From b6898b5b008e62fe1ca28bd99c808058fc163a53 Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Wed, 29 Apr 2020 14:16:05 +0300 Subject: [PATCH 1/6] add attributes --- aws/resource_aws_workspaces_directory.go | 42 +++++++++++++++++++++--- 1 file changed, 38 insertions(+), 4 deletions(-) diff --git a/aws/resource_aws_workspaces_directory.go b/aws/resource_aws_workspaces_directory.go index 2b77c9d4261..6b45a207845 100644 --- a/aws/resource_aws_workspaces_directory.go +++ b/aws/resource_aws_workspaces_directory.go @@ -69,6 +69,28 @@ func resourceAwsWorkspacesDirectory() *schema.Resource { Computed: true, Elem: &schema.Schema{Type: schema.TypeString}, }, + "workspace_security_group_id": { + Type: schema.TypeString, + Computed: true, + }, + "iam_role_id": { + Type: schema.TypeString, + Computed: true, + }, + "registration_code": { + Type: schema.TypeString, + Computed: true, + }, + "ip_group_ids": { + Type: schema.TypeSet, + Elem: &schema.Schema{Type: schema.TypeString}, + Computed: true, + }, + "dns_ip_addresses": { + Type: schema.TypeSet, + Elem: &schema.Schema{Type: schema.TypeString}, + Computed: true, + }, "tags": tagsSchema(), }, } @@ -89,9 +111,7 @@ func resourceAwsWorkspacesDirectoryCreate(d *schema.ResourceData, meta interface } if v, ok := d.GetOk("subnet_ids"); ok { - for _, id := range v.(*schema.Set).List() { - input.SubnetIds = append(input.SubnetIds, aws.String(id.(string))) - } + input.SubnetIds = expandStringSet(v.(*schema.Set)) } log.Printf("[DEBUG] Regestering workspaces directory...\n%#v\n", *input) @@ -149,11 +169,25 @@ func resourceAwsWorkspacesDirectoryRead(d *schema.ResourceData, meta interface{} dir := raw.(*workspaces.WorkspaceDirectory) d.Set("directory_id", dir.DirectoryId) - d.Set("subnet_ids", dir.SubnetIds) + if err := d.Set("subnet_ids", flattenStringSet(dir.SubnetIds)); err != nil { + return fmt.Errorf("error setting subnet_ids: %s", err) + } + d.Set("workspace_security_group_id", dir.WorkspaceSecurityGroupId) + d.Set("iam_role_id", dir.IamRoleId) + d.Set("registration_code", dir.RegistrationCode) + if err := d.Set("self_service_permissions", flattenSelfServicePermissions(dir.SelfservicePermissions)); err != nil { return fmt.Errorf("error setting self_service_permissions: %s", err) } + if err := d.Set("ip_group_ids", flattenStringSet(dir.IpGroupIds)); err != nil { + return fmt.Errorf("error setting ip_group_ids: %s", err) + } + + if err := d.Set("dns_ip_addresses", flattenStringSet(dir.DnsIpAddresses)); err != nil { + return fmt.Errorf("error setting dns_ip_addresses: %s", err) + } + tags, err := keyvaluetags.WorkspacesListTags(conn, d.Id()) if err != nil { return fmt.Errorf("error listing tags: %s", err) From 6c3a14239b8de21d9facc8fb8a84e6d15b35349d Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Wed, 29 Apr 2020 22:40:08 +0300 Subject: [PATCH 2/6] refactor to have specific tags test --- aws/resource_aws_workspaces_directory_test.go | 105 ++++++++++++++---- 1 file changed, 82 insertions(+), 23 deletions(-) diff --git a/aws/resource_aws_workspaces_directory_test.go b/aws/resource_aws_workspaces_directory_test.go index f00fc179691..dae8dab533f 100644 --- a/aws/resource_aws_workspaces_directory_test.go +++ b/aws/resource_aws_workspaces_directory_test.go @@ -57,6 +57,7 @@ func TestAccAwsWorkspacesDirectory(t *testing.T) { "basic": testAccAwsWorkspacesDirectory_basic, "disappears": testAccAwsWorkspacesDirectory_disappears, "subnetIds": testAccAwsWorkspacesDirectory_subnetIds, + "tags": testAccAwsWorkspacesDirectory_tags, } for name, tc := range testCases { tc := tc @@ -87,10 +88,10 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.rebuild_workspace", "false"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.restart_workspace", "true"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.switch_running_mode", "false"), - resource.TestCheckResourceAttr(resourceName, "tags.%", "3"), - resource.TestCheckResourceAttr(resourceName, "tags.Name", "test"), - resource.TestCheckResourceAttr(resourceName, "tags.Terraform", "true"), - resource.TestCheckResourceAttr(resourceName, "tags.Directory", "tf-acctest.example.com"), + resource.TestCheckResourceAttr(resourceName, "dns_ip_addresses.