Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(mongodb): add secrets_manager_arn #23691

Merged
merged 11 commits into from
Jun 2, 2022
Merged

feat(mongodb): add secrets_manager_arn #23691

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
366e53b
feat(mongodb): add secrets_manager_arn
brunomiranda-hotmart Mar 15, 2022
2228ff1
rollback miss updated comment
brunomiranda-hotmart Mar 15, 2022
51d2d35
Add miss removed request
brunomiranda-hotmart Mar 15, 2022
206de0a
Add mongo secrets_manager_arn acceptance tests
brunomiranda-hotmart Mar 16, 2022
e01fc64
Revert "Add mongo secrets_manager_arn acceptance tests"
ewbankkit Jun 2, 2022
52f6b10
Revert "Add miss removed request"
ewbankkit Jun 2, 2022
b729d21
Revert "rollback miss updated comment"
ewbankkit Jun 2, 2022
687b93d
Revert "feat(mongodb): add secrets_manager_arn"
ewbankkit Jun 2, 2022
6be61c4
Merge branch 'main' into HEAD
ewbankkit Jun 2, 2022
1557e3b
r/aws_dms_endpoint: Add ability to use AWS Secrets Manager with the '…
ewbankkit Jun 2, 2022
076d7cb
r/aws_dms_endpoint: Add ability to use AWS Secrets Manager with the '…
ewbankkit Jun 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/23691.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
resource/aws_dms_endpoint: Add ability to use AWS Secrets Manager with the `aurora-postgresql` and `mongodb` engines
```
178 changes: 102 additions & 76 deletions internal/service/dms/endpoint.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -640,6 +640,25 @@ func resourceEndpointCreate(d *schema.ResourceData, meta interface{}) error {
DatabaseName: aws.String(d.Get("database_name").(string)),
}

// Set connection info in top-level namespace as well
expandTopLevelConnectionInfo(d, input)
}
case engineNameAuroraPostgresql, engineNamePostgres:
if _, ok := d.GetOk("secrets_manager_arn"); ok {
input.PostgreSQLSettings = &dms.PostgreSQLSettings{
SecretsManagerAccessRoleArn: aws.String(d.Get("secrets_manager_access_role_arn").(string)),
SecretsManagerSecretId: aws.String(d.Get("secrets_manager_arn").(string)),
DatabaseName: aws.String(d.Get("database_name").(string)),
}
} else {
input.PostgreSQLSettings = &dms.PostgreSQLSettings{
Username: aws.String(d.Get("username").(string)),
Password: aws.String(d.Get("password").(string)),
ServerName: aws.String(d.Get("server_name").(string)),
Port: aws.Int64(int64(d.Get("port").(int))),
DatabaseName: aws.String(d.Get("database_name").(string)),
}

// Set connection info in top-level namespace as well
expandTopLevelConnectionInfo(d, input)
}
Expand All @@ -659,52 +678,40 @@ func resourceEndpointCreate(d *schema.ResourceData, meta interface{}) error {
case engineNameKinesis:
input.KinesisSettings = expandKinesisSettings(d.Get("kinesis_settings").([]interface{})[0].(map[string]interface{}))
case engineNameMongodb:
input.MongoDbSettings = &dms.MongoDbSettings{
Username: aws.String(d.Get("username").(string)),
Password: aws.String(d.Get("password").(string)),
ServerName: aws.String(d.Get("server_name").(string)),
Port: aws.Int64(int64(d.Get("port").(int))),
DatabaseName: aws.String(d.Get("database_name").(string)),
KmsKeyId: aws.String(d.Get("kms_key_arn").(string)),

AuthType: aws.String(d.Get("mongodb_settings.0.auth_type").(string)),
AuthMechanism: aws.String(d.Get("mongodb_settings.0.auth_mechanism").(string)),
NestingLevel: aws.String(d.Get("mongodb_settings.0.nesting_level").(string)),
ExtractDocId: aws.String(d.Get("mongodb_settings.0.extract_doc_id").(string)),
DocsToInvestigate: aws.String(d.Get("mongodb_settings.0.docs_to_investigate").(string)),
AuthSource: aws.String(d.Get("mongodb_settings.0.auth_source").(string)),
}
var settings = &dms.MongoDbSettings{}

