Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New Data Source: aws_ssoadmin_permission_sets #38741

Merged
merged 6 commits into from
Aug 19, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
pushing progress
  • Loading branch information
gramsa49 committed Aug 7, 2024
commit f4b545eb274c83b079506497dd5ba2c97d86cea0
64 changes: 64 additions & 0 deletions internal/service/ssoadmin/permission_sets_data_source.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0

package ssoadmin

import (
"context"

"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/ssoadmin"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-provider-aws/internal/conns"
"github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag"
"github.com/hashicorp/terraform-provider-aws/internal/verify"
"github.com/hashicorp/terraform-provider-aws/names"
)

// @SDKDataSource("aws_ssoadmin_permission_sets")
func DataSourcePermissionSets() *schema.Resource {
return &schema.Resource{
ReadWithoutTimeout: dataSourcePermissionSetsRead,

Schema: map[string]*schema.Schema{
names.AttrARNs: {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"instance_arn": {
Type: schema.TypeString,
Required: true,
ValidateFunc: verify.ValidARN,
},
},
}
}

func dataSourcePermissionSetsRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
var diags diag.Diagnostics
conn := meta.(*conns.AWSClient).SSOAdminClient(ctx)

instanceArn := d.Get("instance_arn").(string)

input := &ssoadmin.ListPermissionSetsInput{
InstanceArn: aws.String(instanceArn),
}

var permissionSetArns []string
paginator := ssoadmin.NewListPermissionSetsPaginator(conn, input)
for paginator.HasMorePages() {
page, err := paginator.NextPage(ctx)
if err != nil {
return sdkdiag.AppendErrorf(diags, "listing SSO Permission Sets: %s", err)
}

permissionSetArns = append(permissionSetArns, page.PermissionSets...)
}

d.SetId(instanceArn)
d.Set(names.AttrARNs, permissionSetArns)

return diags
}
210 changes: 210 additions & 0 deletions internal/service/ssoadmin/permission_sets_data_source_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,210 @@
// Copyright (c) HashiCorp, Inc.

Check failure on line 1 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / import-lint

Import groups are not in the proper order: ["Std" "Third party" "Third party"]
// SPDX-License-Identifier: MPL-2.0

package ssoadmin_test

// **PLEASE DELETE THIS AND ALL TIP COMMENTS BEFORE SUBMITTING A PR FOR REVIEW!**
//
// TIP: ==== INTRODUCTION ====
// Thank you for trying the skaff tool!
//
// You have opted to include these helpful comments. They all include "TIP:"
// to help you find and remove them when you're done with them.
//
// While some aspects of this file are customized to your input, the
// scaffold tool does *not* look at the AWS API and ensure it has correct
// function, structure, and variable names. It makes guesses based on
// commonalities. You will need to make significant adjustments.
//
// In other words, as generated, this is a rough outline of the work you will
// need to do. If something doesn't make sense for your situation, get rid of
// it.

import (
// TIP: ==== IMPORTS ====
// This is a common set of imports but not customized to your code since
// your code hasn't been written yet. Make sure you, your IDE, or
// goimports -w <file> fixes these imports.
//
// The provider linter wants your imports to be in two groups: first,
// standard library (i.e., "fmt" or "strings"), second, everything else.
//
// Also, AWS Go SDK v2 may handle nested structures differently than v1,
// using the services/ssoadmin/types package. If so, you'll
// need to import types and reference the nested types, e.g., as
// types.<Type Name>.
"fmt"
"strings"

Check failure on line 37 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

"strings" imported and not used

Check failure on line 37 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

"strings" imported and not used

Check failure on line 37 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

"strings" imported and not used
"testing"

"github.com/YakDriver/regexache"
"github.com/aws/aws-sdk-go-v2/aws"

Check failure on line 41 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

"github.com/aws/aws-sdk-go-v2/aws" imported and not used

Check failure on line 41 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

"github.com/aws/aws-sdk-go-v2/aws" imported and not used

Check failure on line 41 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

"github.com/aws/aws-sdk-go-v2/aws" imported and not used
"github.com/aws/aws-sdk-go-v2/service/ssoadmin"
"github.com/aws/aws-sdk-go-v2/service/ssoadmin/types"

