diff --git a/cyral/internal/repository/model.go b/cyral/internal/repository/model.go index 89a17cd4..01fdf2f7 100644 --- a/cyral/internal/repository/model.go +++ b/cyral/internal/repository/model.go @@ -42,7 +42,7 @@ type MongoDBSettings struct { type RedshiftSettings struct { ClusterIdentifier string `json:"clusterIdentifier,omitempty"` WorkgroupName string `json:"workgroupName,omitempty"` - AwsRegion string `json:"awsRegion,omitempty"` + AWSRegion string `json:"awsRegion,omitempty"` } type RepoNode struct { @@ -183,7 +183,7 @@ func (r *RedshiftSettings) AsInterface() []interface{} { return []interface{}{map[string]interface{}{ RepoRedshiftClusterIdentifier: r.ClusterIdentifier, RepoRedshiftWorkgroupName: r.WorkgroupName, - RepoRedshiftAWSRegion: r.AwsRegion, + RepoRedshiftAWSRegion: r.AWSRegion, }} } @@ -212,7 +212,7 @@ func redshiftSettingsFromInterface(i []interface{}) (*RedshiftSettings, error) { return &RedshiftSettings{ ClusterIdentifier: clusterIdentifier, WorkgroupName: workgroupName, - AwsRegion: awsRegion, + AWSRegion: awsRegion, }, nil } diff --git a/cyral/internal/repository/resource_test.go b/cyral/internal/repository/resource_test.go index 5a27ef1a..c046cadc 100644 --- a/cyral/internal/repository/resource_test.go +++ b/cyral/internal/repository/resource_test.go @@ -152,7 +152,7 @@ var ( }, RedshiftSettings: &repository.RedshiftSettings{ ClusterIdentifier: "myCluster", - AwsRegion: "us-east-1", + AWSRegion: "us-east-1", }, } ) @@ -286,7 +286,7 @@ func repoCheckFuctions(repo repository.RepoInfo, resName string) resource.TestCh ), resource.TestCheckResourceAttr(resourceFullName, "redshift_settings.0.aws_region", - repo.RedshiftSettings.AwsRegion, + repo.RedshiftSettings.AWSRegion, ), }...) } @@ -355,8 +355,8 @@ func repoAsConfig(repo repository.RepoInfo, resName string) string { workgroupName = fmt.Sprintf(`"%s"`, repo.RedshiftSettings.WorkgroupName) } - if repo.RedshiftSettings.AwsRegion != "" { - awsRegion = fmt.Sprintf(`"%s"`, repo.RedshiftSettings.AwsRegion) + if repo.RedshiftSettings.AWSRegion != "" { + awsRegion = fmt.Sprintf(`"%s"`, repo.RedshiftSettings.AWSRegion) } config += fmt.Sprintf(` diff --git a/cyral/internal/repository/useraccount/model.go b/cyral/internal/repository/useraccount/model.go index 954c793d..1d6cfdb4 100644 --- a/cyral/internal/repository/useraccount/model.go +++ b/cyral/internal/repository/useraccount/model.go @@ -21,7 +21,7 @@ type AuthScheme struct { type AuthSchemeAWSIAM struct { RoleARN string `json:"roleARN,omitempty"` - AuthenticateAsIAMUser bool `json:"authenticateAsIAMUser,omitempty"` + AuthenticateAsIAMRole bool `json:"authenticateAsIAMRole,omitempty"` } type AuthSchemeAWSSecretsManager struct { @@ -120,7 +120,7 @@ func (resource *UserAccountResource) WriteToSchema(d *schema.ResourceData) error "aws_iam": []interface{}{ map[string]interface{}{ "role_arn": resource.AuthScheme.AWSIAM.RoleARN, - "authenticate_as_iam_user": resource.AuthScheme.AWSIAM.AuthenticateAsIAMUser, + "authenticate_as_iam_role": resource.AuthScheme.AWSIAM.AuthenticateAsIAMRole, }, }, }, @@ -262,7 +262,7 @@ func (userAccount *UserAccountResource) ReadFromSchema(d *schema.ResourceData) e userAccount.AuthScheme = &AuthScheme{ AWSIAM: &AuthSchemeAWSIAM{ RoleARN: m["role_arn"].