Rename authenticate_as_iam_user to authenticate_as_iam_role

cyral/internal/repository/model.go

@@ -42,7 +42,7 @@ type MongoDBSettings struct {
 type RedshiftSettings struct {
 	ClusterIdentifier string `json:"clusterIdentifier,omitempty"`
 	WorkgroupName     string `json:"workgroupName,omitempty"`
-	AwsRegion         string `json:"awsRegion,omitempty"`
+	AWSRegion         string `json:"awsRegion,omitempty"`
 }
 
 type RepoNode struct {
@@ -183,7 +183,7 @@ func (r *RedshiftSettings) AsInterface() []interface{} {
 	return []interface{}{map[string]interface{}{
 		RepoRedshiftClusterIdentifier: r.ClusterIdentifier,
 		RepoRedshiftWorkgroupName:     r.WorkgroupName,
-		RepoRedshiftAWSRegion:         r.AwsRegion,
+		RepoRedshiftAWSRegion:         r.AWSRegion,
 	}}
 }
 
@@ -212,7 +212,7 @@ func redshiftSettingsFromInterface(i []interface{}) (*RedshiftSettings, error) {
 	return &RedshiftSettings{
 		ClusterIdentifier: clusterIdentifier,
 		WorkgroupName:     workgroupName,
-		AwsRegion:         awsRegion,
+		AWSRegion:         awsRegion,
 	}, nil
 }
 

cyral/internal/repository/resource_test.go

@@ -152,7 +152,7 @@ var (
 		},
 		RedshiftSettings: &repository.RedshiftSettings{
 			ClusterIdentifier: "myCluster",
-			AwsRegion:         "us-east-1",
+			AWSRegion:         "us-east-1",
 		},
 	}
 )
@@ -286,7 +286,7 @@ func repoCheckFuctions(repo repository.RepoInfo, resName string) resource.TestCh
 			),
 			resource.TestCheckResourceAttr(resourceFullName,
 				"redshift_settings.0.aws_region",
-				repo.RedshiftSettings.AwsRegion,
+				repo.RedshiftSettings.AWSRegion,
 			),
 		}...)
 	}
@@ -355,8 +355,8 @@ func repoAsConfig(repo repository.RepoInfo, resName string) string {
 			workgroupName = fmt.Sprintf(`"%s"`, repo.RedshiftSettings.WorkgroupName)
 		}
 
-		if repo.RedshiftSettings.AwsRegion != "" {
-			awsRegion = fmt.Sprintf(`"%s"`, repo.RedshiftSettings.AwsRegion)
+		if repo.RedshiftSettings.AWSRegion != "" {
+			awsRegion = fmt.Sprintf(`"%s"`, repo.RedshiftSettings.AWSRegion)
 		}
 
 		config += fmt.Sprintf(`

cyral/internal/repository/useraccount/model.go

@@ -21,7 +21,7 @@ type AuthScheme struct {
 
 type AuthSchemeAWSIAM struct {
 	RoleARN               string `json:"roleARN,omitempty"`
-	AuthenticateAsIAMUser bool   `json:"authenticateAsIAMUser,omitempty"`
+	AuthenticateAsIAMRole bool   `json:"authenticateAsIAMRole,omitempty"`
 }
 
 type AuthSchemeAWSSecretsManager struct {
@@ -120,7 +120,7 @@ func (resource *UserAccountResource) WriteToSchema(d *schema.ResourceData) error
 				"aws_iam": []interface{}{
 					map[string]interface{}{
 						"role_arn":                 resource.AuthScheme.AWSIAM.RoleARN,
-						"authenticate_as_iam_user": resource.AuthScheme.AWSIAM.AuthenticateAsIAMUser,
+						"authenticate_as_iam_role": resource.AuthScheme.AWSIAM.AuthenticateAsIAMRole,
 					},
 				},
 			},
@@ -262,7 +262,7 @@ func (userAccount *UserAccountResource) ReadFromSchema(d *schema.ResourceData) e
 			userAccount.AuthScheme = &AuthScheme{
 				AWSIAM: &AuthSchemeAWSIAM{
 					RoleARN:               m["role_arn"].(string),
-					AuthenticateAsIAMUser: m["authenticate_as_iam_user"].(bool),
+					AuthenticateAsIAMRole: m["authenticate_as_iam_role"].(bool),
 				},
 			}
 		case "aws_secrets_manager":

cyral/internal/repository/useraccount/resource.go

@@ -212,10 +212,10 @@ func resourceSchema() *schema.Resource {
 										Type:        schema.TypeString,
 										Required:    true,
 									},
-									"authenticate_as_iam_user": {
-										Description: "Boolean flag which indicates whether to access as an IAM " +
-											"user or IAM role on the Redshift cluster. By default, this is false, " +
-											"which means this governs access for a user.",
+									"authenticate_as_iam_role": {
+										Description: "Indicates whether to access as an AWS IAM role " +
+											"or a native database user. The default (false) value means that " +
+											"login will use a native database user.",
 										Type:     schema.TypeBool,
 										Optional: true,
 									},

cyral/internal/repository/useraccount/resource_test.go

@@ -98,7 +98,7 @@ func TestAccRepositoryUserAccountResource(t *testing.T) {
 		AuthScheme: &useraccount.AuthScheme{
 			AWSIAM: &useraccount.AuthSchemeAWSIAM{
 				RoleARN:               "role-arn-1",
-				AuthenticateAsIAMUser: true,
+				AuthenticateAsIAMRole: true,
 			},
 		},
 	}
@@ -289,8 +289,8 @@ func setupRepositoryUserAccountCheck(resName string, userAccount useraccount.Use
 				authSchemeScope+"aws_iam.0.role_arn",
 				authScheme.AWSIAM.RoleARN),
 			resource.TestCheckResourceAttr(resFullName,
-				authSchemeScope+"aws_iam.0.authenticate_as_iam_user",
-				strconv.FormatBool(authScheme.AWSIAM.AuthenticateAsIAMUser)),
+				authSchemeScope+"aws_iam.0.authenticate_as_iam_role",
+				strconv.FormatBool(authScheme.AWSIAM.AuthenticateAsIAMRole)),
 		)
 	case authScheme.AWSSecretsManager != nil:
 		checkFuncs = append(checkFuncs,
@@ -353,10 +353,10 @@ func setupRepositoryUserAccountConfig(resName string, userAccount useraccount.Us
 		authSchemeStr = fmt.Sprintf(`
 			aws_iam {
 				role_arn = "%s"
-				authenticate_as_iam_user = %t
+				authenticate_as_iam_role = %t
 			}`,
 			authScheme.AWSIAM.RoleARN,
-			authScheme.AWSIAM.AuthenticateAsIAMUser)
+			authScheme.AWSIAM.AuthenticateAsIAMRole)
 	case authScheme.AWSSecretsManager != nil:
 		authSchemeStr = fmt.Sprintf(`
 			aws_secrets_manager {

docs/resources/repository_user_account.md

@@ -161,7 +161,7 @@ Required:
 
 Optional:
 
--   `authenticate_as_iam_user` (Boolean) Boolean flag which indicates whether to access as an IAM user or IAM role on the Redshift cluster. By default, this is false, which means this governs access for a user.
+-   `authenticate_as_iam_role` (Boolean) Indicates whether to access as an AWS IAM role or a native database user. The default (false) value means that login will use a native database user.
 
 <a id="nestedblock--auth_scheme--aws_secrets_manager"></a>