Skip to content

Commit

Permalink
Add EIM resources/data_sources and tests
Browse files Browse the repository at this point in the history
  • Loading branch information
outscale-toa committed Dec 9, 2024
1 parent 75b2c02 commit 1da16d3
Show file tree
Hide file tree
Showing 49 changed files with 3,388 additions and 145 deletions.
61 changes: 61 additions & 0 deletions outscale/data_source_managed_policies_linked_to_user_group_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
package outscale

import (
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
)

func TestAccOthers_policiesLinkedToGroup_basic(t *testing.T) {
t.Parallel()
resourceName := "data.outscale_managed_policies_linked_to_user_group.dataPoliciesLinkedToGroup"

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testAccDataPoliciesLinkedGroupConfig,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet(resourceName, "policies.#"),
),
},
},
})
}

const testAccDataPoliciesLinkedGroupConfig = `
resource "outscale_user_group" "groupPolicies01" {
user_group_name = "userGroupName"
path = "/GroupPolicies/"
policy {
policy_orn = outscale_policy.GpolicyLinked_01.orn
}
policy {
policy_orn = outscale_policy.GpolicyLinked_02.orn
}
}
resource "outscale_policy" "GpolicyLinked_01" {
description = "Example Linked to group"
document = "{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}"
path = "/Allow_test/"
policy_name = "policiesLinkedToGroup"
}
resource "outscale_policy" "GpolicyLinked_02" {
description = "Example Linked policy to group"
document = "{\"Statement\": [ {\"Effect\": \"Deny\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}"
path = "/OkhtTest/"
policy_name = "policyGroupStopAll"
}
data "outscale_managed_policies_linked_to_user_group" "dataPoliciesLinkedToGroup" {
filter {
name = "path_prefix"
values = [outscale_user_group.groupPolicies01.path]
}
filter {
name = "user_group_ids"
values = [outscale_user_group.groupPolicies01.user_group_id]
}
user_group_name = outscale_user_group.groupPolicies01.user_group_name
}`
21 changes: 15 additions & 6 deletions outscale/data_source_outscale_access_key.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,10 @@ func DataSourceOutscaleAccessKey() *schema.Resource {
Read: DataSourceOutscaleAccessKeyRead,
Schema: map[string]*schema.Schema{
"filter": dataSourceFiltersSchema(),
"user_name": {
Type: schema.TypeString,
Optional: true,
},
"access_key_id": {
Type: schema.TypeString,
Optional: true,
Expand Down Expand Up @@ -56,10 +60,11 @@ func DataSourceOutscaleAccessKeyRead(d *schema.ResourceData, meta interface{}) e
state, stateOk := d.GetOk("state")

if !filtersOk && !accessKeyOk && !stateOk {
return fmt.Errorf("One of filters, access_key_id or state must be assigned")
return fmt.Errorf("one of filters, access_key_id or state must be assigned")
}

filterReq := &oscgo.FiltersAccessKeys{}

if filtersOk {
filterReq = buildOutscaleDataSourceAccessKeyFilters(filters.(*schema.Set))
}
Expand All @@ -69,11 +74,15 @@ func DataSourceOutscaleAccessKeyRead(d *schema.ResourceData, meta interface{}) e
if stateOk {
filterReq.SetStates([]string{state.(string)})
}

req := oscgo.ReadAccessKeysRequest{}
req.SetFilters(*filterReq)
if userName := d.Get("user_name").(string); userName != "" {
req.SetUserName(userName)
}
var resp oscgo.ReadAccessKeysResponse
var err error
err = resource.Retry(5*time.Minute, func() *resource.RetryError {
rp, httpResp, err := conn.AccessKeyApi.ReadAccessKeys(context.Background()).ReadAccessKeysRequest(oscgo.ReadAccessKeysRequest{Filters: filterReq}).Execute()

err := resource.Retry(5*time.Minute, func() *resource.RetryError {
rp, httpResp, err := conn.AccessKeyApi.ReadAccessKeys(context.Background()).ReadAccessKeysRequest(req).Execute()
if err != nil {
return utils.CheckThrottling(httpResp, err)
}
Expand All @@ -85,7 +94,7 @@ func DataSourceOutscaleAccessKeyRead(d *schema.ResourceData, meta interface{}) e
}