%", "2"), + resource.TestCheckResourceAttrSet(resourceName, "workspace_security_group_id"), + resource.TestCheckResourceAttrSet(resourceName, "registration_code"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, { @@ -103,9 +104,6 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.rebuild_workspace", "true"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.restart_workspace", "false"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.switch_running_mode", "true"), - resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), - resource.TestCheckResourceAttr(resourceName, "tags.Directory", "tf-acctest.example.com"), - resource.TestCheckResourceAttr(resourceName, "tags.Purpose", "test"), ), }, { @@ -118,7 +116,6 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.rebuild_workspace", "false"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.restart_workspace", "true"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.switch_running_mode", "true"), - resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, { @@ -178,6 +175,50 @@ func testAccAwsWorkspacesDirectory_subnetIds(t *testing.T) { }) } +func testAccAwsWorkspacesDirectory_tags(t *testing.T) { + var v workspaces.WorkspaceDirectory + rName := acctest.RandString(8) + resourceName := "aws_workspaces_directory.main" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsWorkspacesDirectoryDestroy, + Steps: []resource.TestStep{ + { + Config: testAccWorkspacesDirectoryConfigTags1(rName, "key1", "value1"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesDirectoryExists(resourceName, &v), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + { + Config: testAccWorkspacesDirectoryConfigTags2(rName, "key1", "value1updated", "key2", "value2"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesDirectoryExists(resourceName, &v), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.key1", "value1updated"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + { + Config: testAccWorkspacesDirectoryConfigTags1(rName, "key2", "value2"), + Check: resource.ComposeAggregateTestCheckFunc( + testAccCheckAwsWorkspacesDirectoryExists(resourceName, &v), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.key2", "value2"), + ), + }, + }, + }) +} + func testAccCheckAwsWorkspacesDirectoryDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).workspacesconn @@ -344,7 +385,7 @@ locals { cidr_block = "10.0.0.0/16" tags = { - Name = "tf-testacc-workspaces-directory-%s" + Name = "tf-testacc-workspaces-directory-%[1]s" } } @@ -354,7 +395,7 @@ locals { cidr_block = "10.0.1.0/24" tags = { - Name = "tf-testacc-workspaces-directory-%s-primary" + Name = "tf-testacc-workspaces-directory-%[1]s-primary" } } @@ -364,7 +405,7 @@ locals { cidr_block = "10.0.2.0/24" tags = { - Name = "tf-testacc-workspaces-directory-%s-secondary" + Name = "tf-testacc-workspaces-directory-%[1]s-secondary" } } @@ -377,6 +418,10 @@ resource "aws_directory_service_directory" "main" { vpc_id = "${aws_vpc.main.id}" subnet_ids = ["${aws_subnet.primary.id}","${aws_subnet.secondary.id}"] } + + tags = { + Name = "tf-testacc-workspaces-directory-%[1]s" + } } data "aws_iam_policy_document" "workspaces" { @@ -404,19 +449,13 @@ resource "aws_iam_role_policy_attachment" "workspaces-default-self-service-acces role = aws_iam_role.workspaces-default.name policy_arn = "arn:aws:iam::aws:policy/AmazonWorkSpacesSelfServiceAccess" } -`, booster, booster, booster) +`, booster) } func testAccWorkspacesDirectoryConfigA(booster string) string { return testAccAwsWorkspacesDirectoryConfig_Prerequisites(booster) + fmt.Sprintf(` resource "aws_workspaces_directory" "main" { directory_id = "${aws_directory_service_directory.main.id}" - - tags = { - Name = "test" - Terraform = true - Directory = "tf-acctest.example.com" - } } `) } @@ -433,11 +472,6 @@ resource "aws_workspaces_directory" "main" { restart_workspace = false switch_running_mode = true } - - tags = { - Purpose = "test" - Directory = "tf-acctest.example.com" - } } `) } @@ -463,3 +497,28 @@ resource "aws_workspaces_directory" "main" { } `) } + +func testAccWorkspacesDirectoryConfigTags1(rName, tagKey1, tagValue1 