Check failure on line 43 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

"github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" imported and not used

Check failure on line 43 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

"github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" imported and not used

Check failure on line 43 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

"github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" imported and not used
"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr"

Check failure on line 44 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" imported and not used

Check failure on line 44 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" imported and not used

Check failure on line 44 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

"github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" imported and not used
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
"github.com/hashicorp/terraform-plugin-testing/helper/resource"
"github.com/hashicorp/terraform-plugin-testing/terraform"
"github.com/hashicorp/terraform-provider-aws/internal/acctest"
"github.com/hashicorp/terraform-provider-aws/internal/conns"
"github.com/hashicorp/terraform-provider-aws/internal/create"

// TIP: You will often need to import the package that this test file lives
// in. Since it is in the "test" context, it must import the package to use
// any normal context constants, variables, or functions.
tfssoadmin "github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin"
"github.com/hashicorp/terraform-provider-aws/names"
)

// TIP: File Structure. The basic outline for all test files should be as
// follows. Improve this data source's maintainability by following this
// outline.
//
// 1. Package declaration (add "_test" since this is a test file)
// 2. Imports
// 3. Unit tests
// 4. Basic test
// 5. Disappears test
// 6. All the other tests
// 7. Helper functions (exists, destroy, check, etc.)
// 8. Functions that return Terraform configurations

// TIP: ==== UNIT TESTS ====
// This is an example of a unit test. Its name is not prefixed with
// "TestAcc" like an acceptance test.
//
// Unlike acceptance tests, unit tests do not access AWS and are focused on a
// function (or method). Because of this, they are quick and cheap to run.
//
// In designing a data source's implementation, isolate complex bits from AWS bits
// so that they can be tested through a unit test. We encourage more unit tests
// in the provider.
//
// Cut and dry functions using well-used patterns, like typical flatteners and
// expanders, don't need unit testing. However, if they are complex or
// intricate, they should be unit tested.
func TestPermissionSetsExampleUnitTest(t *testing.T) {
t.Parallel()

testCases := []struct {
TestName string
Input string
Expected string
Error bool
}{
{
TestName: "empty",
Input: "",
Expected: "",
Error: true,
},
{
TestName: "descriptive name",
Input: "some input",
Expected: "some output",
Error: false,
},
{
TestName: "another descriptive name",
Input: "more input",
Expected: "more output",
Error: false,
},
}

for _, testCase := range testCases {
testCase := testCase
t.Run(testCase.TestName, func(t *testing.T) {
t.Parallel()
got, err := tfssoadmin.FunctionFromDataSource(testCase.Input)

Check failure on line 120 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

undefined: tfssoadmin.FunctionFromDataSource

Check failure on line 120 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

undefined: tfssoadmin.FunctionFromDataSource

Check failure on line 120 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

undefined: tfssoadmin.FunctionFromDataSource

if err != nil && !testCase.Error {
t.Errorf("got error (%s), expected no error", err)
}

if err == nil && testCase.Error {
t.Errorf("got (%s) and no error, expected error", got)
}

if got != testCase.Expected {
t.Errorf("got %s, expected %s", got, testCase.Expected)
}
})
}
}

// TIP: ==== ACCEPTANCE TESTS ====
// This is an example of a basic acceptance test. This should test as much of
// standard functionality of the data source as possible, and test importing, if
// applicable. We prefix its name with "TestAcc", the service, and the
// data source name.
//
// Acceptance test access AWS and cost money to run.
func TestAccSSOAdminPermissionSetsDataSource_basic(t *testing.T) {
ctx := acctest.Context(t)
// TIP: This is a long-running test guard for tests that run longer than
// 300s (5 min) generally.
if testing.Short() {
t.Skip("skipping long-running test in short mode")
}

var permissionsets ssoadmin.DescribePermissionSetsResponse

Check failure on line 152 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

undefined: ssoadmin.DescribePermissionSetsResponse

Check failure on line 152 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

undefined: ssoadmin.DescribePermissionSetsResponse

Check failure on line 152 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

undefined: ssoadmin.DescribePermissionSetsResponse
rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
dataSourceName := "data.aws_ssoadmin_permission_sets.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() {
acctest.PreCheck(ctx, t)
acctest.PreCheckPartitionHasService(t, names.SSOAdminEndpointID)
testAccPreCheck(ctx, t)