// Set connection info in top-level namespace as well
expandTopLevelConnectionInfo(d, input)
case engineNameOracle:
if _, ok := d.GetOk("secrets_manager_arn"); ok {
input.OracleSettings = &dms.OracleSettings{
SecretsManagerAccessRoleArn: aws.String(d.Get("secrets_manager_access_role_arn").(string)),
SecretsManagerSecretId: aws.String(d.Get("secrets_manager_arn").(string)),
DatabaseName: aws.String(d.Get("database_name").(string)),
}
settings.SecretsManagerAccessRoleArn = aws.String(d.Get("secrets_manager_access_role_arn").(string))
settings.SecretsManagerSecretId = aws.String(d.Get("secrets_manager_arn").(string))
} else {
input.OracleSettings = &dms.OracleSettings{
Username: aws.String(d.Get("username").(string)),
Password: aws.String(d.Get("password").(string)),
ServerName: aws.String(d.Get("server_name").(string)),
Port: aws.Int64(int64(d.Get("port").(int))),
DatabaseName: aws.String(d.Get("database_name").(string)),
}
settings.Username = aws.String(d.Get("username").(string))
settings.Password = aws.String(d.Get("password").(string))
settings.ServerName = aws.String(d.Get("server_name").(string))
settings.Port = aws.Int64(int64(d.Get("port").(int)))

// Set connection info in top-level namespace as well
expandTopLevelConnectionInfo(d, input)
}
case engineNamePostgres:

settings.DatabaseName = aws.String(d.Get("database_name").(string))
settings.KmsKeyId = aws.String(d.Get("kms_key_arn").(string))
settings.AuthType = aws.String(d.Get("mongodb_settings.0.auth_type").(string))
settings.AuthMechanism = aws.String(d.Get("mongodb_settings.0.auth_mechanism").(string))
settings.NestingLevel = aws.String(d.Get("mongodb_settings.0.nesting_level").(string))
settings.ExtractDocId = aws.String(d.Get("mongodb_settings.0.extract_doc_id").(string))
settings.DocsToInvestigate = aws.String(d.Get("mongodb_settings.0.docs_to_investigate").(string))
settings.AuthSource = aws.String(d.Get("mongodb_settings.0.auth_source").(string))

input.MongoDbSettings = settings
case engineNameOracle:
if _, ok := d.GetOk("secrets_manager_arn"); ok {
input.PostgreSQLSettings = &dms.PostgreSQLSettings{
input.OracleSettings = &dms.OracleSettings{
SecretsManagerAccessRoleArn: aws.String(d.Get("secrets_manager_access_role_arn").(string)),
SecretsManagerSecretId: aws.String(d.Get("secrets_manager_arn").(string)),
DatabaseName: aws.String(d.Get("database_name").(string)),
}
} else {
input.PostgreSQLSettings = &dms.PostgreSQLSettings{
input.OracleSettings = &dms.OracleSettings{
Username: aws.String(d.Get("username").(string)),
Password: aws.String(d.Get("password").(string)),
ServerName: aws.String(d.Get("server_name").(string)),
Expand Down Expand Up @@ -871,6 +878,30 @@ func resourceEndpointUpdate(d *schema.ResourceData, meta interface{}) error {
}
input.EngineName = aws.String(engineName)

// Update connection info in top-level namespace as well
expandTopLevelConnectionInfoModify(d, input)
}
}
case engineNameAuroraPostgresql, engineNamePostgres:
if d.HasChanges(
"username", "password", "server_name", "port", "database_name", "secrets_manager_access_role_arn",
"secrets_manager_arn") {
if _, ok := d.GetOk("secrets_manager_arn"); ok {
input.PostgreSQLSettings = &dms.PostgreSQLSettings{
DatabaseName: aws.String(d.Get("database_name").(string)),
SecretsManagerAccessRoleArn: aws.String(d.Get("secrets_manager_access_role_arn").(string)),
SecretsManagerSecretId: aws.String(d.Get("secrets_manager_arn").(string)),
}
} else {
input.PostgreSQLSettings = &dms.PostgreSQLSettings{
Username: aws.String(d.Get("username").(string)),
Password: aws.String(d.Get("password").(string)),
ServerName: aws.String(d.Get("server_name").(string)),
Port: aws.Int64(int64(d.Get("port").(int))),
