Add EIM resources/data_sources and tests

outscale · Dec 10, 2024 · 2a24bb4 · 2a24bb4
1 parent 75b2c02
commit 2a24bb4
Show file tree

Hide file tree

Showing 48 changed files with 3,422 additions and 149 deletions.
diff --git a/outscale/data_source_managed_policies_linked_to_user_group_test.go b/outscale/data_source_managed_policies_linked_to_user_group_test.go
@@ -0,0 +1,61 @@
+package outscale
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccOthers_policiesLinkedToGroup_basic(t *testing.T) {
+	t.Parallel()
+	resourceName := "data.outscale_managed_policies_linked_to_user_group.dataPoliciesLinkedToGroup"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataPoliciesLinkedGroupConfig,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrSet(resourceName, "policies.#"),
+				),
+			},
+		},
+	})
+}
+
+const testAccDataPoliciesLinkedGroupConfig = `
+resource "outscale_user_group" "groupPolicies01" {
+    user_group_name = "userGroupName"
+    path      = "/GroupPolicies/"
+    policy {
+	   policy_orn = outscale_policy.GpolicyLinked_01.orn
+	}
+	policy {
+	   policy_orn = outscale_policy.GpolicyLinked_02.orn
+	}
+}
+
+resource "outscale_policy" "GpolicyLinked_01" {
+   description = "Example Linked to group"
+   document    = "{\"Statement\": [ {\"Effect\": \"Allow\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}"
+   path        = "/Allow_test/"
+   policy_name = "policiesLinkedToGroup"
+}
+resource "outscale_policy" "GpolicyLinked_02" {
+   description = "Example Linked policy to group"
+   document    = "{\"Statement\": [ {\"Effect\": \"Deny\", \"Action\": [\"*\"], \"Resource\": [\"*\"]} ]}"
+   path        = "/OkhtTest/"
+   policy_name = "policyGroupStopAll"
+}
+data "outscale_managed_policies_linked_to_user_group" "dataPoliciesLinkedToGroup" {
+    filter {
+       name   = "path_prefix"
+       values = [outscale_user_group.groupPolicies01.path]
+    }
+    filter {
+       name   = "user_group_ids"
+       values = [outscale_user_group.groupPolicies01.user_group_id]
+    }
+	user_group_name = outscale_user_group.groupPolicies01.user_group_name
+}`
diff --git a/outscale/data_source_outscale_access_key.go b/outscale/data_source_outscale_access_key.go
@@ -19,6 +19,10 @@ func DataSourceOutscaleAccessKey() *schema.Resource {
 		Read: DataSourceOutscaleAccessKeyRead,
 		Schema: map[string]*schema.Schema{
 			"filter": dataSourceFiltersSchema(),
+			"user_name": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
 			"access_key_id": {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -54,12 +58,14 @@ func DataSourceOutscaleAccessKeyRead(d *schema.ResourceData, meta interface{}) e
 	filters, filtersOk := d.GetOk("filter")
 	accessKeyID, accessKeyOk := d.GetOk("access_key_id")
 	state, stateOk := d.GetOk("state")
+	userName, userNameOk := d.GetOk("user_name")
 
-	if !filtersOk && !accessKeyOk && !stateOk {
-		return fmt.Errorf("One of filters, access_key_id or state must be assigned")
+	if !filtersOk && !accessKeyOk && !stateOk && !userNameOk {
+		return fmt.Errorf("one of filters: access_key_id, state or user_name must be assigned")
 	}
 
