Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add resources to manage Detective in an Organization #25237

Merged
merged 22 commits into from
Oct 30, 2023
Merged

Add resources to manage Detective in an Organization #25237

Show file tree
Hide file tree
Changes from 21 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
79e1133
r/aws_detective_admin_account - new resource
owenfarrell Jun 8, 2022
85f43ac
r/aws_detective_organization_configuration - new resource
owenfarrell Jun 8, 2022
871b257
Merge branch 'main' into HEAD
ewbankkit Oct 27, 2023
254225f
Add copywrite headers.
ewbankkit Oct 27, 2023
b841dda
Fix semgrep 'ci.semgrep.errors.no-diag.Errorf-leading-error'.
ewbankkit Oct 27, 2023
27b5903
Fix markdown-lint errors.
ewbankkit Oct 27, 2023
05b3dff
Fix terrafmt error in documentation.
ewbankkit Oct 27, 2023
cf7d890
r/aws_detective_graph: Tidy up Create and Delete.
ewbankkit Oct 30, 2023
bc2c883
r/aws_detective_graph: Tidy up Read.
ewbankkit Oct 30, 2023
2b97e1d
r/aws_detective_graph: Tidy up acceptance tests.
ewbankkit Oct 30, 2023
2fea973
Acceptance test output:
ewbankkit Oct 30, 2023
7ea6c3a
r/aws_detective_member: Tidy up Create and Delete.
ewbankkit Oct 30, 2023
c766a7e
r/aws_detective_member: Tidy up Read.
ewbankkit Oct 30, 2023
f25f150
Tidy up acceptance tests.
ewbankkit Oct 30, 2023
a5ecbeb
r/aws_detective_invitation_accepter: Tidy up Create and Delete.
ewbankkit Oct 30, 2023
ba85b4a
r/aws_detective_invitation_accepter: Tidy up Read.
ewbankkit Oct 30, 2023
107d0e4
r/aws_detective_invitation_accepter: Tidy up acceptance tests.
ewbankkit Oct 30, 2023
0a5d4fc
r/aws_detective_organization_admin_account: Tidy up Create, Read and …
ewbankkit Oct 30, 2023
7b7b265
r/aws_detective_organization_admin_account: Tidy up acceptance tests.
ewbankkit Oct 30, 2023
6358347
r/aws_detective_organization_configuration: Cosmetics.
ewbankkit Oct 30, 2023
e02eacf
Add CHANGELOG entries.
ewbankkit Oct 30, 2023
5ecb291
Fix golangci-lint 'staticcheck'.
ewbankkit Oct 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions .changelog/25237.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
```release-note:new-resource
aws_detective_organization_admin_account
```

```release-note:note
resource/aws_detective_organization_admin_account: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing
```

```release-note:new-resource
aws_detective_organization_configuration
```

```release-note:note
resource/aws_detective_organization_configuration: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing
```
8 changes: 8 additions & 0 deletions internal/service/detective/detective_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,14 @@ func TestAccDetective_serial(t *testing.T) {
"disappear": testAccMember_disappears,
"message": testAccMember_message,
},
"OrganizationAdminAccount": {
"basic": testAccOrganizationAdminAccount_basic,
"disappears": testAccOrganizationAdminAccount_disappears,
"MultiRegion": testAccOrganizationAdminAccount_MultiRegion,
},
"OrganizationConfiguration": {
"basic": testAccOrganizationConfiguration_basic,
},
}

acctest.RunSerialTests2Levels(t, testCases, 0)
Expand Down
134 changes: 0 additions & 134 deletions internal/service/detective/find.go
View file
Open in desktop

This file was deleted.

101 changes: 69 additions & 32 deletions internal/service/detective/graph.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,16 @@ package detective

import (
"context"
"log"
"time"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/detective"
"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-provider-aws/internal/conns"
tfslices "github.com/hashicorp/terraform-provider-aws/internal/slices"
tftags "github.com/hashicorp/terraform-provider-aws/internal/tags"
"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
"github.com/hashicorp/terraform-provider-aws/internal/verify"
Expand All @@ -28,9 +29,11 @@ func ResourceGraph() *schema.Resource {
ReadWithoutTimeout: resourceGraphRead,
UpdateWithoutTimeout: resourceGraphUpdate,
DeleteWithoutTimeout: resourceGraphDelete,

Importer: &schema.ResourceImporter{
StateContext: schema.ImportStatePassthroughContext,
},

Schema: map[string]*schema.Schema{
"created_time": {
Type: schema.TypeString,
Expand All @@ -43,60 +46,51 @@ func ResourceGraph() *schema.Resource {
names.AttrTags: tftags.TagsSchema(),
names.AttrTagsAll: tftags.TagsSchemaComputed(),
},

