diff --git a/resources/environments/data_source_aws_credential_prerequisites.go b/resources/environments/data_source_aws_credential_prerequisites.go index 41b83939..cfd03766 100644 --- a/resources/environments/data_source_aws_credential_prerequisites.go +++ b/resources/environments/data_source_aws_credential_prerequisites.go @@ -14,14 +14,14 @@ import ( "context" "fmt" + "github.com/hashicorp/terraform-plugin-framework/datasource" + "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/hashicorp/terraform-plugin-log/tflog" + "github.com/cloudera/terraform-provider-cdp/cdp-sdk-go/cdp" "github.com/cloudera/terraform-provider-cdp/cdp-sdk-go/gen/environments/client/operations" environmentsmodels "github.com/cloudera/terraform-provider-cdp/cdp-sdk-go/gen/environments/models" "github.com/cloudera/terraform-provider-cdp/utils" - "github.com/hashicorp/terraform-plugin-framework/datasource" - "github.com/hashicorp/terraform-plugin-framework/datasource/schema" - "github.com/hashicorp/terraform-plugin-framework/types" - "github.com/hashicorp/terraform-plugin-log/tflog" ) // Ensure the implementation satisfies the expected interfaces. @@ -37,13 +37,6 @@ type awsCredentialPrerequisitesDataSource struct { client *cdp.Client } -// awsCredentialPrerequisitesDataSourceModel maps the data source schema data. -type awsCredentialPrerequisitesDataSourceModel struct { - ID types.String `tfsdk:"id"` - AccountID types.String `tfsdk:"account_id"` - ExternalID types.String `tfsdk:"external_id"` -} - // Configure adds the provider configured client to the data source. func (d *awsCredentialPrerequisitesDataSource) Configure(_ context.Context, req datasource.ConfigureRequest, resp *datasource.ConfigureResponse) { d.client = utils.GetCdpClientForDataSource(req, resp) @@ -53,25 +46,6 @@ func (d *awsCredentialPrerequisitesDataSource) Metadata(_ context.Context, req d resp.TypeName = req.ProviderTypeName + "_environments_aws_credential_prerequisites" } -func (d *awsCredentialPrerequisitesDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, resp *datasource.SchemaResponse) { - resp.Schema = schema.Schema{ - MarkdownDescription: "This data source is used to get information required to set up a delegated access role in AWS that can be used to create a CDP credential.", - Attributes: map[string]schema.Attribute{ - "id": schema.StringAttribute{ - Computed: true, - }, - "account_id": schema.StringAttribute{ - MarkdownDescription: "The AWS account ID of the identity used by CDP when assuming a delegated access role associated with a CDP credential.", - Computed: true, - }, - "external_id": schema.StringAttribute{ - MarkdownDescription: "The external ID that will be used when assuming a delegated access role associated with a CDP credential.", - Computed: true, - }, - }, - } -} - // Read refreshes the Terraform state with the latest data. func (d *awsCredentialPrerequisitesDataSource) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) { var data awsCredentialPrerequisitesDataSourceModel @@ -111,6 +85,14 @@ func (d *awsCredentialPrerequisitesDataSource) Read(ctx context.Context, req dat data.AccountID = types.StringValue(prerequisites.AccountID) data.ExternalID = types.StringValue(*prerequisites.Aws.ExternalID) data.ID = types.StringValue(prerequisites.AccountID + ":" + *prerequisites.Aws.ExternalID) + data.Policy = types.StringPointerValue(prerequisites.Aws.PolicyJSON) + data.Policies = make([]*credentialGranularPolicyDataSourceModel, len(prerequisites.Aws.Policies)) + for i, policy := range prerequisites.Aws.Policies { + data.Policies[i] = &credentialGranularPolicyDataSourceModel{ + Service: types.StringPointerValue(policy.Service), + PolicyJson: types.StringPointerValue(policy.PolicyJSON), + } + } // Save data into Terraform state resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) diff --git a/resources/environments/model_aws_credential_prerequisites.go b/resources/environments/model_aws_credential_prerequisites.go new file mode 100644 index 00000000..d83cf734 --- /dev/null +++ b/resources/environments/model_aws_credential_prerequisites.go @@ -0,0 +1,26 @@ +// Copyright 2024 Cloudera. All Rights Reserved. +// +// This file is licensed under the Apache License Version 2.0 (the "License"). +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0. +// +// This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS +// OF ANY KIND, either express or implied. Refer to the License for the specific +// permissions and limitations governing your use of the file. + +package environments + +import "github.com/hashicorp/terraform-plugin-framework/types" + +type awsCredentialPrerequisitesDataSourceModel struct { + ID types.String `tfsdk:"id"` + AccountID types.String `tfsdk:"account_id"` + ExternalID types.String `tfsdk:"external_id"` + Policy types.String `tfsdk:"policy"` + Policies []*credentialGranularPolicyDataSourceModel `tfsdk:"policies"` +} + +type credentialGranularPolicyDataSourceModel struct { + Service types.String `tfsdk:"service"` + PolicyJson types.String `tfsdk:"policy_json"` +} diff --git a/resources/environments/schema_aws_credential_prerequisites.go b/resources/environments/schema_aws_credential_prerequisites.go new file mode 100644 index 00000000..3fc48bf7 --- /dev/null +++ b/resources/environments/schema_aws_credential_prerequisites.go @@ -0,0 +1,56 @@ +// Copyright 2024 Cloudera. All Rights Reserved. +// +// This file is licensed under the Apache License Version 2.0 (the "License"). +// You may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0. +// +// This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS +// OF ANY KIND, either express or implied. Refer to the License for the specific +// permissions and limitations governing your use of the file. + +package environments + +import ( + "context" + "github.com/hashicorp/terraform-plugin-framework/datasource" + "github.com/hashicorp/terraform-plugin-framework/datasource/schema" +) + +func (d *awsCredentialPrerequisitesDataSource) Schema(_ context.Context, _ datasource.SchemaRequest, resp *datasource.SchemaResponse) { + resp.Schema = schema.Schema{ + MarkdownDescription: "This data source is used to get information required to set up a delegated access role in AWS that can be used to create a CDP credential.", + Attributes: map[string]schema.Attribute{ + "id": schema.StringAttribute{ + Computed: true, + }, + "account_id": schema.StringAttribute{ + MarkdownDescription: "The AWS account ID of the identity used by CDP when assuming a delegated access role associated with a CDP credential.", + Computed: true, + }, + "external_id": schema.StringAttribute{ + MarkdownDescription: "The external ID that will be used when assuming a delegated access role associated with a CDP credential.", + Computed: true, + }, + "policy": schema.StringAttribute{ + MarkdownDescription: "The related policy json encoded in base64", + Computed: true, + }, + "policies": schema.SetNestedAttribute{ + Computed: true, + MarkdownDescription: "The fine-grained policies related to each service.", + NestedObject: schema.NestedAttributeObject{ + Attributes: map[string]schema.Attribute{ + "service": schema.StringAttribute{ + Computed: true, + MarkdownDescription: "The name of the service that requires the given policy for resource management.", + }, + "policy_json": schema.StringAttribute{ + Computed: true, + MarkdownDescription: "The policy JSON encoded in base64.", + }, + }, + }, + }, + }, + } +}