-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add members attribute to iam_group data source #7132
Add members attribute to iam_group data source #7132
Conversation
Hi @bflad is there anything blocking this from being merged/released? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @kterada0509 👋 Thanks so much for submitting this and apologies for the delayed review. Overall this is looking really good, just a few minor things below and we should be able to get this in. Please reach out if you have any questions or do not have time to implement these items.
aws/data_source_aws_iam_group.go
Outdated
@@ -58,6 +82,20 @@ func dataSourceAwsIAMGroupRead(d *schema.ResourceData, meta interface{}) error { | |||
d.Set("arn", group.Arn) | |||
d.Set("path", group.Path) | |||
d.Set("group_id", group.GroupId) | |||
d.Set("members", dataSourceUsersRead(resp.Users)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When using d.Set()
with aggregate types (TypeList, TypeSet, TypeMap), we should perform error checking to prevent issues where the code is not properly able to set the Terraform state. 👍
d.Set("members", dataSourceUsersRead(resp.Users)) | |
if err := d.Set("members", dataSourceUsersRead(resp.Users)); err != nil { | |
return fmt.Errorf("error setting members: %s", err) | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed
resource.TestCheckResourceAttrSet("data.aws_iam_group.test", "group_id"), | ||
resource.TestCheckResourceAttr("data.aws_iam_group.test", "path", "/"), | ||
resource.TestCheckResourceAttr("data.aws_iam_group.test", "group_name", groupName), | ||
resource.TestMatchResourceAttr("data.aws_iam_group.test", "arn", regexp.MustCompile("^arn:aws:iam::[0-9]{12}:group/"+groupName)), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can simplify this and allow this testing to work in multiple AWS partitions with the below:
resource.TestMatchResourceAttr("data.aws_iam_group.test", "arn", regexp.MustCompile("^arn:aws:iam::[0-9]{12}:group/"+groupName)), | |
testAccCheckResourceAttrGlobalARN("data.aws_iam_group.test", "arn", "iam", fmt.Sprintf("group/%s", groupName)), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed
resource.TestMatchResourceAttr("data.aws_iam_group.test", "arn", regexp.MustCompile("^arn:aws:iam::[0-9]{12}:group/"+groupName)), | ||
resource.TestCheckResourceAttr("data.aws_iam_group.test", "members.#", "1"), | ||
resource.TestCheckResourceAttrPair("data.aws_iam_group.test", "members.0.arn", "aws_iam_user.user", "arn"), | ||
resource.TestCheckResourceAttrSet("data.aws_iam_group.test", "members.0.user_id"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe this can be compared using the aws_iam_user
resource unique_id
attribute:
resource.TestCheckResourceAttrSet("data.aws_iam_group.test", "members.0.user_id"), | |
resource.TestCheckResourceAttrPair("data.aws_iam_group.test", "members.0.user_id", "aws_iam_user.user", "unique_id"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed
@@ -31,3 +31,15 @@ data "aws_iam_group" "example" { | |||
* `path` - The path to the group. | |||
|
|||
* `group_id` - The stable and unique string identifying the group. | |||
|
|||
* `members` - The member of group. See supported fields below. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With Terraform 0.12, our documentation wording for explaining types is a little more important. 😄 Could you please note that this is a list of objects? e.g.
* `members` - The member of group. See supported fields below. | |
* `members` - List of objects containing group member information. See supported fields below. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, i updated the docs
aws/data_source_aws_iam_group.go
Outdated
@@ -30,6 +30,30 @@ func dataSourceAwsIAMGroup() *schema.Resource { | |||
Type: schema.TypeString, | |||
Required: true, | |||
}, | |||
"members": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just noting here, that we may want to consider naming this attribute users
to match the API. 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, i fixed.
57c114f
to
a81380b
Compare
Re-run acctest.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, thanks so much for this, @kterada0509 🚀
Output from acceptance testing:
--- PASS: TestAccAWSDataSourceIAMGroup_basic (10.27s)
--- PASS: TestAccAWSDataSourceIAMGroup_users (12.62s)
This has been released in version 2.36.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Fixes #7076
Changes proposed in this pull request:
Output from acceptance testing: