Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add aws_opensearchserverless_security_policy data source #32226

Conversation

joshjluo
Copy link
Contributor

@joshjluo joshjluo commented Jun 26, 2023

Description

  • Adding new data source for OpenSearch Serverless Security Policy

Relations

Closes #28458

References

https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_Operations.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/opensearchserverless_security_policy

Output from Acceptance Testing

$ make testacc TESTS=TestAccOpenSearchServerlessSecurityPolicyDataSource PKG=opensearchserverless
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/opensearchserverless/... -v -count 1 -parallel 20 -run='TestAccOpenSearchServerlessSecurityPolicyDataSource'  -timeout 180m
=== RUN   TestAccOpenSearchServerlessSecurityPolicyDataSource_basic
=== PAUSE TestAccOpenSearchServerlessSecurityPolicyDataSource_basic
=== CONT  TestAccOpenSearchServerlessSecurityPolicyDataSource_basic
--- PASS: TestAccOpenSearchServerlessSecurityPolicyDataSource_basic (48.83s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/opensearchserverless       53.033s

@github-actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added documentation Introduces or discusses updates to documentation. generators Relates to code generators. service/opensearchserverless Issues and PRs that pertain to the opensearchserverless service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. size/L Managed by automation to categorize the size of a PR. needs-triage Waiting for first response or review from a maintainer. labels Jun 26, 2023
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome @joshjluo 👋

It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.

Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.

Thanks again, and welcome to the community! 😃

@justinretzolk justinretzolk added new-data-source Introduces a new data source. and removed needs-triage Waiting for first response or review from a maintainer. labels Jun 26, 2023
@joshjluo joshjluo changed the title Add aws_opensearchserverless_security_policy data source [WIP]: Add aws_opensearchserverless_security_policy data source Jun 27, 2023
Copy link
Collaborator

@AdamTylerLynch AdamTylerLynch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Requesting a few changes and asking for hashi guidance on the marshalling.

return &schema.Resource{
ReadWithoutTimeout: dataSourceSecurityPolicyRead,

Schema: map[string]*schema.Schema{
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The API has createdDate and lastModifiedDate in the response elements. What were your thoughts on omitting these from the DS?

Cite: https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_GetSecurityPolicy.html

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Resource Contribution Guidelines suggested that timestamps should be skipped. Do you think they should still be included here?

Skips Timestamp Attributes: Generally, creation and modification dates from the API should be omitted from the schema.

Cite: https://hashicorp.github.io/terraform-provider-aws/raising-a-pull-request/#resource-contribution-guidelines

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@joshjluo we do avoid timestamps in resources because of the high potential to cause continuous drift, but they can be included in data sources

Type: schema.TypeString,
Computed: true,
},
"name": {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated to provide validation on both length and patterns.

Type: schema.TypeString,
Computed: true,
},
"type": {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The API has two allowed values (encryption or network), and those values are defined in the AWS SDK. Can you please add validation as such?

You can see an example here:
https://github.com/hashicorp/terraform-provider-aws/blob/8f461fec79149dc1031ee843250ead0da9030483/internal/service/opensearchserverless/security_policy.go#L86C12-L86C12

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added validation for the type

return sdkdiag.AppendErrorf(diags, "reading SecurityPolicy with name (%s) and type (%s): %s", securityPolicyName, securityPolicyType, err)
}

policyBytes, err := securityPolicy.Policy.MarshalSmithyDocument()
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jar-b have you seen this method before? I have not seen Smith document marshaling prior, to want to verify.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, the OpenSearch Serverless Access Policy was just merged today and uses a similar pattern:

policyBytes, err := out.Policy.MarshalSmithyDocument()

collection := fmt.Sprintf("collection/%s", rName)
return fmt.Sprintf(`
resource "aws_opensearchserverless_security_policy" "test" {
name = %[1]q
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use spaces (not tabs) in the embedded Terraform/HCL string.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated to use spaces

@AdamTylerLynch AdamTylerLynch added the partner Contribution from a partner. label Jun 27, 2023
@joshjluo joshjluo force-pushed the f-aws_opensearchserverless_security_policy-data-source branch from 6240c9b to 92601f0 Compare June 27, 2023 22:50
Type: schema.TypeString,
Computed: true,
},
"name": {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated to provide validation on both length and patterns.

Type: schema.TypeString,
Computed: true,
},
"type": {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added validation for the type

},
ErrorCheck: acctest.ErrorCheck(t, names.OpenSearchServerlessEndpointID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckSecurityPolicyDestroy(ctx),
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@joshjluo joshjluo changed the title [WIP]: Add aws_opensearchserverless_security_policy data source Add aws_opensearchserverless_security_policy data source Jun 27, 2023
@joshjluo joshjluo marked this pull request as ready for review June 27, 2023 23:04
Copy link
Contributor Author

@joshjluo joshjluo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Saw #32231 got merged in earlier today. Should I update this PR to follow a similar pattern to keep things consistent within the package?

@joshjluo joshjluo requested a review from AdamTylerLynch June 28, 2023 00:02
@joshjluo joshjluo force-pushed the f-aws_opensearchserverless_security_policy-data-source branch from 92601f0 to 86a4d09 Compare June 28, 2023 15:15
@joshjluo joshjluo force-pushed the f-aws_opensearchserverless_security_policy-data-source branch from 86a4d09 to 304e3fb Compare June 28, 2023 15:51
@johnsonaj johnsonaj self-assigned this Jun 29, 2023
Copy link
Contributor

@johnsonaj johnsonaj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

$ make testacc TESTARGS='-run=TestAccOpenSearchServerlessSecurityPolicyDataSource_' PKG=opensearchserverless

==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/opensearchserverless/... -v -count 1 -parallel 20  -run=TestAccOpenSearchServerlessSecurityPolicyDataSource_ -timeout 180m
--- PASS: TestAccOpenSearchServerlessSecurityPolicyDataSource_basic (17.97s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/opensearchserverless	21.316s

@johnsonaj
Copy link
Contributor

@joshjluo thank you for the contribution! 🎉

@johnsonaj johnsonaj merged commit 5925a10 into hashicorp:main Jun 30, 2023
@github-actions github-actions bot added this to the v5.7.0 milestone Jun 30, 2023
@github-actions
Copy link

github-actions bot commented Jul 7, 2023

This functionality has been released in v5.7.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

github-actions bot commented Aug 7, 2023

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 7, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
documentation Introduces or discusses updates to documentation. generators Relates to code generators. new-data-source Introduces a new data source. partner Contribution from a partner. service/opensearchserverless Issues and PRs that pertain to the opensearchserverless service. size/L Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[New Data Source ]: OpenSearch Serverless Security Policy
5 participants