Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

r/aws_config_organization_custom_policy_rule: New resource #28201

Merged
merged 7 commits into from
Apr 25, 2023
Merged

r/aws_config_organization_custom_policy_rule: New resource #28201

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
6ff0421
Adds organization_custom_policy_rule
georgealton Dec 5, 2022
4ff14fa
Merge branch 'main' into f-aws_config_organization_custom_policy_rule
georgealton Apr 11, 2023
d5c046e
Merge branch 'hashicorp:main' into f-aws_config_organization_custom_p…
georgealton Apr 11, 2023
e1b5672
fix
georgealton Apr 11, 2023
e1ed78a
Merge branch 'main' into HEAD
ewbankkit Apr 25, 2023
736b3c0
r/aws_config_organization_custom_policy_rule: Tidy up acceptance test…
ewbankkit Apr 25, 2023
93631f2
Add CHANGELOG note that we cannot easily test this functionality.
ewbankkit Apr 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .changelog/21373.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:new-resource
aws_config_organization_custom_policy_rule
```

```release-note:note
resource/aws_config_organization_custom_policy_rule: Because we cannot easily test this functionality, it is best effort and we ask for community help in testing
```
23 changes: 15 additions & 8 deletions internal/service/configservice/configservice.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -269,10 +269,16 @@ func refreshConformancePackStatus(ctx context.Context, conn *configservice.Confi
}
}

func refreshOrganizationConfigRuleStatus(ctx context.Context, conn *configservice.ConfigService, name string) retry.StateRefreshFunc {
func refreshOrganizationConfigRuleStatus(ctx context.Context, conn *configservice.ConfigService, name string, target string) retry.StateRefreshFunc {
return func() (interface{}, string, error) {
status, err := describeOrganizationConfigRuleStatus(ctx, conn, name)

// Transient ResourceDoesNotExist error after creation caught here
// in cases where the StateChangeConf's delay time is not sufficient
if target != configservice.OrganizationResourceDetailedStatusDeleteSuccessful && tfawserr.ErrCodeEquals(err, configservice.ErrCodeNoSuchOrganizationConfigRuleException) {
return nil, "", nil
}

if err != nil {
return nil, "", err
}
Expand Down Expand Up @@ -456,11 +462,12 @@ func waitForOrganizationConformancePackStatusDeleteSuccessful(ctx context.Contex

func waitForOrganizationRuleStatusCreateSuccessful(ctx context.Context, conn *configservice.ConfigService, name string, timeout time.Duration) error {
stateChangeConf := &retry.StateChangeConf{
Pending: []string{configservice.OrganizationRuleStatusCreateInProgress},
Target: []string{configservice.OrganizationRuleStatusCreateSuccessful},
Refresh: refreshOrganizationConfigRuleStatus(ctx, conn, name),
Timeout: timeout,
Delay: 10 * time.Second,
Pending: []string{configservice.OrganizationRuleStatusCreateInProgress},
Target: []string{configservice.OrganizationRuleStatusCreateSuccessful},
Refresh: refreshOrganizationConfigRuleStatus(ctx, conn, name, configservice.OrganizationRuleStatusCreateSuccessful),
Timeout: timeout,
NotFoundChecks: 10,
Delay: 30 * time.Second,
}

_, err := stateChangeConf.WaitForStateContext(ctx)
Expand All @@ -472,7 +479,7 @@ func waitForOrganizationRuleStatusDeleteSuccessful(ctx context.Context, conn *co
stateChangeConf := &retry.StateChangeConf{
Pending: []string{configservice.OrganizationRuleStatusDeleteInProgress},
Target: []string{configservice.OrganizationRuleStatusDeleteSuccessful},
Refresh: refreshOrganizationConfigRuleStatus(ctx, conn, name),
Refresh: refreshOrganizationConfigRuleStatus(ctx, conn, name, configservice.OrganizationRuleStatusDeleteSuccessful),
Timeout: timeout,
Delay: 10 * time.Second,
}
Expand All @@ -490,7 +497,7 @@ func waitForOrganizationRuleStatusUpdateSuccessful(ctx context.Context, conn *co
stateChangeConf := &retry.StateChangeConf{
Pending: []string{configservice.OrganizationRuleStatusUpdateInProgress},
Target: []string{configservice.OrganizationRuleStatusUpdateSuccessful},
Refresh: refreshOrganizationConfigRuleStatus(ctx, conn, name),
Refresh: refreshOrganizationConfigRuleStatus(ctx, conn, name, configservice.OrganizationRuleStatusUpdateSuccessful),
Timeout: timeout,
Delay: 10 * time.Second,
}
Expand Down
24 changes: 24 additions & 0 deletions internal/service/configservice/find.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,27 @@ func FindConfigRule(ctx context.Context, conn *configservice.ConfigService, name

return output.ConfigRules[0], nil
}

func FindOrganizationConfigRule(ctx aws.Context, conn *configservice.ConfigService, name string) (*configservice.OrganizationConfigRule, error) {
input := &configservice.DescribeOrganizationConfigRulesInput{
OrganizationConfigRuleNames: []*string{aws.String(name)},
}

output, err := conn.DescribeOrganizationConfigRulesWithContext(ctx, input)
if tfawserr.ErrCodeEquals(err, configservice.ErrCodeNoSuchOrganizationConfigRuleException) {
return nil, &retry.NotFoundError{
LastError: err,
LastRequest: input,
}
}

if output == nil {
return nil, nil
}

if output == nil || output.OrganizationConfigRules == nil || len(output.OrganizationConfigRules) == 0 || output.OrganizationConfigRules[0] == nil {
return nil, tfresource.NewEmptyResultError(input)
}

return output.OrganizationConfigRules[0], nil
}
Loading