DatabaseName: aws.String(d.Get("database_name").(string)),
}
input.EngineName = aws.String(engineName) // Must be included (should be 'postgres')

// Update connection info in top-level namespace as well
expandTopLevelConnectionInfoModify(d, input)
}
Expand Down Expand Up @@ -909,70 +940,63 @@ func resourceEndpointUpdate(d *schema.ResourceData, meta interface{}) error {
if d.HasChanges(
"username", "password", "server_name", "port", "database_name", "mongodb_settings.0.auth_type",
"mongodb_settings.0.auth_mechanism", "mongodb_settings.0.nesting_level", "mongodb_settings.0.extract_doc_id",
"mongodb_settings.0.docs_to_investigate", "mongodb_settings.0.auth_source") {
input.MongoDbSettings = &dms.MongoDbSettings{
Username: aws.String(d.Get("username").(string)),
Password: aws.String(d.Get("password").(string)),
ServerName: aws.String(d.Get("server_name").(string)),
Port: aws.Int64(int64(d.Get("port").(int))),
DatabaseName: aws.String(d.Get("database_name").(string)),
KmsKeyId: aws.String(d.Get("kms_key_arn").(string)),

AuthType: aws.String(d.Get("mongodb_settings.0.auth_type").(string)),
AuthMechanism: aws.String(d.Get("mongodb_settings.0.auth_mechanism").(string)),
NestingLevel: aws.String(d.Get("mongodb_settings.0.nesting_level").(string)),
ExtractDocId: aws.String(d.Get("mongodb_settings.0.extract_doc_id").(string)),
DocsToInvestigate: aws.String(d.Get("mongodb_settings.0.docs_to_investigate").(string)),
AuthSource: aws.String(d.Get("mongodb_settings.0.auth_source").(string)),
}
input.EngineName = aws.String(engineName)

// Update connection info in top-level namespace as well
expandTopLevelConnectionInfoModify(d, input)
}
case engineNameOracle:
if d.HasChanges(
"username", "password", "server_name", "port", "database_name", "secrets_manager_access_role_arn",
"mongodb_settings.0.docs_to_investigate", "mongodb_settings.0.auth_source", "secrets_manager_access_role_arn",
"secrets_manager_arn") {
if _, ok := d.GetOk("secrets_manager_arn"); ok {
input.OracleSettings = &dms.OracleSettings{
DatabaseName: aws.String(d.Get("database_name").(string)),
input.MongoDbSettings = &dms.MongoDbSettings{
SecretsManagerAccessRoleArn: aws.String(d.Get("secrets_manager_access_role_arn").(string)),
SecretsManagerSecretId: aws.String(d.Get("secrets_manager_arn").(string)),
DatabaseName: aws.String(d.Get("database_name").(string)),
KmsKeyId: aws.String(d.Get("kms_key_arn").(string)),

AuthType: aws.String(d.Get("mongodb_settings.0.auth_type").(string)),
AuthMechanism: aws.String(d.Get("mongodb_settings.0.auth_mechanism").(string)),
NestingLevel: aws.String(d.Get("mongodb_settings.0.nesting_level").(string)),
ExtractDocId: aws.String(d.Get("mongodb_settings.0.extract_doc_id").(string)),
DocsToInvestigate: aws.String(d.Get("mongodb_settings.0.docs_to_investigate").(string)),
AuthSource: aws.String(d.Get("mongodb_settings.0.auth_source").(string)),
}
} else {
input.OracleSettings = &dms.OracleSettings{
input.MongoDbSettings = &dms.MongoDbSettings{
Username: aws.String(d.Get("username").(string)),
Password: aws.String(d.Get("password").(string)),
ServerName: aws.String(d.Get("server_name").(string)),
Port: aws.Int64(int64(d.Get("port").(int))),
DatabaseName: aws.String(d.Get("database_name").(string)),
KmsKeyId: aws.String(d.Get("kms_key_arn").(string)),

AuthType: aws.String(d.Get("mongodb_settings.0.auth_type").(string)),
AuthMechanism: aws.String(d.Get("mongodb_settings.0.auth_mechanism").(string)),
NestingLevel: aws.String(d.Get("mongodb_settings.0.nesting_level").(string)),
ExtractDocId: aws.String(d.Get("mongodb_settings.0.extract_doc_id").(string)),
DocsToInvestigate: aws.String(d.Get("mongodb_settings.0.docs_to_investigate").(string)),
AuthSource: aws.String(d.Get("mongodb_settings.0.auth_source").(string)),