 	filterReq := &oscgo.FiltersAccessKeys{}
+
 	if filtersOk {
 		filterReq = buildOutscaleDataSourceAccessKeyFilters(filters.(*schema.Set))
 	}
@@ -69,11 +75,15 @@ func DataSourceOutscaleAccessKeyRead(d *schema.ResourceData, meta interface{}) e
 	if stateOk {
 		filterReq.SetStates([]string{state.(string)})
 	}
-
+	req := oscgo.ReadAccessKeysRequest{}
+	req.SetFilters(*filterReq)
+	if userNameOk {
+		req.SetUserName(userName.(string))
+	}
 	var resp oscgo.ReadAccessKeysResponse
-	var err error
-	err = resource.Retry(5*time.Minute, func() *resource.RetryError {
-		rp, httpResp, err := conn.AccessKeyApi.ReadAccessKeys(context.Background()).ReadAccessKeysRequest(oscgo.ReadAccessKeysRequest{Filters: filterReq}).Execute()
+
+	err := resource.Retry(5*time.Minute, func() *resource.RetryError {
+		rp, httpResp, err := conn.AccessKeyApi.ReadAccessKeys(context.Background()).ReadAccessKeysRequest(req).Execute()
 		if err != nil {
 			return utils.CheckThrottling(httpResp, err)
 		}
@@ -85,7 +95,7 @@ func DataSourceOutscaleAccessKeyRead(d *schema.ResourceData, meta interface{}) e
 	}
 
 	if len(resp.GetAccessKeys()) == 0 {
-		return fmt.Errorf("Unable to find Access Key")
+		return fmt.Errorf("unable to find Access Key")
 	}
 
 	if len(resp.GetAccessKeys()) > 1 {

diff --git a/outscale/data_source_outscale_access_keys.go b/outscale/data_source_outscale_access_keys.go
@@ -31,6 +31,10 @@ func DataSourceOutscaleAccessKeys() *schema.Resource {
 					ValidateFunc: validation.StringInSlice([]string{"ACTIVE", "INACTIVE"}, false),
 				},
 			},
+			"user_name": {
+				Type:     schema.TypeString,
+				Optional: true,
+			},
 			"access_keys": {
 				Type:     schema.TypeList,
 				Computed: true,
@@ -73,12 +77,8 @@ func DataSourceOutscaleAccessKeysRead(d *schema.ResourceData, meta interface{})
 	filters, filtersOk := d.GetOk("filter")
 	accessKeyID, accessKeyOk := d.GetOk("access_key_ids")
 	state, stateOk := d.GetOk("states")
-
-	if !filtersOk && !accessKeyOk && !stateOk {
-		return fmt.Errorf("One of filters, access_key_ids or states must be assigned")
-	}
-
 	filterReq := &oscgo.FiltersAccessKeys{}
+
 	if filtersOk {
 		filterReq = buildOutscaleDataSourceAccessKeyFilters(filters.(*schema.Set))
 	}
@@ -88,13 +88,16 @@ func DataSourceOutscaleAccessKeysRead(d *schema.ResourceData, meta interface{})
 	if stateOk {
 		filterReq.SetStates(utils.InterfaceSliceToStringSlice(state.([]interface{})))
 	}
+	req := oscgo.ReadAccessKeysRequest{
+		Filters: filterReq,
+	}
 
+	if userName := d.Get("user_name").(string); userName != "" {
+		req.SetUserName(userName)
+	}
 	var resp oscgo.ReadAccessKeysResponse
-	var err error
-	err = resource.Retry(5*time.Minute, func() *resource.RetryError {
-		rp, httpResp, err := conn.AccessKeyApi.ReadAccessKeys(context.Background()).ReadAccessKeysRequest(oscgo.ReadAccessKeysRequest{
-			Filters: filterReq,
-		}).Execute()
+	err := resource.Retry(5*time.Minute, func() *resource.RetryError {
+		rp, httpResp, err := conn.AccessKeyApi.ReadAccessKeys(context.Background()).ReadAccessKeysRequest(req).Execute()
 		if err != nil {
 			return utils.CheckThrottling(httpResp, err)
 		}
@@ -106,7 +109,7 @@ func DataSourceOutscaleAccessKeysRead(d *schema.ResourceData, meta interface{})
 	}
 