CustomizeDiff: verify.SetTagsDiff,
}
}

func resourceGraphCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
const (
timeout = 4 * time.Minute
)
conn := meta.(*conns.AWSClient).DetectiveConn(ctx)

input := &detective.CreateGraphInput{
Tags: getTagsIn(ctx),
}

var output *detective.CreateGraphOutput
var err error
err = retry.RetryContext(ctx, GraphOperationTimeout, func() *retry.RetryError {
output, err = conn.CreateGraphWithContext(ctx, input)
if err != nil {
if tfawserr.ErrCodeEquals(err, detective.ErrCodeInternalServerException) {
return retry.RetryableError(err)
}

return retry.NonRetryableError(err)
}

return nil
})

if tfresource.TimedOut(err) {
output, err = conn.CreateGraphWithContext(ctx, input)
}
outputRaw, err := tfresource.RetryWhenAWSErrCodeEquals(ctx, timeout, func() (interface{}, error) {
return conn.CreateGraphWithContext(ctx, input)
}, detective.ErrCodeInternalServerException)

if err != nil {
return diag.Errorf("creating detective Graph: %s", err)
return diag.Errorf("creating Detective Graph: %s", err)
}

d.SetId(aws.StringValue(output.GraphArn))
d.SetId(aws.StringValue(outputRaw.(*detective.CreateGraphOutput).GraphArn))

return resourceGraphRead(ctx, d, meta)
}

func resourceGraphRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).DetectiveConn(ctx)

resp, err := FindGraphByARN(ctx, conn, d.Id())
graph, err := FindGraphByARN(ctx, conn, d.Id())

if !d.IsNewResource() && tfawserr.ErrCodeEquals(err, detective.ErrCodeResourceNotFoundException) || resp == nil {
if !d.IsNewResource() && tfresource.NotFound(err) {
log.Printf("[WARN] Detective Graph (%s) not found, removing from state", d.Id())
d.SetId("")
return nil
}

if err != nil {
return diag.Errorf("reading detective Graph (%s): %s", d.Id(), err)
return diag.Errorf("reading Detective Graph (%s): %s", d.Id(), err)
}

d.Set("created_time", aws.TimeValue(resp.CreatedTime).Format(time.RFC3339))
d.Set("graph_arn", resp.Arn)
d.Set("created_time", aws.TimeValue(graph.CreatedTime).Format(time.RFC3339))
d.Set("graph_arn", graph.Arn)

return nil
}
Expand All @@ -109,17 +103,60 @@ func resourceGraphUpdate(ctx context.Context, d *schema.ResourceData, meta inter
func resourceGraphDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).DetectiveConn(ctx)

input := &detective.DeleteGraphInput{
log.Printf("[DEBUG] Deleting Detective Graph: %s", d.Id())
_, err := conn.DeleteGraphWithContext(ctx, &detective.DeleteGraphInput{
GraphArn: aws.String(d.Id()),
})

if tfawserr.ErrCodeEquals(err, detective.ErrCodeResourceNotFoundException) {
return nil
}

_, err := conn.DeleteGraphWithContext(ctx, input)
if err != nil {
if tfawserr.ErrCodeEquals(err, detective.ErrCodeResourceNotFoundException) {
return nil
}
return diag.Errorf("deleting detective Graph (%s): %s", d.Id(), err)
return diag.Errorf("deleting Detective Graph (%s): %s", d.Id(), err)
}

return nil
}

func FindGraphByARN(ctx context.Context, conn *detective.Detective, arn string) (*detective.Graph, error) {
input := &detective.ListGraphsInput{}

return findGraph(ctx, conn, input, func(v *detective.Graph) bool {
return aws.StringValue(v.Arn) == arn
})
}

func findGraph(ctx context.Context, conn *detective.Detective, input *detective.ListGraphsInput, filter tfslices.Predicate[*detective.Graph]) (*detective.Graph, error) {
output, err := findGraphs(ctx, conn, input, filter)

if err != nil {
return nil, err
}

return tfresource.AssertSinglePtrResult(output)
}

func findGraphs(ctx context.Context, conn *detective.Detective, input *detective.ListGraphsInput, filter tfslices.Predicate[*detective.Graph]) ([]*detective.Graph, error) {
var output []*detective.Graph

err := conn.ListGraphsPagesWithContext(ctx, input, func(page *detective.ListGraphsOutput, lastPage bool) bool {
if page == nil {
return !lastPage
}

for _, v := range page.GraphList {
if v != nil && filter(v) {
output = append(output, v)
}
}

return !lastPage
})

if err != nil {
return nil, err
}

return output, nil
}
Loading
Loading