Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for organizations and organizational units for EC2 image builder distribution configuration #22104

Merged
merged 9 commits into from
Mar 23, 2022
Merged

Add support for organizations and organizational units for EC2 image builder distribution configuration #22104

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
db546bd
Add support for organizations and organizational units for EC2 image …
lvthillo Dec 8, 2021
7502898
Fix Acc tests
lvthillo Dec 8, 2021
b9c6055
Merge remote-tracking branch 'origin2/main' into ec2-image-builder-di…
lvthillo Mar 22, 2022
80b413c
Add docs + add CHANGELOG entry + fix terrafmt formatting.
lvthillo Mar 22, 2022
593afca
Add CHANGELOG entry file.
ewbankkit Mar 23, 2022
63ceaca
d/aws_imagebuilder_distribution_configuration: 'organization_arns' an…
ewbankkit Mar 23, 2022
da1c9ff
r/aws_imagebuilder_distribution_configuration: Alphabetical order.
ewbankkit Mar 23, 2022
983c7ae
Skip acceptance tests errors like 'Error creating License Manager lic…
ewbankkit Mar 23, 2022
bed61da
Prevent errors like 'Error creating License Manager license configura…
ewbankkit Mar 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions internal/service/imagebuilder/distribution_configuration.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,22 @@ func ResourceDistributionConfiguration() *schema.Resource {
ValidateFunc: verify.ValidAccountID,
},
},
"organization_arns": {
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{
Type: schema.TypeString,
ValidateFunc: verify.ValidARN,
},
},
"organizational_unit_arns": {
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{
Type: schema.TypeString,
ValidateFunc: verify.ValidARN,
},
},
},
},
},
Expand Down Expand Up @@ -387,6 +403,14 @@ func expandLaunchPermissionConfiguration(tfMap map[string]interface{}) *imagebui
apiObject.UserGroups = flex.ExpandStringSet(v)
}

if v, ok := tfMap["organization_arns"].(*schema.Set); ok && v.Len() > 0 {
apiObject.OrganizationArns = flex.ExpandStringSet(v)
}

if v, ok := tfMap["organizational_unit_arns"].(*schema.Set); ok && v.Len() > 0 {
apiObject.OrganizationalUnitArns = flex.ExpandStringSet(v)
}

return apiObject
}

Expand Down Expand Up @@ -478,6 +502,13 @@ func flattenLaunchPermissionConfiguration(apiObject *imagebuilder.LaunchPermissi
if v := apiObject.UserIds; v != nil {
tfMap["user_ids"] = aws.StringValueSlice(v)
}
if v := apiObject.OrganizationArns; v != nil {
tfMap["organization_arns"] = aws.StringValueSlice(v)
}

if v := apiObject.OrganizationalUnitArns; v != nil {
tfMap["organizational_unit_arns"] = aws.StringValueSlice(v)
}

return tfMap
}
14 changes: 14 additions & 0 deletions internal/service/imagebuilder/distribution_configuration_data_source.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,20 @@ func DataSourceDistributionConfiguration() *schema.Resource {
Type: schema.TypeString,
},
},
"organization_arns": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
"organizational_unit_arns": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Schema{
Type: schema.TypeString,
},
},
},
},
},
Expand Down
110 changes: 110 additions & 0 deletions internal/service/imagebuilder/distribution_configuration_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -318,6 +318,69 @@ func TestAccImageBuilderDistributionConfiguration_DistributionAMIDistributionLau
})
}

func TestAccImageBuilderDistributionConfiguration_DistributionAMIDistributionLaunchPermission_organizationArns(t *testing.T) {
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
organizationResourceName := "aws_organizations_organization.test"
resourceName := "aws_imagebuilder_distribution_configuration.test"

