diff --git a/.changelog/23607.txt b/.changelog/23607.txt new file mode 100644 index 00000000000..0c91b1f144b --- /dev/null +++ b/.changelog/23607.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/aws_quicksight_user: Allow custom values for `namespace` +``` \ No newline at end of file diff --git a/docs/contributing/maintaining.md b/docs/contributing/maintaining.md index b2c2b697edb..fa7703fb0f1 100644 --- a/docs/contributing/maintaining.md +++ b/docs/contributing/maintaining.md @@ -397,6 +397,7 @@ Environment variables (beyond standard AWS Go SDK ones) used by acceptance testi | `GCM_API_KEY` | API Key for Google Cloud Messaging in Pinpoint and SNS Platform Application testing. | | `GITHUB_TOKEN` | GitHub token for CodePipeline testing. | | `MACIE_MEMBER_ACCOUNT_ID` | Identifier of AWS Account for Macie Member testing. **DEPRECATED:** Should be replaced with standard alternate account handling for tests. | +| `QUICKSIGHT_NAMESPACE` | QuickSight namespace name for testing. | | `ROUTE53DOMAINS_DOMAIN_NAME` | Registered domain for Route 53 Domains testing. | | `SAGEMAKER_IMAGE_VERSION_BASE_IMAGE` | Sagemaker base image to use for tests. | | `SERVICEQUOTAS_INCREASE_ON_CREATE_QUOTA_CODE` | Quota Code for Service Quotas testing (submits support case). | diff --git a/internal/service/quicksight/user.go b/internal/service/quicksight/user.go index ab7c2639f83..7fcd0d96467 100644 --- a/internal/service/quicksight/user.go +++ b/internal/service/quicksight/user.go @@ -3,6 +3,7 @@ package quicksight import ( "fmt" "log" + "regexp" "strings" "github.com/aws/aws-sdk-go/aws" @@ -60,9 +61,10 @@ func ResourceUser() *schema.Resource { Optional: true, ForceNew: true, Default: "default", - ValidateFunc: validation.StringInSlice([]string{ - "default", - }, false), + ValidateFunc: validation.All( + validation.StringLenBetween(1, 63), + validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9._-]*$`), "must contain only alphanumeric characters, hyphens, underscores, and periods"), + ), }, "session_name": { diff --git a/internal/service/quicksight/user_test.go b/internal/service/quicksight/user_test.go index 04b10090c72..39d423bdd59 100644 --- a/internal/service/quicksight/user_test.go +++ b/internal/service/quicksight/user_test.go @@ -2,6 +2,7 @@ package quicksight_test import ( "fmt" + "os" "strings" "testing" @@ -79,6 +80,34 @@ func TestAccQuickSightUser_withInvalidFormattedEmailStillWorks(t *testing.T) { }) } +func TestAccQuickSightUser_withNamespace(t *testing.T) { + key := "QUICKSIGHT_NAMESPACE" + namespace := os.Getenv(key) + if namespace == "" { + t.Skipf("Environment variable %s is not set", key) + } + + var user quicksight.User + rName := "tfacctest" + sdkacctest.RandString(10) + resourceName := "aws_quicksight_user." + rName + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(t) }, + ErrorCheck: acctest.ErrorCheck(t, quicksight.EndpointsID), + Providers: acctest.Providers, + CheckDestroy: testAccCheckQuickSightUserDestroy, + Steps: []resource.TestStep{ + { + Config: testAccUserWithNamespaceConfig(rName, namespace), + Check: resource.ComposeTestCheckFunc( + testAccCheckQuickSightUserExists(resourceName, &user), + resource.TestCheckResourceAttr(resourceName, "namespace", namespace), + ), + }, + }, + }) +} + func TestAccQuickSightUser_disappears(t *testing.T) { var user quicksight.User rName := "tfacctest" + sdkacctest.RandString(10) @@ -208,6 +237,21 @@ resource "aws_quicksight_user" %[1]q { `, rName, email) } +func testAccUserWithNamespaceConfig(rName, namespace string) string { + return fmt.Sprintf(` +data "aws_caller_identity" "current" {} + +resource "aws_quicksight_user" %[1]q { + aws_account_id = data.aws_caller_identity.current.account_id + user_name = %[1]q + email = %[2]q + namespace = %[3]q + identity_type = "QUICKSIGHT" + user_role = "READER" +} +`, rName, acctest.DefaultEmailAddress, namespace) +} + func testAccUserConfig(rName string) string { return testAccUserWithEmailConfig(rName, acctest.DefaultEmailAddress) } diff --git a/website/docs/r/quicksight_user.html.markdown b/website/docs/r/quicksight_user.html.markdown index 0080e860bdc..acbb0e1613a 100644 --- a/website/docs/r/quicksight_user.html.markdown +++ b/website/docs/r/quicksight_user.html.markdown @@ -16,6 +16,7 @@ Resource for managing QuickSight User resource "aws_quicksight_user" "example" { session_name = "an-author" email = "author@example.com" + namespace = "foo" identity_type = "IAM" iam_arn = "arn:aws:iam::123456789012:user/Example" user_role = "AUTHOR" @@ -33,7 +34,7 @@ The following arguments are supported: * `user_name` - (Optional) The Amazon QuickSight user name that you want to create for the user you are registering. Only valid for registering a user with `identity_type` set to `QUICKSIGHT`. * `aws_account_id` - (Optional) The ID for the AWS account that the user is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account. * `iam_arn` - (Optional) The ARN of the IAM user or role that you are registering with Amazon QuickSight. -* `namespace` - (Optional) The namespace. Currently, you should set this to `default`. +* `namespace` - (Optional) The Amazon Quicksight namespace to create the user in. Defaults to `default`. * `session_name` - (Optional) The name of the IAM session to use when assuming roles that can embed QuickSight dashboards. Only valid for registering users using an assumed IAM role. Additionally, if registering multiple users using the same IAM role, each user needs to have a unique session name. ## Attributes Reference