Merge pull request #34046 from danquack/34024

data source `cognito_user_group` + `cognito_user_groups`

.changelog/34046.txt

@@ -0,0 +1,6 @@
+```release-note:new-data-source
+cognito_user_group
+```
+```release-note:new-data-source
+cognito_user_groups
+```

internal/service/cognitoidp/user_group_data_source.go

@@ -0,0 +1,116 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package cognitoidp
+
+import (
+	"context"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/hashicorp/terraform-provider-aws/internal/create"
+	intflex "github.com/hashicorp/terraform-provider-aws/internal/flex"
+	"github.com/hashicorp/terraform-provider-aws/internal/framework"
+	"github.com/hashicorp/terraform-provider-aws/internal/framework/flex"
+	"github.com/hashicorp/terraform-provider-aws/names"
+)
+
+// @FrameworkDataSource(name="User Group")
+func newDataSourceDataSourceUserGroup(context.Context) (datasource.DataSourceWithConfigure, error) {
+	return &dataSourceDataSourceUserGroup{}, nil
+}
+
+const (
+	DSNameUserGroup = "User Group Data Source"
+)
+
+type dataSourceDataSourceUserGroup struct {
+	framework.DataSourceWithConfigure
+}
+
+func (d *dataSourceDataSourceUserGroup) Metadata(_ context.Context, request datasource.MetadataRequest, response *datasource.MetadataResponse) {
+	response.TypeName = "aws_cognito_user_group"
+}
+
+func (d *dataSourceDataSourceUserGroup) Schema(ctx context.Context, request datasource.SchemaRequest, response *datasource.SchemaResponse) {
+	response.Schema = schema.Schema{
+		Attributes: map[string]schema.Attribute{
+			"description": schema.StringAttribute{
+				Computed: true,
+			},
+			"id": framework.IDAttribute(),
+			"name": schema.StringAttribute{
+				Required: true,
+			},
+			"precedence": schema.Int64Attribute{
+				Computed: true,
+			},
+			"role_arn": schema.StringAttribute{
+				Computed: true,
+			},
+			"user_pool_id": schema.StringAttribute{
+				Required: true,
+			},
+		},
+	}
+}
+
+func (d *dataSourceDataSourceUserGroup) Read(ctx context.Context, request datasource.ReadRequest, response *datasource.ReadResponse) {
+	var data dataSourceDataSourceUserGroupData
+
+	response.Diagnostics.Append(request.Config.Get(ctx, &data)...)
+	if response.Diagnostics.HasError() {
+		return
+	}
+
+	parts := []string{
+		data.Name.ValueString(),
+		data.UserPoolID.ValueString(),
+	}
+	partCount := 2
+	id, err := intflex.FlattenResourceId(parts, partCount, false)
+	if err != nil {
+		response.Diagnostics.AddError(
+			create.ProblemStandardMessage(names.CognitoIDP, create.ErrActionFlatteningResourceId, DSNameUserGroup, data.Name.String(), err),
+			err.Error(),
+		)
+		return
+	}
+	data.ID = types.StringValue(id)
+
+	params := &cognitoidentityprovider.GetGroupInput{
+		GroupName:  data.Name.ValueStringPointer(),
+		UserPoolId: data.UserPoolID.ValueStringPointer(),
+	}
+	// 🌱 For the person who migrates to sdkv2:
+	// this should work by just updating the client, and removing the WithContext method.
+	conn := d.Meta().CognitoIDPConn(ctx)
+	resp, err := conn.GetGroupWithContext(ctx, params)
+	if err != nil {
+		response.Diagnostics.AddError(
+			create.ProblemStandardMessage(names.CognitoIDP, create.ErrActionReading, DSNameUserGroup, data.ID.String(), err),
+			err.Error(),
+		)
+		return
+	}
+
+	response.Diagnostics.Append(flex.Flatten(ctx, resp.Group, &data)...)
+	if response.Diagnostics.HasError() {
+		return
+	}
+	data.Name = types.StringValue(aws.StringValue(resp.Group.GroupName))
+
+	response.Diagnostics.Append(response.State.Set(ctx, &data)...)
+}
+
+type dataSourceDataSourceUserGroupData struct {
+	Description types.String `tfsdk:"description"`
+	ID          types.String `tfsdk:"id"`
+	Name        types.String `tfsdk:"name"`
+	Precedence  types.Int64  `tfsdk:"precedence"`
+	RoleARN     types.String `tfsdk:"role_arn"`
+	UserPoolID  types.String `tfsdk:"user_pool_id"`
+}