resource.Test(t, resource.TestCase{
PreCheck: func() {
acctest.PreCheck(t)
acctest.PreCheckOrganizationsAccount(t)
},
ErrorCheck: acctest.ErrorCheck(t, imagebuilder.EndpointsID),
ProviderFactories: acctest.ProviderFactories,
CheckDestroy: testAccCheckDistributionConfigurationDestroy,
Steps: []resource.TestStep{
{
Config: testAccDistributionConfigurationDistributionAMIDistributionConfigurationLaunchPermissionOrganizationArnsConfig(rName),
Check: resource.ComposeTestCheckFunc(
testAccCheckDistributionConfigurationExists(resourceName),
resource.TestCheckResourceAttr(resourceName, "distribution.#", "1"),
resource.TestCheckTypeSetElemAttrPair(resourceName, "distribution.*.ami_distribution_configuration.0.launch_permission.0.organization_arns.*", organizationResourceName, "arn"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
},
},
})
}

func TestAccImageBuilderDistributionConfiguration_DistributionAMIDistributionLaunchPermission_organizationalUnitArns(t *testing.T) {
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
organizationalUnitResourceName := "aws_organizations_organizational_unit.test"

resourceName := "aws_imagebuilder_distribution_configuration.test"

resource.Test(t, resource.TestCase{
PreCheck: func() {
acctest.PreCheck(t)
acctest.PreCheckOrganizationsAccount(t)
},
ErrorCheck: acctest.ErrorCheck(t, imagebuilder.EndpointsID),
ProviderFactories: acctest.ProviderFactories,
CheckDestroy: testAccCheckDistributionConfigurationDestroy,
Steps: []resource.TestStep{
{
Config: testAccDistributionConfigurationDistributionAMIDistributionConfigurationLaunchPermissionOrganizationalUnitArnsConfig(rName),
Check: resource.ComposeTestCheckFunc(
testAccCheckDistributionConfigurationExists(resourceName),
resource.TestCheckResourceAttr(resourceName, "distribution.#", "1"),
resource.TestCheckTypeSetElemAttrPair(resourceName, "distribution.*.ami_distribution_configuration.0.launch_permission.0.organizational_unit_arns.*", organizationalUnitResourceName, "arn"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
},
},
})
}

func TestAccImageBuilderDistributionConfiguration_DistributionAMIDistribution_name(t *testing.T) {
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
resourceName := "aws_imagebuilder_distribution_configuration.test"
Expand Down Expand Up @@ -704,6 +767,53 @@ resource "aws_imagebuilder_distribution_configuration" "test" {
`, rName, userId)
}

func testAccDistributionConfigurationDistributionAMIDistributionConfigurationLaunchPermissionOrganizationArnsConfig(rName string) string {
return fmt.Sprintf(`
data "aws_region" "current" {}
data "aws_partition" "current" {}

resource "aws_organizations_organization" "test" {}

resource "aws_imagebuilder_distribution_configuration" "test" {
name = %[1]q
distribution {
ami_distribution_configuration {
launch_permission {
organization_arns = [aws_organizations_organization.test.arn]
}
}
region = data.aws_region.current.name
}
}
`, rName)
}

func testAccDistributionConfigurationDistributionAMIDistributionConfigurationLaunchPermissionOrganizationalUnitArnsConfig(rName string) string {
return fmt.Sprintf(`
data "aws_region" "current" {}
data "aws_partition" "current" {}

resource "aws_organizations_organization" "test" {}

resource "aws_organizations_organizational_unit" "test" {
name = %[1]q
parent_id = aws_organizations_organization.test.roots[0].id
}

resource "aws_imagebuilder_distribution_configuration" "test" {
name = %[1]q
distribution {
ami_distribution_configuration {
launch_permission {
organizational_unit_arns = [aws_organizations_organizational_unit.test.arn]
}
}
region = data.aws_region.current.name
}
}
`, rName)
ewbankkit marked this conversation as resolved.
Show resolved Hide resolved
}

func testAccDistributionConfigurationDistributionAMIDistributionConfigurationNameConfig(rName string, name string) string {
return fmt.Sprintf(`
data "aws_region" "current" {}
Expand Down