 	if len(resp.GetAccessKeys()) == 0 {
-		return fmt.Errorf("Unable to find Access Keys")
+		return fmt.Errorf("unable to find Access Keys")
 	}
 
 	if err := d.Set("access_keys", flattenAccessKeys(resp.GetAccessKeys())); err != nil {

diff --git a/outscale/data_source_outscale_entities_linked_to_policy.go b/outscale/data_source_outscale_entities_linked_to_policy.go
@@ -0,0 +1,164 @@
+package outscale
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	oscgo "github.com/outscale/osc-sdk-go/v2"
+	"github.com/outscale/terraform-provider-outscale/utils"
+)
+
+func DataSourceEntitiesLinkedToPolicy() *schema.Resource {
+	return &schema.Resource{
+		Read: DataSourceEntitiesLinkedToPoliciesRead,
+		Schema: map[string]*schema.Schema{
+			"policy_orn": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"entities_type": {
+				Type:     schema.TypeSet,
+				Optional: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"policy_entities": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"users": {
+							Type:     schema.TypeSet,
+							Computed: true,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"id": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"name": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"orn": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+								},
+							},
+						},
+						"groups": {
+							Type:     schema.TypeSet,
+							Computed: true,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"id": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"name": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"orn": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+								},
+							},
+						},
+						"accounts": {
+							Type:     schema.TypeSet,
+							Computed: true,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"id": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"name": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"orn": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func DataSourceEntitiesLinkedToPoliciesRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*OutscaleClient).OSCAPI
+	orn := d.Get("policy_orn").(string)
+	req := oscgo.ReadEntitiesLinkedToPolicyRequest{PolicyOrn: &orn}
+	if entities := utils.SetToStringSlice(d.Get("entities_type").(*schema.Set)); len(entities) > 0 {
+		req.SetEntitiesType(entities)
+	}
+
+	var resp oscgo.ReadEntitiesLinkedToPolicyResponse
+	err := resource.Retry(2*time.Minute, func() *resource.RetryError {
+		rp, httpResp, err := conn.PolicyApi.ReadEntitiesLinkedToPolicy(context.Background()).ReadEntitiesLinkedToPolicyRequest(req).Execute()
+		if err != nil {
+			return utils.CheckThrottling(httpResp, err)
+		}
+		resp = rp
+		return nil
+	})
+
+	if err != nil {
+		return err
+	}
+	entities, ok := resp.GetPolicyEntitiesOk()
+	if !ok {
+		return fmt.Errorf("unable to find Entities linked to policy")
+	}
+	d.SetId(resource.UniqueId())
+
+	users := make([]map[string]interface{}, len(entities.GetUsers()))
+	groups := make([]map[string]interface{}, len(entities.GetGroups()))
+	accounts := make([]map[string]interface{}, len(entities.GetAccounts()))
+	if respUsers, ok := entities.GetUsersOk(); ok {
+		for i, v := range *respUsers {
+			user := make(map[string]interface{})
+			user["id"] = v.GetId()
+			user["name"] = v.GetName()
+			user["orn"] = v.GetOrn()
+			users[i] = user
+		}
+	}
+	if respGroups, ok := entities.GetGroupsOk(); ok {
+		for i, v := range *respGroups {
+			group := make(map[string]interface{})
+			group["name"] = v.GetName()
+			group["id"] = v.GetId()
+			group["orn"] = v.GetOrn()
+			groups[i] = group
+		}
+	}
+	if respAccounts, ok := entities.GetAccountsOk(); ok {
+		for i, v := range *respAccounts {
+			account := make(map[string]interface{})
+			account["name"] = v.GetName()
+			account["id"] = v.GetId()
+			account["orn"] = v.GetOrn()
+			accounts[i] = account
+		}
+	}
+
+	return d.Set("policy_entities", []map[string]interface{}{{
+		"users":    users,
+		"groups":   groups,
+		"accounts": accounts,
+	}})
+}