Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

B MQ replication user fix #32454

Merged
merged 5 commits into from
Jul 11, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/32454.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_mq_broker: default `replication_user` to `false`
```
38 changes: 26 additions & 12 deletions internal/service/mq/broker.go
Original file line number Diff line number Diff line change
Expand Up @@ -329,6 +329,11 @@ func ResourceBroker() *schema.Resource {
Sensitive: true,
ValidateFunc: ValidBrokerPassword,
},
"replication_user": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
"username": {
Type: schema.TypeString,
Required: true,
Expand Down Expand Up @@ -806,22 +811,24 @@ func DiffBrokerUsers(bId string, oldUsers, newUsers []interface{}) (

if !reflect.DeepEqual(existingUserMap, newUserMap) {
ur = append(ur, &mq.UpdateUserRequest{
BrokerId: aws.String(bId),
ConsoleAccess: aws.Bool(newUserMap["console_access"].(bool)),
Groups: flex.ExpandStringList(ng),
Password: aws.String(newUserMap["password"].(string)),
Username: aws.String(username),
BrokerId: aws.String(bId),
ConsoleAccess: aws.Bool(newUserMap["console_access"].(bool)),
Groups: flex.ExpandStringList(ng),
ReplicationUser: aws.Bool(newUserMap["replication_user"].(bool)),
Password: aws.String(newUserMap["password"].(string)),
Username: aws.String(username),
})
}

// Delete after processing, so we know what's left for deletion
delete(existingUsers, username)
} else {
cur := &mq.CreateUserRequest{
BrokerId: aws.String(bId),
ConsoleAccess: aws.Bool(newUserMap["console_access"].(bool)),
Password: aws.String(newUserMap["password"].(string)),
Username: aws.String(username),
BrokerId: aws.String(bId),
ConsoleAccess: aws.Bool(newUserMap["console_access"].(bool)),
Password: aws.String(newUserMap["password"].(string)),
ReplicationUser: aws.Bool(newUserMap["replication_user"].(bool)),
Username: aws.String(username),
}
if len(ng) > 0 {
cur.Groups = flex.ExpandStringList(ng)
Expand Down Expand Up @@ -907,6 +914,9 @@ func expandUsers(cfg []interface{}) []*mq.User {
if v, ok := u["console_access"]; ok {
user.ConsoleAccess = aws.Bool(v.(bool))
}
if v, ok := u["replication_user"]; ok {
user.ReplicationUser = aws.Bool(v.(bool))
}
if v, ok := u["groups"]; ok {
user.Groups = flex.ExpandStringSet(v.(*schema.Set))
}
Expand All @@ -933,9 +943,10 @@ func expandUsersForBroker(ctx context.Context, conn *mq.MQ, brokerId string, inp
}

user := &mq.User{
ConsoleAccess: uOut.ConsoleAccess,
Groups: uOut.Groups,
Username: uOut.Username,
ConsoleAccess: uOut.ConsoleAccess,
Groups: uOut.Groups,
ReplicationUser: uOut.ReplicationUser,
Username: uOut.Username,
}

rawUsers = append(rawUsers, user)
Expand Down Expand Up @@ -968,6 +979,9 @@ func flattenUsers(users []*mq.User, cfgUsers []interface{}) *schema.Set {
if u.ConsoleAccess != nil {
m["console_access"] = aws.BoolValue(u.ConsoleAccess)
}
if u.ReplicationUser != nil {
m["replication_user"] = aws.BoolValue(u.ReplicationUser)
}
if len(u.Groups) > 0 {
m["groups"] = flex.FlattenStringSet(u.Groups)
}
Expand Down
77 changes: 43 additions & 34 deletions internal/service/mq/broker_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,19 +120,21 @@ func TestDiffUsers(t *testing.T) {
OldUsers: []interface{}{},
NewUsers: []interface{}{
map[string]interface{}{
"console_access": false,
"username": "second",
"password": "TestTest2222",
"groups": schema.NewSet(schema.HashString, []interface{}{"admin"}),
"console_access": false,
"username": "second",
"password": "TestTest2222",
"groups": schema.NewSet(schema.HashString, []interface{}{"admin"}),
"replication_user": false,
},
},
Creations: []*mq.CreateUserRequest{
{
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
Groups: aws.StringSlice([]string{"admin"}),
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
Groups: aws.StringSlice([]string{"admin"}),
ReplicationUser: aws.Bool(false),
},
},
Deletions: []*mq.DeleteUserInput{},
Expand All @@ -141,24 +143,27 @@ func TestDiffUsers(t *testing.T) {
{
OldUsers: []interface{}{
map[string]interface{}{
"console_access": true,
"username": "first",
"password": "TestTest1111",
"console_access": true,
"username": "first",
"password": "TestTest1111",
"replication_user": false,
},
},
NewUsers: []interface{}{
map[string]interface{}{
"console_access": false,
"username": "second",
"password": "TestTest2222",
"console_access": false,
"username": "second",
"password": "TestTest2222",
"replication_user": false,
},
},
Creations: []*mq.CreateUserRequest{
{
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
ReplicationUser: aws.Bool(false),
},
},
Deletions: []*mq.DeleteUserInput{
Expand All @@ -169,22 +174,25 @@ func TestDiffUsers(t *testing.T) {
{
OldUsers: []interface{}{
map[string]interface{}{
"console_access": true,
"username": "first",
"password": "TestTest1111updated",
"console_access": true,
"username": "first",
"password": "TestTest1111updated",
"replication_user": false,
},
map[string]interface{}{
"console_access": false,
"username": "second",
"password": "TestTest2222",
"console_access": false,
"username": "second",
"password": "TestTest2222",
"replication_user": false,
},
},
NewUsers: []interface{}{
map[string]interface{}{
"console_access": false,
"username": "second",
"password": "TestTest2222",
"groups": schema.NewSet(schema.HashString, []interface{}{"admin"}),
"console_access": false,
"username": "second",
"password": "TestTest2222",
"groups": schema.NewSet(schema.HashString, []interface{}{"admin"}),
"replication_user": false,
},
},
Creations: []*mq.CreateUserRequest{},
Expand All @@ -193,11 +201,12 @@ func TestDiffUsers(t *testing.T) {
},
Updates: []*mq.UpdateUserRequest{
{
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
Groups: aws.StringSlice([]string{"admin"}),
BrokerId: aws.String("test"),
ConsoleAccess: aws.Bool(false),
Username: aws.String("second"),
Password: aws.String("TestTest2222"),
Groups: aws.StringSlice([]string{"admin"}),
ReplicationUser: aws.Bool(false),
},
},
},
Expand Down
1 change: 1 addition & 0 deletions website/docs/r/mq_broker.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@ The following arguments are required:
* `console_access` - (Optional) Whether to enable access to the [ActiveMQ Web Console](http://activemq.apache.org/web-console.html) for the user. Applies to `engine_type` of `ActiveMQ` only.
* `groups` - (Optional) List of groups (20 maximum) to which the ActiveMQ user belongs. Applies to `engine_type` of `ActiveMQ` only.
* `password` - (Required) Password of the user. It must be 12 to 250 characters long, at least 4 unique characters, and must not contain commas.
* `replication_user` - (Optional) Whether to set set replication user. Defaults to `false`.
* `username` - (Required) Username of the user.

~> **NOTE:** AWS currently does not support updating RabbitMQ users. Updates to users can only be in the RabbitMQ UI.
Expand Down