internal/service/cognitoidp/user_group_data_source_test.go

@@ -0,0 +1,57 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package cognitoidp_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
+	sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+)
+
+func TestAccCognitoIDPUserGroupDataSource_basic(t *testing.T) {
+	ctx := acctest.Context(t)
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+	dataSourceName := "data.aws_cognito_user_group.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acctest.PreCheck(ctx, t)
+			testAccPreCheckIdentityProvider(ctx, t)
+		},
+		ErrorCheck:               acctest.ErrorCheck(t, cognitoidentityprovider.ServiceID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckUserGroupDestroy(ctx),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccUserGroupDataSourceConfig_basic(rName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(dataSourceName, "description", "test"),
+				),
+			},
+		},
+	})
+}
+
+func testAccUserGroupDataSourceConfig_basic(rName string) string {
+	return fmt.Sprintf(`
+resource "aws_cognito_user_pool" "test" {
+  name = %[1]q
+}
+
+resource "aws_cognito_user_group" "test" {
+  name         = %[1]q
+  user_pool_id = aws_cognito_user_pool.test.id
+  description  = "test"
+}
+
+data "aws_cognito_user_group" "test" {
+  name         = aws_cognito_user_group.test.name
+  user_pool_id = aws_cognito_user_group.test.user_pool_id
+}
+`, rName)
+}

