Skip to content

Commit

Permalink
Merge pull request #26755 from mtt88/event-connection-additional-vali…
Browse files Browse the repository at this point in the history
…dation

Additional validation for aws_cloudwatch_event_connection
  • Loading branch information
ewbankkit authored May 1, 2024
2 parents a44832e + 9aac9ef commit ac7dafd
Show file tree
Hide file tree
Showing 3 changed files with 95 additions and 63 deletions.
4 changes: 4 additions & 0 deletions .changelog/26755.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
```release-note:bug
resource/aws_cloudwatch_event_connection: Add plan-time validation preventing empty `auth_parameters.oauth.oauth_http_parameters` or `auth_parameters.invocation_http_parameters`
`body`, `header` and `query_string` configuration blocks
```
104 changes: 41 additions & 63 deletions internal/service/events/connection.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,74 +38,52 @@ func resourceConnection() *schema.Resource {
},

SchemaFunc: func() map[string]*schema.Schema {
connectionHttpParameters := func() *schema.Resource {
connectionHttpParameters := func(parent string) *schema.Resource {
element := func() *schema.Resource {
return &schema.Resource{
Schema: map[string]*schema.Schema{
"is_value_secret": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"key": {
Type: schema.TypeString,
Optional: true,
},
"value": {
Type: schema.TypeString,
Optional: true,
Sensitive: true,
},
},
}
}
atLeastOneOf := []string{
fmt.Sprintf("%s.0.body", parent),
fmt.Sprintf("%s.0.header", parent),
fmt.Sprintf("%s.0.query_string", parent),
}

return &schema.Resource{
Schema: map[string]*schema.Schema{
"body": {
Type: schema.TypeList,
Optional: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"is_value_secret": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"key": {
Type: schema.TypeString,
Optional: true,
},
"value": {
Type: schema.TypeString,
Optional: true,
Sensitive: true,
},
},
},
Type: schema.TypeList,
Optional: true,
Elem: element(),
AtLeastOneOf: atLeastOneOf,
},
"header": {
Type: schema.TypeList,
Optional: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"is_value_secret": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"key": {
Type: schema.TypeString,
Optional: true,
},
"value": {
Type: schema.TypeString,
Optional: true,
Sensitive: true,
},
},
},
Type: schema.TypeList,
Optional: true,
Elem: element(),
AtLeastOneOf: atLeastOneOf,
},
"query_string": {
Type: schema.TypeList,
Optional: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"is_value_secret": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"key": {
Type: schema.TypeString,
Optional: true,
},
"value": {
Type: schema.TypeString,
Optional: true,
Sensitive: true,
},
},
},
Type: schema.TypeList,
Optional: true,
Elem: element(),
AtLeastOneOf: atLeastOneOf,
},
},
}
Expand Down Expand Up @@ -184,7 +162,7 @@ func resourceConnection() *schema.Resource {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Elem: connectionHttpParameters(),
Elem: connectionHttpParameters("auth_parameters.0.invocation_http_parameters"),
},
"oauth": {
Type: schema.TypeList,
Expand Down Expand Up @@ -237,7 +215,7 @@ func resourceConnection() *schema.Resource {
Type: schema.TypeList,
Required: true,
MaxItems: 1,
Elem: connectionHttpParameters(),
Elem: connectionHttpParameters("auth_parameters.0.oauth.0.oauth_http_parameters"),
},
},
},
Expand Down
50 changes: 50 additions & 0 deletions internal/service/events/connection_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -247,6 +247,16 @@ func TestAccEventsConnection_oAuth(t *testing.T) {
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckConnectionDestroy(ctx),
Steps: []resource.TestStep{
{
Config: testAccConnectionConfig_oauthHTTPParametersEmpty(
nameModified,
descriptionModified,
authorizationType,
authorizationEndpointModified,
httpMethod,
),
ExpectError: regexache.MustCompile("Missing required argument"),
},
{
Config: testAccConnectionConfig_oauth(
name,
Expand Down Expand Up @@ -413,6 +423,10 @@ func TestAccEventsConnection_invocationHTTPParameters(t *testing.T) {
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckConnectionDestroy(ctx),
Steps: []resource.TestStep{
{
Config: testAccConnectionConfig_invocationHTTPParametersEmpty(name, description),
ExpectError: regexache.MustCompile("Missing required argument"),
},
{
Config: testAccConnectionConfig_invocationHTTPParameters(
name,
Expand Down Expand Up @@ -834,3 +848,39 @@ resource "aws_cloudwatch_event_connection" "invocation_http_parameters" {
queryStringValue,
queryStringIsSecretValue)
}

func testAccConnectionConfig_invocationHTTPParametersEmpty(name, description string) string {
return fmt.Sprintf(`
resource "aws_cloudwatch_event_connection" "invocation_http_parameters" {
name = %[1]q
description = %[2]q
auth_parameters {
invocation_http_parameters {
}
}
}
`, name, description)
}

func testAccConnectionConfig_oauthHTTPParametersEmpty(
name,
description,
authorizationType,
authorizationEndpoint,
httpMethod string) string {
return fmt.Sprintf(`
resource "aws_cloudwatch_event_connection" "oauth" {
name = %[1]q
description = %[2]q
authorization_type = %[3]q
auth_parameters {
oauth {
authorization_endpoint = %[4]q
http_method = %[5]q
oauth_http_parameters {
}
}
}
}
`, name, description, authorizationType, authorizationEndpoint, httpMethod)
}

0 comments on commit ac7dafd

Please sign in to comment.