Merge pull request #16853 from DrFaust92/r/ecr_replication_configuration

r/ecr_replication_configuration - new resource

.changelog/16853.txt

@@ -0,0 +1,3 @@
+```release-note:new-resource
+aws_ecr_replication_configuration
+```

aws/provider.go

@@ -668,6 +668,7 @@ func Provider() *schema.Provider {
 			"aws_ec2_transit_gateway_vpc_attachment_accepter":         resourceAwsEc2TransitGatewayVpcAttachmentAccepter(),
 			"aws_ecr_lifecycle_policy":                                resourceAwsEcrLifecyclePolicy(),
 			"aws_ecrpublic_repository":                                resourceAwsEcrPublicRepository(),
+			"aws_ecr_replication_configuration":                       resourceAwsEcrReplicationConfiguration(),
 			"aws_ecr_repository":                                      resourceAwsEcrRepository(),
 			"aws_ecr_repository_policy":                               resourceAwsEcrRepositoryPolicy(),
 			"aws_ecs_capacity_provider":                               resourceAwsEcsCapacityProvider(),

aws/resource_aws_ecr_replication_configuration.go

@@ -0,0 +1,200 @@
+package aws
+
+import (
+	"fmt"
+	"log"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/ecr"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func resourceAwsEcrReplicationConfiguration() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAwsEcrReplicationConfigurationPut,
+		Read:   resourceAwsEcrReplicationConfigurationRead,
+		Update: resourceAwsEcrReplicationConfigurationPut,
+		Delete: schema.Noop,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"registry_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"replication_configuration": {
+				Type:     schema.TypeList,
+				Optional: true,
+				MaxItems: 1,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"rule": {
+							Type:     schema.TypeList,
+							Required: true,
+							MaxItems: 1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"destination": {
+										Type:     schema.TypeList,
+										Required: true,
+										Elem: &schema.Resource{
+											Schema: map[string]*schema.Schema{
+												"region": {
+													Type:     schema.TypeString,
+													Required: true,
+												},
+												"registry_id": {
+													Type:         schema.TypeString,
+													Required:     true,
+													ValidateFunc: validateAwsAccountId,
+												},
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func resourceAwsEcrReplicationConfigurationPut(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).ecrconn
+
+	input := ecr.PutReplicationConfigurationInput{
+		ReplicationConfiguration: expandEcrReplicationConfigurationReplicationConfiguration(d.Get("replication_configuration").([]interface{})),
+	}
+
+	_, err := conn.PutReplicationConfiguration(&input)
+	if err != nil {
+		return fmt.Errorf("error creating ECR Replication Configuration: %w", err)
+	}
+
+	d.SetId(meta.(*AWSClient).accountid)
+
+	return resourceAwsEcrReplicationConfigurationRead(d, meta)
+}
+
+func resourceAwsEcrReplicationConfigurationRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).ecrconn
+
+	log.Printf("[DEBUG] Reading ECR Replication Configuration %s", d.Id())
+	out, err := conn.DescribeRegistry(&ecr.DescribeRegistryInput{})
+	if err != nil {
+		return fmt.Errorf("error reading ECR Replication Configuration: %w", err)
+	}
+
+	d.Set("registry_id", out.RegistryId)
+
+	if err := d.Set("replication_configuration", flattenEcrReplicationConfigurationReplicationConfiguration(out.ReplicationConfiguration)); err != nil {
+		return fmt.Errorf("error setting replication_configuration for ECR Replication Configuration: %w", err)
+	}
+
+	return nil
+}
+
+func expandEcrReplicationConfigurationReplicationConfiguration(data []interface{}) *ecr.ReplicationConfiguration {
+	if len(data) == 0 || data[0] == nil {
+		return nil
+	}
+
+	ec := data[0].(map[string]interface{})
+	config := &ecr.ReplicationConfiguration{
+		Rules: expandEcrReplicationConfigurationReplicationConfigurationRules(ec["rule"].([]interface{})),
+	}
+	return config
+}
+
+func flattenEcrReplicationConfigurationReplicationConfiguration(ec *ecr.ReplicationConfiguration) []map[string]interface{} {
+	if ec == nil {
+		return nil
+	}
+
+	config := map[string]interface{}{
+		"rule": flattenEcrReplicationConfigurationReplicationConfigurationRules(ec.Rules),
+	}
+
+	return []map[string]interface{}{
+		config,
+	}
+}
+
+func expandEcrReplicationConfigurationReplicationConfigurationRules(data []interface{}) []*ecr.ReplicationRule {
+	if len(data) == 0 || data[0] == nil {
+		return nil
+	}
+
+	var rules []*ecr.ReplicationRule
+
+	for _, rule := range data {
+		ec := rule.(map[string]interface{})
+		config := &ecr.ReplicationRule{
+			Destinations: expandEcrReplicationConfigurationReplicationConfigurationRulesDestinations(ec["destination"].([]interface{})),
+		}
+
+		rules = append(rules, config)
+
+	}
+	return rules
+}
+
+func flattenEcrReplicationConfigurationReplicationConfigurationRules(ec []*ecr.ReplicationRule) []interface{} {
+	if len(ec) == 0 {
+		return nil
+	}
+
+	var tfList []interface{}
+
+	for _, apiObject := range ec {
+		tfMap := map[string]interface{}{
+			"destination": flattenEcrReplicationConfigurationReplicationConfigurationRulesDestinations(apiObject.Destinations),
+		}
+
+		tfList = append(tfList, tfMap)
+	}
+
+	return tfList
+}
+
+func expandEcrReplicationConfigurationReplicationConfigurationRulesDestinations(data []interface{}) []*ecr.ReplicationDestination {
+	if len(data) == 0 || data[0] == nil {
+		return nil
+	}
+
+	var dests []*ecr.ReplicationDestination
+
+	for _, dest := range data {
+		ec := dest.(map[string]interface{})
+		config := &ecr.ReplicationDestination{
+			Region:     aws.String(ec["region"].(string)),
+			RegistryId: aws.String(ec["registry_id"].(string)),
+		}
+
+		dests = append(dests, config)
+	}
+	return dests
+}
+
+func flattenEcrReplicationConfigurationReplicationConfigurationRulesDestinations(ec []*ecr.ReplicationDestination) []interface{} {
+	if len(ec) == 0 {
+		return nil
+	}
+
+	var tfList []interface{}
+
+	for _, apiObject := range ec {
+		tfMap := map[string]interface{}{
+			"region":      aws.StringValue(apiObject.Region),
+			"registry_id": aws.StringValue(apiObject.RegistryId),
+		}
+
+		tfList = append(tfList, tfMap)
+	}
+
+	return tfList
+}