internal/service/cognitoidp/user_groups_data_source.go

@@ -0,0 +1,112 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package cognitoidp
+
+import (
+	"context"
+
+	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/hashicorp/terraform-provider-aws/internal/create"
+	"github.com/hashicorp/terraform-provider-aws/internal/framework"
+	"github.com/hashicorp/terraform-provider-aws/internal/framework/flex"
+	fwtypes "github.com/hashicorp/terraform-provider-aws/internal/framework/types"
+	"github.com/hashicorp/terraform-provider-aws/names"
+)
+
+// @FrameworkDataSource(name="User Groups")
+func newDataSourceDataSourceUserGroups(context.Context) (datasource.DataSourceWithConfigure, error) {
+	return &dataSourceDataSourceUserGroups{}, nil
+}
+
+const (
+	DSNameUserGroups = "User Groups Data Source"
+)
+
+type dataSourceDataSourceUserGroups struct {
+	framework.DataSourceWithConfigure
+}
+
+func (d *dataSourceDataSourceUserGroups) Metadata(_ context.Context, request datasource.MetadataRequest, response *datasource.MetadataResponse) {
+	response.TypeName = "aws_cognito_user_groups"
+}
+
+// Schema returns the schema for this data source.
+func (d *dataSourceDataSourceUserGroups) Schema(ctx context.Context, request datasource.SchemaRequest, response *datasource.SchemaResponse) {
+	response.Schema = schema.Schema{
+		Attributes: map[string]schema.Attribute{
+			"id": framework.IDAttribute(),
+			"user_pool_id": schema.StringAttribute{
+				Required: true,
+			},
+		},
+		Blocks: map[string]schema.Block{
+			"groups": schema.ListNestedBlock{
+				CustomType: fwtypes.NewListNestedObjectTypeOf[dataSourceDataSourceUserGroupsGroups](ctx),
+				NestedObject: schema.NestedBlockObject{
+					Attributes: map[string]schema.Attribute{
+						"description": schema.StringAttribute{
+							Computed: true,
+						},
+						"group_name": schema.StringAttribute{
+							Computed: true,
+						},
+						"precedence": schema.Int64Attribute{
+							Computed: true,
+						},
+						"role_arn": schema.StringAttribute{
+							Computed: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func (d *dataSourceDataSourceUserGroups) Read(ctx context.Context, request datasource.ReadRequest, response *datasource.ReadResponse) {
+	// 🌱 For the person who migrates to sdkv2:
+	// this should work by just updating the client, and removing the WithContext method.
+	conn := d.Meta().CognitoIDPConn(ctx)
+
+	var data dataSourceDataSourceUserGroupsData
+	response.Diagnostics.Append(request.Config.Get(ctx, &data)...)
+	if response.Diagnostics.HasError() {
+		return
+	}
+	data.ID = types.StringValue(data.UserPoolID.ValueString())
+
+	resp, err := conn.ListGroupsWithContext(ctx, &cognitoidentityprovider.ListGroupsInput{
+		UserPoolId: data.UserPoolID.ValueStringPointer(),
+	})
+	if err != nil {
+		response.Diagnostics.AddError(
+			create.ProblemStandardMessage(names.CognitoIDP, create.ErrActionReading, DSNameUserGroups, data.ID.String(), err),
+			err.Error(),
+		)
+		return
+	}
+
+	response.Diagnostics.Append(flex.Flatten(ctx, resp.Groups, &data.Groups)...)
+	if response.Diagnostics.HasError() {
+		return
+	}
+
+	response.Diagnostics.Append(response.State.Set(ctx, &data)...)
+}
+
+type dataSourceDataSourceUserGroupsData struct {
+	Groups     fwtypes.ListNestedObjectValueOf[dataSourceDataSourceUserGroupsGroups] `tfsdk:"groups"`
+	ID         types.String                                                          `tfsdk:"id"`
+	UserPoolID types.String                                                          `tfsdk:"user_pool_id"`
+}
+
+type dataSourceDataSourceUserGroupsGroups struct {
+	Description types.String `tfsdk:"description"`
+	GroupName   types.String `tfsdk:"group_name"`
+	Precedence  types.Int64  `tfsdk:"precedence"`
+	RoleArn     types.String `tfsdk:"role_arn"`
+}

internal/service/cognitoidp/user_groups_data_source_test.go

@@ -0,0 +1,61 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package cognitoidp_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
+	sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+)
+
+func TestAccCognitoIDPUserGroupsDataSource_basic(t *testing.T) {
+	ctx := acctest.Context(t)
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+	dataSourceName := "data.aws_cognito_user_groups.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acctest.PreCheck(ctx, t)
+			testAccPreCheckIdentityProvider(ctx, t)
+		},
+		ErrorCheck:               acctest.ErrorCheck(t, cognitoidentityprovider.ServiceID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckUserGroupDestroy(ctx),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccUserGroupsDataSourceConfig_basic(rName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(dataSourceName, "groups.#", "2"),
+				),
+			},
+		},
+	})
+}
+
+func testAccUserGroupsDataSourceConfig_basic(rName string) string {
+	return fmt.Sprintf(`
+resource "aws_cognito_user_pool" "test" {
+  name = %q
+}
+
+resource "aws_cognito_user_group" "test_1" {
+  name         = "%s-1"
+  user_pool_id = aws_cognito_user_pool.test.id
+  description  = "test 1"
+}
+resource "aws_cognito_user_group" "test_2" {
+  name         = "%s-2"
+  user_pool_id = aws_cognito_user_pool.test.id
+  description  = "test 2"
+}
+
+data "aws_cognito_user_groups" "test" {
+  user_pool_id = aws_cognito_user_group.test_1.user_pool_id
+}
+`, rName, rName, rName)
+}