if len(resp.GetAccessKeys()) == 0 {
return fmt.Errorf("Unable to find Access Key")
return fmt.Errorf("unable to find Access Key")
}

if len(resp.GetAccessKeys()) > 1 {
Expand Down
21 changes: 14 additions & 7 deletions outscale/data_source_outscale_access_keys.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,10 @@ func DataSourceOutscaleAccessKeys() *schema.Resource {
ValidateFunc: validation.StringInSlice([]string{"ACTIVE", "INACTIVE"}, false),
},
},
"user_name": {
Type: schema.TypeString,
Optional: true,
},
"access_keys": {
Type: schema.TypeList,
Computed: true,
Expand Down Expand Up @@ -75,7 +79,7 @@ func DataSourceOutscaleAccessKeysRead(d *schema.ResourceData, meta interface{})
state, stateOk := d.GetOk("states")

if !filtersOk && !accessKeyOk && !stateOk {
return fmt.Errorf("One of filters, access_key_ids or states must be assigned")
return fmt.Errorf("one of filters, access_key_ids or states must be assigned")
}

filterReq := &oscgo.FiltersAccessKeys{}
Expand All @@ -88,13 +92,16 @@ func DataSourceOutscaleAccessKeysRead(d *schema.ResourceData, meta interface{})
if stateOk {
filterReq.SetStates(utils.InterfaceSliceToStringSlice(state.([]interface{})))
}
req := oscgo.ReadAccessKeysRequest{
Filters: filterReq,
}

if userName := d.Get("user_name").(string); userName != "" {
req.SetUserName(userName)
}
var resp oscgo.ReadAccessKeysResponse
var err error
err = resource.Retry(5*time.Minute, func() *resource.RetryError {
rp, httpResp, err := conn.AccessKeyApi.ReadAccessKeys(context.Background()).ReadAccessKeysRequest(oscgo.ReadAccessKeysRequest{
Filters: filterReq,
}).Execute()
err := resource.Retry(5*time.Minute, func() *resource.RetryError {
rp, httpResp, err := conn.AccessKeyApi.ReadAccessKeys(context.Background()).ReadAccessKeysRequest(req).Execute()
if err != nil {
return utils.CheckThrottling(httpResp, err)
}
Expand All @@ -106,7 +113,7 @@ func DataSourceOutscaleAccessKeysRead(d *schema.ResourceData, meta interface{})
}

if len(resp.GetAccessKeys()) == 0 {
return fmt.Errorf("Unable to find Access Keys")
return fmt.Errorf("unable to find Access Keys")
}

if err := d.Set("access_keys", flattenAccessKeys(resp.GetAccessKeys())); err != nil {
Expand Down
163 changes: 163 additions & 0 deletions outscale/data_source_outscale_entities_linked_to_policy.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,163 @@
package outscale

import (
"context"
"fmt"
"time"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
oscgo "github.com/outscale/osc-sdk-go/v2"
"github.com/outscale/terraform-provider-outscale/utils"
)

func DataSourceEntitiesLinkedToPolicy() *schema.Resource {
return &schema.Resource{
Read: DataSourceEntitiesLinkedToPoliciesRead,
Schema: map[string]*schema.Schema{
"policy_orn": {
Type: schema.TypeString,
Required: true,
},
"entities_type": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{"USER", "GROUP", "ACCOUNT"}, false),
},
"policy_entities": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"users": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeString,
Computed: true,
},
"name": {
Type: schema.TypeString,
Computed: true,
},
"orn": {
Type: schema.TypeString,
Computed: true,
},
},
},
},
"groups": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeString,
Computed: true,
},
"name": {
Type: schema.TypeString,
Computed: true,
},
"orn": {
Type: schema.TypeString,
Computed: true,
},
},
},
},
"accounts": {
Type: schema.TypeSet,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeString,
Computed: true,
},
"name": {
Type: schema.TypeString,
Computed: true,
},
"orn": {
Type: schema.TypeString,
Computed: true,
},
},
},
},
},
},
},
},
}
}