aws/resource_aws_ecr_replication_configuration_test.go

@@ -0,0 +1,68 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/service/ecr"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+)
+
+func TestAccAWSEcrReplicationConfiguration_basic(t *testing.T) {
+	resourceName := "aws_ecr_replication_configuration.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		ErrorCheck:   testAccErrorCheck(t, ecr.EndpointsID),
+		Providers:    testAccProviders,
+		CheckDestroy: nil,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSEcrReplicationConfiguration(testAccGetAlternateRegion()),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSEcrReplicationConfigurationExists(resourceName),
+					testAccCheckResourceAttrAccountID(resourceName, "registry_id"),
+					resource.TestCheckResourceAttr(resourceName, "replication_configuration.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "replication_configuration.0.rule.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "replication_configuration.0.rule.0.destination.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "replication_configuration.0.rule.0.destination.0.region", testAccGetAlternateRegion()),
+					testAccCheckResourceAttrAccountID(resourceName, "replication_configuration.0.rule.0.destination.0.registry_id"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func testAccCheckAWSEcrReplicationConfigurationExists(name string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		_, ok := s.RootModule().Resources[name]
+		if !ok {
+			return fmt.Errorf("Not found: %s", name)
+		}
+
+		return nil
+	}
+}
+
+func testAccAWSEcrReplicationConfiguration(region string) string {
+	return fmt.Sprintf(`
+data "aws_caller_identity" "current" {}
+
+resource "aws_ecr_replication_configuration" "test" {
+  replication_configuration {
+    rule {
+      destination {
+        region      = %[1]q
+        registry_id = data.aws_caller_identity.current.account_id
+      }
+    }
+  }
+}
+`, region)
+}

website/docs/r/ecr_replication_configuration.html.markdown

@@ -0,0 +1,63 @@
+---
+subcategory: "ECR"
+layout: "aws"
+page_title: "AWS: aws_ecr_replication_configuration"
+description: |-
+  Provides an Elastic Container Registry Replication Configuration.
+---
+
+# Resource: aws_ecr_replication_configuration
+
+Provides an Elastic Container Registry Replication Configuration.
+
+## Example Usage
+
+```terraform
+data "aws_caller_identity" "current" {}
+
+data "aws_regions" "example" {}
+
+resource "aws_ecr_replication_configuration" "example" {
+  replication_configuration {
+    rule {
+      destination {
+        region      = data.aws_regions.example.names[0]
+        registry_id = data.aws_caller_identity.current.account_id
+      }
+    }
+  }
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `replication_configuration` - (Required) Replication configuration for a registry. See [Replication Configuration](#encryption-configuration).
+
+### Replication Configuration
+
+* `rule` - (Required) The replication rules for a replication configuration. See [Rule](#rule).
+
+### Rule
+
+* `destination` - (Required) the details of a replication destination. See [Destination](#destination).
+
+### Destination
+
+* `region` - (Required) A Region to replicate to.
+* `registry_id` - (Required) The account ID of the destination registry to replicate to.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `registry_id` - The registry ID where the replication configuration was created.
+
+## Import
+
+ECR Replication Configuration can be imported using the `registry_id`, e.g.
+
+```
+$ terraform import aws_ecr_replication_configuration.service 012345678912
+```