resource/aws_cloudwatch_event_permission: Support DescribeEventBridge…

… API returning account ID or root account ARN (#16319) Reference: #16318 Changes: ``` * resource/aws_cloudwatch_event_permission: Prevent `arn: invalid prefix` error during read due to API changes ``` Output from acceptance testing in AWS Commercial: ``` --- PASS: TestAccAWSCloudWatchEventPermission_Action (13.37s) --- PASS: TestAccAWSCloudWatchEventPermission_EventBusName (14.15s) --- PASS: TestAccAWSCloudWatchEventPermission_Multiple (19.11s) --- PASS: TestAccAWSCloudWatchEventPermission_Condition (20.19s) --- PASS: TestAccAWSCloudWatchEventPermission_basic (27.21s) --- PASS: TestAccAWSCloudWatchEventPermission_Disappears (128.53s) ``` Output from acceptance testing in AWS GovCloud (US): ``` --- PASS: TestAccAWSCloudWatchEventPermission_EventBusName (18.98s) --- PASS: TestAccAWSCloudWatchEventPermission_Action (19.05s) --- PASS: TestAccAWSCloudWatchEventPermission_Multiple (26.89s) --- PASS: TestAccAWSCloudWatchEventPermission_Condition (27.32s) --- PASS: TestAccAWSCloudWatchEventPermission_basic (37.01s) --- PASS: TestAccAWSCloudWatchEventPermission_Disappears (131.57s) ```
hashicorp · Nov 24, 2020 · 1ade3b4 · 1ade3b4
1 parent 2975c11
commit 1ade3b4
Showing 1 changed file with 17 additions and 9 deletions.
diff --git a/aws/resource_aws_cloudwatch_event_permission.go b/aws/resource_aws_cloudwatch_event_permission.go
@@ -162,17 +162,25 @@ func resourceAwsCloudWatchEventPermissionRead(d *schema.ResourceData, meta inter
 		return fmt.Errorf("error setting condition: %w", err)
 	}
 
-	principalString, ok := policyStatement.Principal.(string)
-	if ok && (principalString == "*") {
-		d.Set("principal", "*")
-	} else {
-		principalMap := policyStatement.Principal.(map[string]interface{})
-		policyARN, err := arn.Parse(principalMap["AWS"].(string))
-		if err != nil {
-			return fmt.Errorf("error reading CloudWatch Events permission (%s): %w", d.Id(), err)
+	switch principal := policyStatement.Principal.(type) {
+	case string:
+		d.Set("principal", principal)
+	case map[string]interface{}:
+		if v, ok := principal["AWS"].(string); ok {
+			if arn.IsARN(v) {
+				principalARN, err := arn.Parse(v)
+
+				if err != nil {
+					return fmt.Errorf("error parsing CloudWatch Events Permission (%s) principal as ARN (%s): %w", d.Id(), v, err)
+				}
+
+				d.Set("principal", principalARN.AccountID)
+			} else {
+				d.Set("principal", v)
+			}
 		}
-		d.Set("principal", policyARN.AccountID)
 	}
+
 	d.Set("statement_id", policyStatement.Sid)
 
 	return nil