5fb1b5e897..d078b3dc41ec 100644 --- a/website/docs/d/opensearchserverless_security_config.html.markdown +++ b/website/docs/d/opensearchserverless_security_config.html.markdown @@ -16,7 +16,7 @@ Terraform data source for managing an AWS OpenSearch Serverless Security Config. ```terraform data "aws_opensearchserverless_security_config" "example" { - id = saml/12345678912/example + id = "saml/12345678912/example" } ``` From 86984276334016bcfab07162bf14bae9c9d645ff Mon Sep 17 00:00:00 2001 From: Adrian Johnson Date: Fri, 30 Jun 2023 14:28:30 -0500 Subject: [PATCH 3/3] aws_opensearchserverless_security_policy: use description in test --- .../security_config_data_source_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/service/opensearchserverless/security_config_data_source_test.go b/internal/service/opensearchserverless/security_config_data_source_test.go index 0d48c7cf9a95..08cd93dcca17 100644 --- a/internal/service/opensearchserverless/security_config_data_source_test.go +++ b/internal/service/opensearchserverless/security_config_data_source_test.go @@ -46,7 +46,7 @@ func TestAccOpenSearchServerlessSecurityConfigDataSource_basic(t *testing.T) { }) } -func testAccSecurityConfigDataSourceConfig_basic(rName string, description string, samlOptions string) string { +func testAccSecurityConfigDataSourceConfig_basic(rName, description, samlOptions string) string { return fmt.Sprintf(` resource "aws_opensearchserverless_security_config" "test" { name = %[1]q @@ -54,12 +54,12 @@ resource "aws_opensearchserverless_security_config" "test" { type = "saml" saml_options { - metadata = file("%[2]s") + metadata = file("%[3]s") } } data "aws_opensearchserverless_security_config" "test" { id = aws_opensearchserverless_security_config.test.id } -`, rName, samlOptions) +`, rName, description, samlOptions) }