Skip to content

Commit

Permalink
Merge pull request #32454 from kband/b-mq-replication-user-fix
Browse files Browse the repository at this point in the history 
B MQ replication user fix
  • Loading branch information
@johnsonaj
johnsonaj authored Jul 11, 2023
2 parents 56593c8 + 7c107f3 commit a113ad2
Show file tree
Hide file tree
Showing 4 changed files with 73 additions and 46 deletions.
3 changes: 3 additions & 0 deletions .changelog/32454.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_mq_broker: default `replication_user` to `false`
```
38 changes: 26 additions & 12 deletions internal/service/mq/broker.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -329,6 +329,11 @@ func ResourceBroker() *schema.Resource {
Sensitive: true,
ValidateFunc: ValidBrokerPassword,
},
"replication_user": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"username": {
Type: schema.TypeString,
Required: true,
Expand Down Expand Up @@ -806,22 +811,24 @@ func DiffBrokerUsers(bId string, oldUsers, newUsers []interface{}) (

if !reflect.DeepEqual(existingUserMap, newUserMap) {
ur = append(ur, &mq.UpdateUserRequest{
BrokerId: aws.String(bId),
ConsoleAccess: aws.Bool(newUserMap["console_access"].(bool)),
Groups: flex.ExpandStringList(ng),
Password: aws.String(newUserMap["password"].(string)),
Username: aws.String(username),
BrokerId: aws.String(bId),
ConsoleAccess: aws.Bool(newUserMap["console_access"].(bool)),
Groups: flex.ExpandStringList(ng),
ReplicationUser: aws.Bool(newUserMap["replication_user"].(bool)),
Password: aws.String(newUserMap["password"].(string)),
Username: aws.String(username),
})
}

// Delete after processing, so we know what's left for deletion
delete(existingUsers, username)
} else {
cur := &mq.CreateUserRequest{
BrokerId: aws.String(bId),
ConsoleAccess: aws.Bool(newUserMap["console_access"].(bool)),
Password: aws.String(newUserMap["password"].(string)),
Username: aws.String(username),
BrokerId: aws.String(bId),
ConsoleAccess: aws.Bool(newUserMap["console_access"].(bool)),
Password: aws.String(newUserMap["password"].(string)),
ReplicationUser: aws.Bool(newUserMap["replication_user"].(bool)),
Username: aws.String(username),
}
if len(ng) > 0 {
cur.Groups = flex.ExpandStringList(ng)
Expand Down Expand Up @@ -907,6 +914,9 @@ func expandUsers(cfg []interface{}) []*mq.User {
if v, ok := u["console_access"]; ok {
user.ConsoleAccess = aws.Bool(v.(bool))
}
if v, ok := u["replication_user"]; ok {
user.ReplicationUser = aws.Bool(v.(bool))
}
if v, ok := u["groups"]; ok {
user.Groups = flex.ExpandStringSet(v.(*schema.Set))
}
Expand All @@ -933,9 +943,10 @@ func expandUsersForBroker(ctx context.Context, conn *mq.MQ, brokerId string, inp
}

user := &mq.User{
ConsoleAccess: uOut.ConsoleAccess,
Groups: uOut.Groups,
Username: uOut.Username,
ConsoleAccess: uOut.ConsoleAccess,
Groups: uOut.Groups,
ReplicationUser: uOut.ReplicationUser,
Username: uOut.Username,
}

rawUsers = append(rawUsers, user)
Expand Down Expand Up @@ -968,6 +979,9 @@ func flattenUsers(users []*mq.User, cfgUsers []interface{}) *schema.Set {
if u.ConsoleAccess != nil {
m["console_access"] = aws.BoolValue(u.ConsoleAccess)
}
if u.ReplicationUser != nil {
m["replication_user"] = aws.BoolValue(u.ReplicationUser)
}
if len(u.Groups) > 0 {
m["groups"] = flex.FlattenStringSet(u.Groups)
}
Expand Down
77 changes: 43 additions & 34 deletions internal/service/mq/broker_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,19 +120,21 @@ func TestDiffUsers(t *testing.T) {
OldUsers: []interface{}{},
NewUsers: []interface{}{
map[string]interface{}{
"console_access": false,
"username": "second",
"password": "TestTest2222",
"groups": schema.NewSet(schema.HashString, []interface{}{"admin"}),
"console_access": false,
"username": "second",
"password": "TestTest2222",
"groups": schema.NewSet(schema.HashString, []interface{}{"admin"}),
"replication_user": false,
},
},
Creations: []*mq.CreateUserRequest{
{
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
Groups: aws.StringSlice([]string{"admin"}),
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
Groups: aws.StringSlice([]string{"admin"}),
ReplicationUser: aws.Bool(false),
},
},
Deletions: []*mq.DeleteUserInput{},
Expand All @@ -141,24 +143,27 @@ func TestDiffUsers(t *testing.T) {
{
OldUsers: []interface{}{
map[string]interface{}{
"console_access": true,
"username": "first",
"password": "TestTest1111",
"console_access": true,
"username": "first",
"password": "TestTest1111",
"replication_user": false,
},
},
NewUsers: []interface{}{
map[string]interface{}{
"console_access": false,
"username": "second",
"password": "TestTest2222",
"console_access": false,
"username": "second",
"password": "TestTest2222",
"replication_user": false,
},
},
Creations: []*mq.CreateUserRequest{
{
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
ReplicationUser: aws.Bool(false),
},
},
Deletions: []*mq.DeleteUserInput{
Expand All @@ -169,22 +174,25 @@ func TestDiffUsers(t *testing.T) {
{
OldUsers: []interface{}{
map[string]interface{}{
"console_access": true,
"username": "first",
"password": "TestTest1111updated",
"console_access": true,
"username": "first",
"password": "TestTest1111updated",
"replication_user": false,
},
map[string]interface{}{
"console_access": false,
"username": "second",
"password": "TestTest2222",
"console_access": false,
"username": "second",
"password": "TestTest2222",
"replication_user": false,
},
},
NewUsers: []interface{}{
map[string]interface{}{
"console_access": false,
"username": "second",
"password": "TestTest2222",
"groups": schema.NewSet(schema.HashString, []interface{}{"admin"}),
"console_access": false,
"username": "second",
"password": "TestTest2222",
"groups": schema.NewSet(schema.HashString, []interface{}{"admin"}),
"replication_user": false,
},
},
Creations: []*mq.CreateUserRequest{},
Expand All @@ -193,11 +201,12 @@ func TestDiffUsers(t *testing.T) {
},
Updates: []*mq.UpdateUserRequest{
{
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
Groups: aws.StringSlice([]string{"admin"}),
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
Groups: aws.StringSlice([]string{"admin"}),
ReplicationUser: aws.Bool(false),
},
},
},
Expand Down
1 change: 1 addition & 0 deletions website/docs/r/mq_broker.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@ The following arguments are required:
* `console_access` - (Optional) Whether to enable access to the [ActiveMQ Web Console](http://activemq.apache.org/web-console.html) for the user. Applies to `engine_type` of `ActiveMQ` only.
* `groups` - (Optional) List of groups (20 maximum) to which the ActiveMQ user belongs. Applies to `engine_type` of `ActiveMQ` only.
* `password` - (Required) Password of the user. It must be 12 to 250 characters long, at least 4 unique characters, and must not contain commas.
* `replication_user` - (Optional) Whether to set set replication user. Defaults to `false`.
* `username` - (Required) Username of the user.

~> **NOTE:** AWS currently does not support updating RabbitMQ users. Updates to users can only be in the RabbitMQ UI.
Expand Down

0 comments on commit a113ad2

Please sign in to comment.