string) string { + return testAccAwsWorkspacesDirectoryConfig_Prerequisites(rName) + fmt.Sprintf(` +resource "aws_workspaces_directory" "main" { + directory_id = "${aws_directory_service_directory.main.id}" + + tags = { + %[1]q = %[2]q + } +} +`, tagKey1, tagValue1) +} + +func testAccWorkspacesDirectoryConfigTags2(rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string { + return testAccAwsWorkspacesDirectoryConfig_Prerequisites(rName) + fmt.Sprintf(` +resource "aws_workspaces_directory" "main" { + directory_id = "${aws_directory_service_directory.main.id}" + + tags = { + %[1]q = %[2]q + %[3]q = %[4]q + } +} +`, tagKey1, tagValue1, tagKey2, tagValue2) +} From d2cba360b64f59a0cb9001abe72a628763cf947b Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Wed, 29 Apr 2020 23:36:54 +0300 Subject: [PATCH 3/6] add `directory_name`, `directory_type`, `customer_user_name`, `alias` attributes --- aws/resource_aws_workspaces_directory.go | 20 ++++++++++++++++++- aws/resource_aws_workspaces_directory_test.go | 5 ++++- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/aws/resource_aws_workspaces_directory.go b/aws/resource_aws_workspaces_directory.go index 6b45a207845..81e90d4188c 100644 --- a/aws/resource_aws_workspaces_directory.go +++ b/aws/resource_aws_workspaces_directory.go @@ -81,6 +81,22 @@ func resourceAwsWorkspacesDirectory() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "directory_name": { + Type: schema.TypeString, + Computed: true, + }, + "directory_type": { + Type: schema.TypeString, + Computed: true, + }, + "customer_user_name": { + Type: schema.TypeString, + Computed: true, + }, + "alias": { + Type: schema.TypeString, + Computed: true, + }, "ip_group_ids": { Type: schema.TypeSet, Elem: &schema.Schema{Type: schema.TypeString}, @@ -175,7 +191,9 @@ func resourceAwsWorkspacesDirectoryRead(d *schema.ResourceData, meta interface{} d.Set("workspace_security_group_id", dir.WorkspaceSecurityGroupId) d.Set("iam_role_id", dir.IamRoleId) d.Set("registration_code", dir.RegistrationCode) - + d.Set("directory_name", dir.DirectoryName) + d.Set("directory_type", dir.DirectoryType) + d.Set("alias", dir.Alias) if err := d.Set("self_service_permissions", flattenSelfServicePermissions(dir.SelfservicePermissions)); err != nil { return fmt.Errorf("error setting self_service_permissions: %s", err) } diff --git a/aws/resource_aws_workspaces_directory_test.go b/aws/resource_aws_workspaces_directory_test.go index dae8dab533f..b13d0bdef77 100644 --- a/aws/resource_aws_workspaces_directory_test.go +++ b/aws/resource_aws_workspaces_directory_test.go @@ -71,6 +71,7 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { var v workspaces.WorkspaceDirectory booster := acctest.RandString(8) resourceName := "aws_workspaces_directory.main" + directoryResourceName := "aws_directory_service_directory.main" resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -88,7 +89,9 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.rebuild_workspace", "false"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.restart_workspace", "true"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.switch_running_mode", "false"), - resource.TestCheckResourceAttr(resourceName, "dns_ip_addresses.%", "2"), + resource.TestCheckResourceAttrPair(resourceName, "directory_name", directoryResourceName, "name"), + resource.TestCheckResourceAttrPair(resourceName, "alias", directoryResourceName, "alias"), + resource.TestCheckResourceAttrPair(resourceName, "directory_id", directoryResourceName, "id"), resource.TestCheckResourceAttrSet(resourceName, "workspace_security_group_id"), resource.TestCheckResourceAttrSet(resourceName, "registration_code"), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), From e5659bfc90880399a0b823422c4f779586e02d8a Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Wed, 29 Apr 2020 23:45:49 +0300 Subject: [PATCH 4/6] add tests --- aws/resource_aws_workspaces_directory_test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/aws/resource_aws_workspaces_directory_test.go b/aws/resource_aws_workspaces_directory_test.go index b13d0bdef77..1947b0c58b4 100644 --- a/aws/resource_aws_workspaces_directory_test.go +++ b/aws/resource_aws_workspaces_directory_test.go @@ -72,6 +72,7 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { booster := acctest.RandString(8) resourceName := "aws_workspaces_directory.main" directoryResourceName := "aws_directory_service_directory.main" + iamRoleResourceName := "aws_iam_role.workspaces-default" resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -89,9 +90,12 @@ func testAccAwsWorkspacesDirectory_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.rebuild_workspace", "false"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.restart_workspace", "true"), resource.TestCheckResourceAttr(resourceName, "self_service_permissions.0.switch_running_mode", "false"), + resource.TestCheckResourceAttr(resourceName, "dns_ip_addresses.#", "2"), + resource.TestCheckResourceAttr(resourceName, "directory_type", "SIMPLE_AD"), resource.TestCheckResourceAttrPair(resourceName, "directory_name", directoryResourceName, "name"), resource.TestCheckResourceAttrPair(resourceName, "alias", directoryResourceName, "alias"), resource.TestCheckResourceAttrPair(resourceName, "directory_id", directoryResourceName, "id"), + resource.TestCheckResourceAttrPair(resourceName, "iam_role_id", iamRoleResourceName, "arn"), resource.TestCheckResourceAttrSet(resourceName, "workspace_security_group_id"), resource.TestCheckResourceAttrSet(resourceName, "registration_code"), resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), From a9f8ca144b3cc543bef39a186a91b5ce16e3facc Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Wed, 29 Apr 2020 23:57:23 +0300 Subject: [PATCH 5/6] add docs --- website/docs/r/workspaces_directory.html.markdown | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/website/docs/r/workspaces_directory.html.markdown b/website/docs/r/workspaces_directory.html.markdown index 81a9acf6b74..b84efde9de6 100644 --- a/website/docs/r/workspaces_directory.html.markdown +++ b/website/docs/r/workspaces_directory.html.markdown @@ -71,6 +71,15 @@ The following arguments are supported: In addition to all arguments above, the following attributes are exported: * `id` - The WorkSpaces directory identifier. +* `workspace_security_group_id` - The identifier of the security group that is assigned to new WorkSpaces. +* `iam_role_id` - The identifier of the IAM role. This is the role that allows Amazon WorkSpaces to make calls to other services, such as Amazon EC2, on your behalf. +* `registration_code` - The registration code for the directory. This is the code that users enter in their Amazon WorkSpaces client application to connect to the directory. +* `directory_name` - The name of the directory. +* `directory_type` - The directory type. +* `customer_user_name` - The user name for the service account. +* `alias` - The directory alias. +* `ip_group_ids` - The identifiers of the IP access control groups associated with the directory. +* `dns_ip_addresses` - The IP addresses of the DNS servers for the directory. ## Import From df61fd31e5f4ed491e18a1f92282a3157af5bb5f Mon Sep 17 00:00:00 2001 From: DrFaust92 Date: Thu, 30 Apr 2020 19:19:44 +0300 Subject: [PATCH 6/6] fix workspaces tags --- .../generators/updatetags/main.go | 1 + .../service_generation_customizations.go | 6 +++ aws/internal/keyvaluetags/update_tags_gen.go | 37 ++++++++++++++ aws/internal/keyvaluetags/workspaces_tags.go | 49 ------------------- 4 files changed, 44 insertions(+), 49 deletions(-) delete mode 100644 aws/internal/keyvaluetags/workspaces_tags.go diff --git a/aws/internal/keyvaluetags/generators/updatetags/main.go b/aws/internal/keyvaluetags/generators/updatetags/main.go index 1e4a353eb35..ee18203bf73 100644 --- a/aws/internal/keyvaluetags/generators/updatetags/main.go +++ b/aws/internal/keyvaluetags/generators/updatetags/main.go @@ -116,6 +116,7 @@ var serviceNames = []string{ "waf", "wafregional", "wafv2", + "workspaces", } type TemplateData struct { diff --git a/aws/internal/keyvaluetags/service_generation_customizations.go b/aws/internal/keyvaluetags/service_generation_customizations.go index b7e88349a38..071ce0d9b5b 100644 --- a/aws/internal/keyvaluetags/service_generation_customizations.go +++ b/aws/internal/keyvaluetags/service_generation_customizations.go @@ -576,6 +576,8 @@ func ServiceTagFunction(serviceName string) string { return "AddTagsToResource" case "storagegateway": return "AddTagsToResource" + case "workspaces": + return "CreateTags" default: return "TagResource" } @@ -696,6 +698,8 @@ func ServiceTagInputIdentifierField(serviceName string) string { return "ResourceARN" case "wafv2": return "ResourceARN" + case "workspaces": + return "ResourceId" default: return "ResourceArn" } @@ -881,6 +885,8 @@ func ServiceUntagFunction(serviceName string) string { return "RemoveTagsFromResource" case "storagegateway": return "RemoveTagsFromResource" + case "workspaces": + return "DeleteTags" default: return "UntagResource" } diff --git a/aws/internal/keyvaluetags/update_tags_gen.go b/aws/internal/keyvaluetags/update_tags_gen.go index 1d82f20021b..ce0a1715fdc 100644 --- a/aws/internal/keyvaluetags/update_tags_gen.go +++ b/aws/internal/keyvaluetags/update_tags_gen.go @@ -105,6 +105,7 @@ import ( "github.com/aws/aws-sdk-go/service/waf" "github.com/aws/aws-sdk-go/service/wafregional" "github.com/aws/aws-sdk-go/service/wafv2" + "github.com/aws/aws-sdk-go/service/workspaces" ) // AccessanalyzerUpdateTags updates accessanalyzer service tags. @@ -3675,3 +3676,39 @@ func Wafv2UpdateTags(conn *wafv2.WAFV2, identifier string, oldTagsMap interface{ return nil } + +// WorkspacesUpdateTags updates workspaces service tags. +// The identifier is typically the Amazon Resource Name (ARN), although +// it may also be a different identifier depending on the service. +func WorkspacesUpdateTags(conn *workspaces.WorkSpaces, identifier string, oldTagsMap interface{}, newTagsMap interface{}) error { + oldTags := New(oldTagsMap) + newTags := New(newTagsMap) + + if removedTags := oldTags.Removed(newTags); len(removedTags) > 0 { + input := &workspaces.DeleteTagsInput{ + ResourceId: aws.String(identifier), + TagKeys: aws.StringSlice(removedTags.IgnoreAws().Keys()), + } + + _, err := conn.DeleteTags(input) + + if err != nil { + return fmt.Errorf("error untagging resource (%s): %w", identifier, err) + } + } + + if updatedTags := oldTags.Updated(newTags); len(updatedTags) > 0 { + input := &workspaces.CreateTagsInput{ + ResourceId: aws.String(identifier), + Tags: updatedTags.IgnoreAws().WorkspacesTags(), + } + + _, err := conn.CreateTags(input) + + if err != nil { + return fmt.Errorf("error tagging resource (%s): %w", identifier, err) + } + } + + return nil +} diff --git a/aws/internal/keyvaluetags/workspaces_tags.go b/aws/internal/keyvaluetags/workspaces_tags.go deleted file mode 100644 index ca902e9af36..00000000000 --- a/aws/internal/keyvaluetags/workspaces_tags.go +++ /dev/null @@ -1,49 +0,0 @@ -// +build !generate - -package keyvaluetags - -import ( - "fmt" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/workspaces" -) - -// Custom WorkSpaces tag service update functions using the same format as generated code. - -// WorkspacesUpdateTags updates WorkSpaces resource tags. -// The identifier is the resource ID. -func WorkspacesUpdateTags(conn *workspaces.WorkSpaces, identifier string, oldTagsMap interface{}, newTagsMap interface{}) error { - oldTags := New(oldTagsMap) - newTags := New(newTagsMap) - - // https://docs.aws.amazon.com/workspaces/latest/api/API_CreateTags.html - // "If you want to add new tags to a set of existing tags, you must submit all of the existing tags along with the new ones." - // This doesn't in fact seem to be correct... - - if len(newTags) > 0 { - input := &workspaces.CreateTagsInput{ - ResourceId: aws.String(identifier), - Tags: newTags.IgnoreAws().WorkspacesTags(), - } - - _, err := conn.CreateTags(input) - - if err != nil { - return fmt.Errorf("error tagging resource (%s): %w", identifier, err) - } - } else if len(oldTags) > 0 { - input := &workspaces.DeleteTagsInput{ - ResourceId: aws.String(identifier), - TagKeys: aws.StringSlice(oldTags.Keys()), - } - - _, err := conn.DeleteTags(input) - - if err != nil { - return fmt.Errorf("error untagging resource (%s): %w", identifier, err) - } - } - - return nil -}