Skip to content

Commit

Permalink
Merge pull request #36771 from jtyrus/f-aws_cloudfront_origin_access_…
Browse files Browse the repository at this point in the history 
…control-origin-type-validation

Added lambda and mediapackagev2 options to aws_cloudfront_origin_access_control
  • Loading branch information
@ewbankkit
ewbankkit authored Apr 12, 2024
2 parents 52309b1 + 2ca32c2 commit 3e97c86
Show file tree
Hide file tree
Showing 3 changed files with 111 additions and 1 deletion.
3 changes: 3 additions & 0 deletions .changelog/34362.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_cloudfront_origin_access_control: Add `lambda` and `mediapackagev2` as valid values for `origin_access_control_origin_type`
```
107 changes: 107 additions & 0 deletions internal/service/cloudfront/origin_access_control_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -271,6 +271,102 @@ func testAccCheckOriginAccessControlExists(ctx context.Context, name string, ori
}
}

func TestAccCloudFrontOriginAccessControl_lambdaOriginType(t *testing.T) {
ctx := acctest.Context(t)
var originaccesscontrol cloudfront.OriginAccessControl
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_cloudfront_origin_access_control.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() {
acctest.PreCheck(ctx, t)
acctest.PreCheckPartitionHasService(t, cloudfront.EndpointsID)
testAccPreCheck(ctx, t)
},
ErrorCheck: acctest.ErrorCheck(t, names.CloudFrontServiceID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckOriginAccessControlDestroy(ctx),
Steps: []resource.TestStep{
{
Config: testAccOriginAccessControlConfig_originType(rName, "lambda"),
Check: resource.ComposeTestCheckFunc(
testAccCheckOriginAccessControlExists(ctx, resourceName, &originaccesscontrol),
resource.TestCheckResourceAttr(resourceName, "description", "Managed by Terraform"),
resource.TestCheckResourceAttrSet(resourceName, "etag"),
resource.TestCheckResourceAttrWith(resourceName, "id", func(value string) error {
if value == "" {
return fmt.Errorf("expected attribute to be set")
}

if id := aws.StringValue(originaccesscontrol.Id); value != id {
return fmt.Errorf("expected attribute to be equal to %s", id)
}

return nil
}),
resource.TestCheckResourceAttr(resourceName, "name", rName),
resource.TestCheckResourceAttr(resourceName, "origin_access_control_origin_type", "lambda"),
resource.TestCheckResourceAttr(resourceName, "signing_behavior", "always"),
resource.TestCheckResourceAttr(resourceName, "signing_protocol", "sigv4"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
},
},
})
}

func TestAccCloudFrontOriginAccessControl_mediaPackageV2Type(t *testing.T) {
ctx := acctest.Context(t)
var originaccesscontrol cloudfront.OriginAccessControl
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_cloudfront_origin_access_control.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() {
acctest.PreCheck(ctx, t)
acctest.PreCheckPartitionHasService(t, cloudfront.EndpointsID)
testAccPreCheck(ctx, t)
},
ErrorCheck: acctest.ErrorCheck(t, names.CloudFrontServiceID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckOriginAccessControlDestroy(ctx),
Steps: []resource.TestStep{
{
Config: testAccOriginAccessControlConfig_originType(rName, "mediapackagev2"),
Check: resource.ComposeTestCheckFunc(
testAccCheckOriginAccessControlExists(ctx, resourceName, &originaccesscontrol),
resource.TestCheckResourceAttr(resourceName, "description", "Managed by Terraform"),
resource.TestCheckResourceAttrSet(resourceName, "etag"),
resource.TestCheckResourceAttrWith(resourceName, "id", func(value string) error {
if value == "" {
return fmt.Errorf("expected attribute to be set")
}

if id := aws.StringValue(originaccesscontrol.Id); value != id {
return fmt.Errorf("expected attribute to be equal to %s", id)
}

return nil
}),
resource.TestCheckResourceAttr(resourceName, "name", rName),
resource.TestCheckResourceAttr(resourceName, "origin_access_control_origin_type", "mediapackagev2"),
resource.TestCheckResourceAttr(resourceName, "signing_behavior", "always"),
resource.TestCheckResourceAttr(resourceName, "signing_protocol", "sigv4"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
},
},
})
}

func testAccPreCheck(ctx context.Context, t *testing.T) {
conn := acctest.Provider.Meta().(*conns.AWSClient).CloudFrontConn(ctx)

Expand Down Expand Up @@ -330,3 +426,14 @@ resource "aws_cloudfront_origin_access_control" "test" {
}
`, rName, signingBehavior)
}

func testAccOriginAccessControlConfig_originType(rName, originType string) string {
return fmt.Sprintf(`
resource "aws_cloudfront_origin_access_control" "test" {
name = %[1]q
origin_access_control_origin_type = %[2]q
signing_behavior = "always"
signing_protocol = "sigv4"
}
`, rName, originType)
}
2 changes: 1 addition & 1 deletion website/docs/r/cloudfront_origin_access_control.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ The following arguments are required:

* `name` - (Required) A name that identifies the Origin Access Control.
* `description` - (Optional) The description of the Origin Access Control. Defaults to "Managed by Terraform" if omitted.
* `origin_access_control_origin_type` - (Required) The type of origin that this Origin Access Control is for. Valid values are `s3`, and `mediastore`.
* `origin_access_control_origin_type` - (Required) The type of origin that this Origin Access Control is for. Valid values are `lambda`, `mediapackagev2`, `mediastore`, and `s3`.
* `signing_behavior` - (Required) Specifies which requests CloudFront signs. Specify `always` for the most common use case. Allowed values: `always`, `never`, and `no-override`.
* `signing_protocol` - (Required) Determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4`.

Expand Down

0 comments on commit 3e97c86

Please sign in to comment.