(string), - AuthenticateAsIAMUser: m["authenticate_as_iam_user"].(bool), + AuthenticateAsIAMRole: m["authenticate_as_iam_role"].(bool), }, } case "aws_secrets_manager": diff --git a/cyral/internal/repository/useraccount/resource.go b/cyral/internal/repository/useraccount/resource.go index 6a538495..c8440fee 100644 --- a/cyral/internal/repository/useraccount/resource.go +++ b/cyral/internal/repository/useraccount/resource.go @@ -212,10 +212,10 @@ func resourceSchema() *schema.Resource { Type: schema.TypeString, Required: true, }, - "authenticate_as_iam_user": { - Description: "Boolean flag which indicates whether to access as an IAM " + - "user or IAM role on the Redshift cluster. By default, this is false, " + - "which means this governs access for a user.", + "authenticate_as_iam_role": { + Description: "Indicates whether to access as an AWS IAM role " + + "or a native database user. The default (false) value means that " + + "login will use a native database user.", Type: schema.TypeBool, Optional: true, }, diff --git a/cyral/internal/repository/useraccount/resource_test.go b/cyral/internal/repository/useraccount/resource_test.go index 2df8a32f..8aeb329c 100644 --- a/cyral/internal/repository/useraccount/resource_test.go +++ b/cyral/internal/repository/useraccount/resource_test.go @@ -98,7 +98,7 @@ func TestAccRepositoryUserAccountResource(t *testing.T) { AuthScheme: &useraccount.AuthScheme{ AWSIAM: &useraccount.AuthSchemeAWSIAM{ RoleARN: "role-arn-1", - AuthenticateAsIAMUser: true, + AuthenticateAsIAMRole: true, }, }, } @@ -289,8 +289,8 @@ func setupRepositoryUserAccountCheck(resName string, userAccount useraccount.Use authSchemeScope+"aws_iam.0.role_arn", authScheme.AWSIAM.RoleARN), resource.TestCheckResourceAttr(resFullName, - authSchemeScope+"aws_iam.0.authenticate_as_iam_user", - strconv.FormatBool(authScheme.AWSIAM.AuthenticateAsIAMUser)), + authSchemeScope+"aws_iam.0.authenticate_as_iam_role", + strconv.FormatBool(authScheme.AWSIAM.AuthenticateAsIAMRole)), ) case authScheme.AWSSecretsManager != nil: checkFuncs = append(checkFuncs, @@ -353,10 +353,10 @@ func setupRepositoryUserAccountConfig(resName string, userAccount useraccount.Us authSchemeStr = fmt.Sprintf(` aws_iam { role_arn = "%s" - authenticate_as_iam_user = %t + authenticate_as_iam_role = %t }`, authScheme.AWSIAM.RoleARN, - authScheme.AWSIAM.AuthenticateAsIAMUser) + authScheme.AWSIAM.AuthenticateAsIAMRole) case authScheme.AWSSecretsManager != nil: authSchemeStr = fmt.Sprintf(` aws_secrets_manager { diff --git a/docs/resources/repository_user_account.md b/docs/resources/repository_user_account.md index 5b540946..a852682f 100644 --- a/docs/resources/repository_user_account.md +++ b/docs/resources/repository_user_account.md @@ -161,7 +161,7 @@ Required: Optional: -- `authenticate_as_iam_user` (Boolean) Boolean flag which indicates whether to access as an IAM user or IAM role on the Redshift cluster. By default, this is false, which means this governs access for a user. +- `authenticate_as_iam_role` (Boolean) Indicates whether to access as an AWS IAM role or a native database user. The default (false) value means that login will use a native database user.