-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add aws_opensearchserverless_security_policy data source #32226
Add aws_opensearchserverless_security_policy data source #32226
Conversation
Community NoteVoting for Prioritization
For Submitters
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Welcome @joshjluo 👋
It looks like this is your first Pull Request submission to the Terraform AWS Provider! If you haven’t already done so please make sure you have checked out our CONTRIBUTOR guide and FAQ to make sure your contribution is adhering to best practice and has all the necessary elements in place for a successful approval.
Also take a look at our FAQ which details how we prioritize Pull Requests for inclusion.
Thanks again, and welcome to the community! 😃
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Requesting a few changes and asking for hashi guidance on the marshalling.
return &schema.Resource{ | ||
ReadWithoutTimeout: dataSourceSecurityPolicyRead, | ||
|
||
Schema: map[string]*schema.Schema{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The API has createdDate
and lastModifiedDate
in the response elements. What were your thoughts on omitting these from the DS?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The Resource Contribution Guidelines suggested that timestamps should be skipped. Do you think they should still be included here?
Skips Timestamp Attributes: Generally, creation and modification dates from the API should be omitted from the schema.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@joshjluo we do avoid timestamps in resources because of the high potential to cause continuous drift, but they can be included in data sources
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"name": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The API documentation has stated length
and patterns
can you please include those here on schema validation?
You can see an example here: https://github.com/hashicorp/terraform-provider-aws/blob/8f461fec79149dc1031ee843250ead0da9030483/internal/service/opensearchserverless/collection.go#L104C8-L104C8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated to provide validation on both length
and patterns
.
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"type": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The API has two allowed values (encryption
or network
), and those values are defined in the AWS SDK. Can you please add validation as such?
You can see an example here:
https://github.com/hashicorp/terraform-provider-aws/blob/8f461fec79149dc1031ee843250ead0da9030483/internal/service/opensearchserverless/security_policy.go#L86C12-L86C12
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added validation for the type
return sdkdiag.AppendErrorf(diags, "reading SecurityPolicy with name (%s) and type (%s): %s", securityPolicyName, securityPolicyType, err) | ||
} | ||
|
||
policyBytes, err := securityPolicy.Policy.MarshalSmithyDocument() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jar-b have you seen this method before? I have not seen Smith document marshaling prior, to want to verify.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, the OpenSearch Serverless Access Policy was just merged today and uses a similar pattern:
terraform-provider-aws/internal/service/opensearchserverless/access_policy_data_source.go
Line 88 in 2402e64
policyBytes, err := out.Policy.MarshalSmithyDocument() |
collection := fmt.Sprintf("collection/%s", rName) | ||
return fmt.Sprintf(` | ||
resource "aws_opensearchserverless_security_policy" "test" { | ||
name = %[1]q |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We use spaces (not tabs) in the embedded Terraform/HCL string.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated to use spaces
6240c9b
to
92601f0
Compare
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"name": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated to provide validation on both length
and patterns
.
Type: schema.TypeString, | ||
Computed: true, | ||
}, | ||
"type": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added validation for the type
}, | ||
ErrorCheck: acctest.ErrorCheck(t, names.OpenSearchServerlessEndpointID), | ||
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, | ||
CheckDestroy: testAccCheckSecurityPolicyDestroy(ctx), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added a CheckDestroy
here as suggested by the documentation: https://hashicorp.github.io/terraform-provider-aws/running-and-writing-acceptance-tests/#data-source-acceptance-testing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Saw #32231 got merged in earlier today. Should I update this PR to follow a similar pattern to keep things consistent within the package?
92601f0
to
86a4d09
Compare
86a4d09
to
304e3fb
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀
$ make testacc TESTARGS='-run=TestAccOpenSearchServerlessSecurityPolicyDataSource_' PKG=opensearchserverless
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./internal/service/opensearchserverless/... -v -count 1 -parallel 20 -run=TestAccOpenSearchServerlessSecurityPolicyDataSource_ -timeout 180m
--- PASS: TestAccOpenSearchServerlessSecurityPolicyDataSource_basic (17.97s)
PASS
ok github.com/hashicorp/terraform-provider-aws/internal/service/opensearchserverless 21.316s
@joshjluo thank you for the contribution! 🎉 |
This functionality has been released in v5.7.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Description
Relations
Closes #28458
References
https://docs.aws.amazon.com/opensearch-service/latest/ServerlessAPIReference/API_Operations.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/opensearchserverless_security_policy
Output from Acceptance Testing