Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

r/codeartifact_repository_permissions_policy - new resource #15562

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions aws/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -494,6 +494,7 @@ func Provider() *schema.Provider {
"aws_codeartifact_domain": resourceAwsCodeArtifactDomain(),
"aws_codeartifact_domain_permissions_policy": resourceAwsCodeArtifactDomainPermissionsPolicy(),
"aws_codeartifact_repository": resourceAwsCodeArtifactRepository(),
"aws_codeartifact_repository_permissions_policy": resourceAwsCodeArtifactRepositoryPermissionsPolicy(),
"aws_codebuild_project": resourceAwsCodeBuildProject(),
"aws_codebuild_report_group": resourceAwsCodeBuildReportGroup(),
"aws_codebuild_source_credential": resourceAwsCodeBuildSourceCredential(),
Expand Down
146 changes: 146 additions & 0 deletions aws/resource_aws_codeartifact_repository_permissions_policy.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,146 @@
package aws

import (
"fmt"
"log"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/codeartifact"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
)

func resourceAwsCodeArtifactRepositoryPermissionsPolicy() *schema.Resource {
return &schema.Resource{
Create: resourceAwsCodeArtifactRepositoryPermissionsPolicyPut,
Update: resourceAwsCodeArtifactRepositoryPermissionsPolicyPut,
Read: resourceAwsCodeArtifactRepositoryPermissionsPolicyRead,
Delete: resourceAwsCodeArtifactRepositoryPermissionsPolicyDelete,
Importer: &schema.ResourceImporter{
State: schema.ImportStatePassthrough,
},

Schema: map[string]*schema.Schema{
"domain": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"repository": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"domain_owner": {
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
},
"policy_document": {
Type: schema.TypeString,
Required: true,
ValidateFunc: validation.StringIsJSON,
DiffSuppressFunc: suppressEquivalentJsonDiffs,
},
"policy_revision": {
Type: schema.TypeString,
Optional: true,
Computed: true,
},
"resource_arn": {
Type: schema.TypeString,
Computed: true,
},
},
}
}

func resourceAwsCodeArtifactRepositoryPermissionsPolicyPut(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).codeartifactconn
log.Print("[DEBUG] Creating CodeArtifact Repository Permissions Policy")

params := &codeartifact.PutRepositoryPermissionsPolicyInput{
Domain: aws.String(d.Get("domain").(string)),
Repository: aws.String(d.Get("repository").(string)),
PolicyDocument: aws.String(d.Get("policy_document").(string)),
}

if v, ok := d.GetOk("domain_owner"); ok {
params.DomainOwner = aws.String(v.(string))
}

if v, ok := d.GetOk("policy_revision"); ok {
params.PolicyRevision = aws.String(v.(string))
}

res, err := conn.PutRepositoryPermissionsPolicy(params)
if err != nil {
return fmt.Errorf("error creating CodeArtifact Repository Permissions Policy: %w", err)
}

d.SetId(aws.StringValue(res.Policy.ResourceArn))

return resourceAwsCodeArtifactRepositoryPermissionsPolicyRead(d, meta)
}

func resourceAwsCodeArtifactRepositoryPermissionsPolicyRead(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).codeartifactconn
log.Printf("[DEBUG] Reading CodeArtifact Repository Permissions Policy: %s", d.Id())

domainOwner, domainName, repoName, err := decodeCodeArtifactRepositoryID(d.Id())
if err != nil {
return err
}

dm, err := conn.GetRepositoryPermissionsPolicy(&codeartifact.GetRepositoryPermissionsPolicyInput{
Domain: aws.String(domainName),
DomainOwner: aws.String(domainOwner),
Repository: aws.String(repoName),
})
if err != nil {
if isAWSErr(err, codeartifact.ErrCodeResourceNotFoundException, "") {
log.Printf("[WARN] CodeArtifact Repository Permissions Policy %q not found, removing from state", d.Id())
d.SetId("")
return nil
}
return fmt.Errorf("error reading CodeArtifact Repository Permissions Policy (%s): %w", d.Id(), err)
}

d.Set("domain", domainName)
d.Set("domain_owner", domainOwner)
d.Set("repository", repoName)
d.Set("resource_arn", dm.Policy.ResourceArn)
d.Set("policy_document", dm.Policy.Document)
d.Set("policy_revision", dm.Policy.Revision)

return nil
}

func resourceAwsCodeArtifactRepositoryPermissionsPolicyDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).codeartifactconn
log.Printf("[DEBUG] Deleting CodeArtifact Repository Permissions Policy: %s", d.Id())

domainOwner, domainName, repoName, err := decodeCodeArtifactRepositoryID(d.Id())
if err != nil {
return err
}

input := &codeartifact.DeleteRepositoryPermissionsPolicyInput{
Domain: aws.String(domainName),
DomainOwner: aws.String(domainOwner),
Repository: aws.String(repoName),
}

_, err = conn.DeleteRepositoryPermissionsPolicy(input)

if isAWSErr(err, codeartifact.ErrCodeResourceNotFoundException, "") {
return nil
}

if err != nil {
return fmt.Errorf("error deleting CodeArtifact Repository Permissions Policy (%s): %w", d.Id(), err)
}

return nil
}
Loading