func DataSourceEntitiesLinkedToPoliciesRead(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*OutscaleClient).OSCAPI
orn := d.Get("policy_orn").(string)
req := oscgo.ReadEntitiesLinkedToPolicyRequest{PolicyOrn: &orn}
if entity := d.Get("entities_type").(string); entity != "" {
req.SetEntitiesType([]string{entity})
}

var resp oscgo.ReadEntitiesLinkedToPolicyResponse
err := resource.Retry(2*time.Minute, func() *resource.RetryError {
rp, httpResp, err := conn.PolicyApi.ReadEntitiesLinkedToPolicy(context.Background()).ReadEntitiesLinkedToPolicyRequest(req).Execute()
if err != nil {
return utils.CheckThrottling(httpResp, err)
}
resp = rp
return nil
})

if err != nil {
return err
}
entities, ok := resp.GetPolicyEntitiesOk()
if !ok {
return fmt.Errorf("unable to find Entities linked to policy")
}
d.SetId(resource.UniqueId())

users := make([]map[string]interface{}, len(entities.GetUsers()))
groups := make([]map[string]interface{}, len(entities.GetGroups()))
accounts := make([]map[string]interface{}, len(entities.GetAccounts()))
if respUsers, ok := entities.GetUsersOk(); ok {
for i, v := range *respUsers {
user := make(map[string]interface{})
user["id"] = v.GetId()
user["name"] = v.GetName()
user["orn"] = v.GetOrn()
users[i] = user
}
}
if respGroups, ok := entities.GetGroupsOk(); ok {
for i, v := range *respGroups {
group := make(map[string]interface{})
group["name"] = v.GetName()
group["id"] = v.GetId()
group["orn"] = v.GetOrn()
groups[i] = group
}
}
if respAccounts, ok := entities.GetAccountsOk(); ok {
for i, v := range *respAccounts {
account := make(map[string]interface{})
account["name"] = v.GetName()
account["id"] = v.GetId()
account["orn"] = v.GetOrn()
accounts[i] = account
}
}

return d.Set("policy_entities", []map[string]interface{}{{
"users": users,
"groups": groups,
"accounts": accounts,
}})
}
64 changes: 64 additions & 0 deletions outscale/data_source_outscale_entities_linked_to_policy_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
package outscale

import (
"testing"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
)

func TestAccOthers_entities_linked_to_policy_basic(t *testing.T) {
t.Parallel()
resourceName := "data.outscale_entities_linked_to_policy.entitiesLinked"

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testAccDataEntitiesLinkedConfig,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttrSet(resourceName, "policy_entities.#"),
),
},
},
})
}

const testAccDataEntitiesLinkedConfig = `
resource "outscale_user" "user_01" {
user_name = "userLedGroup"
path = "/linkedUser/"
policy {
policy_orn = outscale_policy.policyEntities_01.orn
}
}
resource "outscale_user_group" "uGroupLinked" {
user_group_name = "GLinkedTestACC"
path = "/"
user {
user_name = outscale_user.user_01.user_name
path = "/linkedUser/"
}
policy {
policy_orn = outscale_policy.policyEntities_01.orn
}
depends_on = [outscale_user.user_01]
}
resource "outscale_user_group" "GroupLinkedPolicy" {
user_group_name = "GroupPolicyTestAcc"
path = "/TestPath/"
policy {
policy_orn = outscale_policy.policyEntities_01.orn
}
}
resource "outscale_policy" "policyEntities_01" {
description = "Example Entities Linked to policy"
document = "{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}"
path = "/Okht_test/"
policy_name = "policyEntitiesLinked"
}
data "outscale_entities_linked_to_policy" "entitiesLinked" {
policy_orn = outscale_policy.policyEntities_01.orn
depends_on = [outscale_user_group.uGroupLinked, outscale_user_group.GroupLinkedPolicy, outscale_user.user_01]
}`
Loading

0 comments on commit 1da16d3

Please sign in to comment.