}
input.EngineName = aws.String(engineName) // Must be included (should be 'oracle')
input.EngineName = aws.String(engineName)

// Update connection info in top-level namespace as well
expandTopLevelConnectionInfoModify(d, input)
}
}
case engineNamePostgres:
case engineNameOracle:
if d.HasChanges(
"username", "password", "server_name", "port", "database_name", "secrets_manager_access_role_arn",
"secrets_manager_arn") {
if _, ok := d.GetOk("secrets_manager_arn"); ok {
input.PostgreSQLSettings = &dms.PostgreSQLSettings{
input.OracleSettings = &dms.OracleSettings{
DatabaseName: aws.String(d.Get("database_name").(string)),
SecretsManagerAccessRoleArn: aws.String(d.Get("secrets_manager_access_role_arn").(string)),
SecretsManagerSecretId: aws.String(d.Get("secrets_manager_arn").(string)),
}
} else {
input.PostgreSQLSettings = &dms.PostgreSQLSettings{
input.OracleSettings = &dms.OracleSettings{
Username: aws.String(d.Get("username").(string)),
Password: aws.String(d.Get("password").(string)),
ServerName: aws.String(d.Get("server_name").(string)),
Port: aws.Int64(int64(d.Get("port").(int))),
DatabaseName: aws.String(d.Get("database_name").(string)),
}
input.EngineName = aws.String(engineName) // Must be included (should be 'postgres')
input.EngineName = aws.String(engineName) // Must be included (should be 'oracle')

// Update connection info in top-level namespace as well
expandTopLevelConnectionInfoModify(d, input)
Expand Down Expand Up @@ -1146,6 +1170,17 @@ func resourceEndpointSetState(d *schema.ResourceData, endpoint *dms.Endpoint) er
} else {
flattenTopLevelConnectionInfo(d, endpoint)
}
case engineNameAuroraPostgresql, engineNamePostgres:
if endpoint.PostgreSQLSettings != nil {
d.Set("username", endpoint.PostgreSQLSettings.Username)
d.Set("server_name", endpoint.PostgreSQLSettings.ServerName)
d.Set("port", endpoint.PostgreSQLSettings.Port)
d.Set("database_name", endpoint.PostgreSQLSettings.DatabaseName)
d.Set("secrets_manager_access_role_arn", endpoint.PostgreSQLSettings.SecretsManagerAccessRoleArn)
d.Set("secrets_manager_arn", endpoint.PostgreSQLSettings.SecretsManagerSecretId)
} else {
flattenTopLevelConnectionInfo(d, endpoint)
}
case engineNameDynamoDB:
if endpoint.DynamoDbSettings != nil {
d.Set("service_access_role", endpoint.DynamoDbSettings.ServiceAccessRoleArn)
Expand Down Expand Up @@ -1178,6 +1213,8 @@ func resourceEndpointSetState(d *schema.ResourceData, endpoint *dms.Endpoint) er
d.Set("server_name", endpoint.MongoDbSettings.ServerName)
d.Set("port", endpoint.MongoDbSettings.Port)
d.Set("database_name", endpoint.MongoDbSettings.DatabaseName)
d.Set("secrets_manager_access_role_arn", endpoint.MongoDbSettings.SecretsManagerAccessRoleArn)
d.Set("secrets_manager_arn", endpoint.MongoDbSettings.SecretsManagerSecretId)
} else {
flattenTopLevelConnectionInfo(d, endpoint)
}
Expand All @@ -1195,17 +1232,6 @@ func resourceEndpointSetState(d *schema.ResourceData, endpoint *dms.Endpoint) er
} else {
flattenTopLevelConnectionInfo(d, endpoint)
}
case engineNamePostgres:
if endpoint.PostgreSQLSettings != nil {
d.Set("username", endpoint.PostgreSQLSettings.Username)
d.Set("server_name", endpoint.PostgreSQLSettings.ServerName)
d.Set("port", endpoint.PostgreSQLSettings.Port)
d.Set("database_name", endpoint.PostgreSQLSettings.DatabaseName)
d.Set("secrets_manager_access_role_arn", endpoint.PostgreSQLSettings.SecretsManagerAccessRoleArn)
d.Set("secrets_manager_arn", endpoint.PostgreSQLSettings.SecretsManagerSecretId)
} else {
flattenTopLevelConnectionInfo(d, endpoint)
}
case engineNameRedshift:
if endpoint.RedshiftSettings != nil {
d.Set("username", endpoint.RedshiftSettings.Username)
Expand Down
Loading