Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

F vpclattice resource policy data source #31372

Merged
Merged
3 changes: 3 additions & 0 deletions .changelog/31372.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-data-source
aws_vpclattice_resource_policy
```
55 changes: 55 additions & 0 deletions internal/service/vpclattice/resource_policy_data_source.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
package vpclattice

import (
"context"

"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-provider-aws/internal/conns"
"github.com/hashicorp/terraform-provider-aws/internal/create"
"github.com/hashicorp/terraform-provider-aws/internal/verify"
"github.com/hashicorp/terraform-provider-aws/names"
)

// @SDKDataSource("aws_vpclattice_resource_policy", name="Resource Policy")
func DataSourceResourcePolicy() *schema.Resource {
return &schema.Resource{
ReadWithoutTimeout: dataSourceResourcePolicyRead,

Schema: map[string]*schema.Schema{
"policy": {
Type: schema.TypeString,
Computed: true,
},
"resource_arn": {
Type: schema.TypeString,
Required: true,
ValidateFunc: verify.ValidARN,
},
},
}
}

const (
DSNameResourcePolicy = "Resource Policy Data Source"
)

func dataSourceResourcePolicyRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).VPCLatticeClient()

resourceArn := d.Get("resource_arn").(string)

out, err := findResourcePolicyByID(ctx, conn, resourceArn)
if err != nil {
return create.DiagError(names.VPCLattice, create.ErrActionReading, DSNameResourcePolicy, d.Id(), err)
}

if out == nil {
return create.DiagError(names.VPCLattice, create.ErrActionReading, DSNameResourcePolicy, d.Id(), err)
}

d.SetId(resourceArn)
d.Set("policy", out.Policy)

return nil
}
78 changes: 78 additions & 0 deletions internal/service/vpclattice/resource_policy_data_source_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
package vpclattice_test

import (
"fmt"
"regexp"
"testing"

sdkacctest "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-provider-aws/internal/acctest"
"github.com/hashicorp/terraform-provider-aws/names"
)

func TestAccVPCLatticeResourcePolicyDataSource_basic(t *testing.T) {
ctx := acctest.Context(t)

rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
dataSourceName := "data.aws_vpclattice_resource_policy.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() {
acctest.PreCheck(ctx, t)
acctest.PreCheckPartitionHasService(t, names.VPCLatticeEndpointID)
testAccPreCheck(ctx, t)
},
ErrorCheck: acctest.ErrorCheck(t, names.VPCLatticeEndpointID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckResourcePolicyDestroy(ctx),
Steps: []resource.TestStep{
{
Config: testAccResourcePolicyDataSourceConfig_basic(rName),
Check: resource.ComposeTestCheckFunc(
resource.TestMatchResourceAttr(dataSourceName, "policy", regexp.MustCompile(`"vpc-lattice:CreateServiceNetworkVpcAssociation","vpc-lattice:CreateServiceNetworkServiceAssociation","vpc-lattice:GetServiceNetwork"`)),
resource.TestCheckResourceAttrPair(dataSourceName, "resource_arn", "aws_vpclattice_service_network.test", "arn"),
),
},
},
})
}
func testAccResourcePolicyDataSourceConfig_create(rName string) string {
return fmt.Sprintf(`
data "aws_caller_identity" "current" {}
data "aws_partition" "current" {}

resource "aws_vpclattice_service_network" "test" {
name = %[1]q
}

resource "aws_vpclattice_resource_policy" "test" {
resource_arn = aws_vpclattice_service_network.test.arn

policy = jsonencode({
Version = "2012-10-17",
Statement = [{
Sid = "test-pol-principals-6"
Effect = "Allow"
Principal = {
"AWS" = "arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:root"
}
Action = [
"vpc-lattice:CreateServiceNetworkVpcAssociation",
"vpc-lattice:CreateServiceNetworkServiceAssociation",
"vpc-lattice:GetServiceNetwork"
]
Resource = aws_vpclattice_service_network.test.arn
}]
})
}
`, rName)
}

func testAccResourcePolicyDataSourceConfig_basic(rName string) string {
return acctest.ConfigCompose(testAccResourcePolicyDataSourceConfig_create(rName), `
data "aws_vpclattice_resource_policy" "test" {
resource_arn = aws_vpclattice_resource_policy.test.resource_arn
}
`)
}
5 changes: 5 additions & 0 deletions internal/service/vpclattice/service_package_gen.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

33 changes: 33 additions & 0 deletions website/docs/d/vpclattice_resource_policy.html.markdown
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
---
subcategory: "VPC Lattice"
layout: "aws"
page_title: "AWS: aws_vpclattice_resource_policy"
description: |-
Terraform data source for managing an AWS VPC Lattice Resource Policy.
---

# Data Source: aws_vpclattice_resource_policy

Terraform data source for managing an AWS VPC Lattice Resource Policy.

## Example Usage

### Basic Usage

```terraform
data "aws_vpclattice_resource_policy" "example" {
resource_arn = aws_vpclattice_service_network.example.arn
}
```

## Argument Reference

The following arguments are required:

* `resource_arn` - (Required) Resource ARN of the resource for which a policy is retrieved.

## Attributes Reference

In addition to all arguments above, the following attributes are exported:

* `policy` - JSON-encoded string representation of the applied resource policy.