Check failure on line 160 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

undefined: testAccPreCheck

Check failure on line 160 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

undefined: testAccPreCheck

Check failure on line 160 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

undefined: testAccPreCheck
},
ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminServiceID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckPermissionSetsDestroy(ctx),

Check failure on line 164 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

undefined: testAccCheckPermissionSetsDestroy

Check failure on line 164 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

undefined: testAccCheckPermissionSetsDestroy

Check failure on line 164 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

undefined: testAccCheckPermissionSetsDestroy
Steps: []resource.TestStep{
{
Config: testAccPermissionSetsDataSourceConfig_basic(rName),

Check failure on line 167 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

not enough arguments in call to testAccPermissionSetsDataSourceConfig_basic

Check failure on line 167 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

not enough arguments in call to testAccPermissionSetsDataSourceConfig_basic

Check failure on line 167 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

not enough arguments in call to testAccPermissionSetsDataSourceConfig_basic
Check: resource.ComposeTestCheckFunc(
testAccCheckPermissionSetsExists(ctx, dataSourceName, &permissionsets),

Check failure on line 169 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / providerlint

undefined: testAccCheckPermissionSetsExists

Check failure on line 169 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / go test

undefined: testAccCheckPermissionSetsExists

Check failure on line 169 in internal/service/ssoadmin/permission_sets_data_source_test.go

GitHub Actions / 2 of 2

undefined: testAccCheckPermissionSetsExists
resource.TestCheckResourceAttr(dataSourceName, "auto_minor_version_upgrade", "false"),
resource.TestCheckResourceAttrSet(dataSourceName, "maintenance_window_start_time.0.day_of_week"),
resource.TestCheckTypeSetElemNestedAttrs(dataSourceName, "user.*", map[string]string{
"console_access": "false",
"groups.#": "0",
"username": "Test",
"password": "TestTest1234",
}),
acctest.MatchResourceAttrRegionalARN(dataSourceName, "arn", "ssoadmin", regexache.MustCompile(`permissionsets:+.`)),
),
},
},
})
}

func testAccPermissionSetsDataSourceConfig_basic(rName, version string) string {
return fmt.Sprintf(`
data "aws_security_group" "test" {
name = %[1]q
}

data "aws_ssoadmin_permission_sets" "test" {
permission_sets_name = %[1]q
engine_type = "ActiveSSOAdmin"
engine_version = %[2]q
host_instance_type = "ssoadmin.t2.micro"
security_groups = [aws_security_group.test.id]
authentication_strategy = "simple"
storage_type = "efs"

logs {
general = true
}

user {
username = "Test"
password = "TestTest1234"
}
}
`, rName, version)
}
4 changes: 4 additions & 0 deletions internal/service/ssoadmin/service_package_gen.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

43 changes: 43 additions & 0 deletions website/docs/d/ssoadmin_permission_sets.html.markdown
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
---
subcategory: "SSO Admin"
layout: "aws"
page_title: "AWS: aws_ssoadmin_permission_sets"
description: |-
Terraform data source returning the ARN of all AWS SSO Admin Permission Sets.
---
<!---
TIP: A few guiding principles for writing documentation:
1. Use simple language while avoiding jargon and figures of speech.
2. Focus on brevity and clarity to keep a reader's attention.
3. Use active voice and present tense whenever you can.
4. Document your feature as it exists now; do not mention the future or past if you can help it.
5. Use accessible and inclusive language.
--->

# Data Source: aws_ssoadmin_permission_sets

Terraform data source returning the ARN of all AWS SSO Admin Permission Sets.

## Example Usage

### Basic Usage

```terraform
data "aws_ssoadmin_instances" "example" {}

data "aws_ssoadmin_permission_sets" "example" {
instance_arn = tolist(data.aws_ssoadmin_instances.example.arns)[0]
}
```

## Argument Reference

The following arguments are required:

* `instance_arn` - (Required) ARN of the SSO Instance associated with the permission set.

## Attribute Reference

This data source exports the following attributes in addition to the arguments above:

* `arns` - Set of string contain the ARN of all Permission Sets.