Merge pull request #19367 from DrFaust92/d/glue_conn_props

d/glue_connection + glue_data_catalog_encryption_settings - new data sources
hashicorp · May 17, 2021 · 5512fe4 · 5512fe4
2 parents 87768b7 + 25ff5e7
commit 5512fe4
Show file tree

Hide file tree

Showing 8 changed files with 427 additions and 0 deletions.
diff --git a/.changelog/18802.txt b/.changelog/18802.txt
@@ -0,0 +1,7 @@
+```release-note:new-data-source
+aws_glue_connection
+```
+
+```release-note:new-data-source
+aws_glue_data_catalog_encryption_settings
+```
diff --git a/aws/data_source_aws_glue_connection.go b/aws/data_source_aws_glue_connection.go
@@ -0,0 +1,130 @@
+package aws
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/arn"
+	"github.com/aws/aws-sdk-go/service/glue"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+)
+
+func dataSourceAwsGlueConnection() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: dataSourceAwsGlueConnectionRead,
+		Schema: map[string]*schema.Schema{
+			"arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validation.NoZeroValues,
+			},
+			"catalog_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"connection_properties": {
+				Type:      schema.TypeMap,
+				Computed:  true,
+				Sensitive: true,
+				Elem:      &schema.Schema{Type: schema.TypeString},
+			},
+			"connection_type": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"name": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"description": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"match_criteria": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"physical_connection_requirements": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"availability_zone": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+						"security_group_id_list": {
+							Type:     schema.TypeSet,
+							Computed: true,
+							Elem:     &schema.Schema{Type: schema.TypeString},
+						},
+						"subnet_id": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func dataSourceAwsGlueConnectionRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	conn := meta.(*AWSClient).glueconn
+	id := d.Get("id").(string)
+	catalogID, connectionName, err := decodeGlueConnectionID(id)
+	if err != nil {
+		return diag.Errorf("error decoding Glue Connection %s: %s", id, err)
+	}
+	input := &glue.GetConnectionInput{
+		CatalogId: aws.String(catalogID),
+		Name:      aws.String(connectionName),
+	}
+	output, err := conn.GetConnection(input)
+	if err != nil {
+		if isAWSErr(err, glue.ErrCodeEntityNotFoundException, "") {
+			return diag.Errorf("error Glue Connection (%s) not found", id)
+		}
+		return diag.Errorf("error reading Glue Connection (%s): %s", id, err)
+	}
+
+	connection := output.Connection
+	d.SetId(id)
+	d.Set("catalog_id", catalogID)
+	d.Set("connection_type", connection.ConnectionType)
+	d.Set("name", connection.Name)
+	d.Set("description", connection.Description)
+
+	connectionArn := arn.ARN{
+		Partition: meta.(*AWSClient).partition,
+		Service:   "glue",
+		Region:    meta.(*AWSClient).region,
+		AccountID: meta.(*AWSClient).accountid,
+		Resource:  fmt.Sprintf("connection/%s", connectionName),
+	}.String()
+	d.Set("arn", connectionArn)
+
+	if err := d.Set("connection_properties", aws.StringValueMap(connection.ConnectionProperties)); err != nil {
+		return diag.Errorf("error setting connection_properties: %s", err)
+	}
+
+	if err := d.Set("physical_connection_requirements", flattenGluePhysicalConnectionRequirements(connection.PhysicalConnectionRequirements)); err != nil {
+		return diag.Errorf("error setting physical_connection_requirements: %s", err)
+	}
+
+	if err := d.Set("match_criteria", flattenStringList(connection.MatchCriteria)); err != nil {
+		return diag.Errorf("error setting match_criteria: %s", err)
+	}
+
+	return nil
+}
diff --git a/aws/data_source_aws_glue_connection_test.go b/aws/data_source_aws_glue_connection_test.go
@@ -0,0 +1,68 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/service/glue"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+)
+
+func TestAccDataSourceAwsGlueConnection_basic(t *testing.T) {
+	resourceName := "aws_glue_connection.test"
+	datasourceName := "data.aws_glue_connection.test"
+	rName := fmt.Sprintf("tf-testacc-glue-connection-%s", acctest.RandString(13))
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:   func() { testAccPreCheck(t) },
+		ErrorCheck: testAccErrorCheck(t, glue.EndpointsID),
+		Providers:  testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceAwsGlueConnectionConfig(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccDataSourceAwsGlueConnectionCheck(datasourceName),
+					resource.TestCheckResourceAttrPair(datasourceName, "catalog_id", resourceName, "catalog_id"),
+					resource.TestCheckResourceAttrPair(datasourceName, "connection_type", resourceName, "connection_type"),
+					resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"),
+					resource.TestCheckResourceAttrPair(datasourceName, "arn", resourceName, "arn"),
+					resource.TestCheckResourceAttrPair(datasourceName, "description", resourceName, "description"),
+					resource.TestCheckResourceAttrPair(datasourceName, "connection_properties", resourceName, "connection_properties"),
+					resource.TestCheckResourceAttrPair(datasourceName, "physical_connection_requirements", resourceName, "physical_connection_requirements"),
+					resource.TestCheckResourceAttrPair(datasourceName, "match_criteria", resourceName, "match_criteria"),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceAwsGlueConnectionCheck(name string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		_, ok := s.RootModule().Resources[name]
+		if !ok {
+			return fmt.Errorf("root module has no resource called %s", name)
+		}
+
+		return nil
+	}
+}
+
+func testAccDataSourceAwsGlueConnectionConfig(rName string) string {
+	return fmt.Sprintf(`
+resource "aws_glue_connection" "test" {
+  connection_properties = {
+    JDBC_CONNECTION_URL = "jdbc:mysql://terraformacctesting.com/testdatabase"
+    PASSWORD            = "testpassword"
+    USERNAME            = "testusername"
+  }
+
+  name = "%s"
+}
+
+data "aws_glue_connection" "test" {
+  id = aws_glue_connection.test.id
+}
+`, rName)
+}
diff --git a/aws/data_source_aws_glue_data_catalog_encryption_settings.go b/aws/data_source_aws_glue_data_catalog_encryption_settings.go
@@ -0,0 +1,81 @@
+package aws
+
+import (
+	"context"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/glue"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+)
+
+func dataSourceAwsGlueDataCatalogEncryptionSettings() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: dataSourceAwsGlueDataCatalogEncryptionSettingsRead,
+		Schema: map[string]*schema.Schema{
+			"catalog_id": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+			"data_catalog_encryption_settings": {
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"connection_password_encryption": {
+							Type:     schema.TypeList,
+							Computed: true,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"aws_kms_key_id": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"return_connection_password_encrypted": {
+										Type:     schema.TypeBool,
+										Computed: true,
+									},
+								},
+							},
+						},
+						"encryption_at_rest": {
+							Type:     schema.TypeList,
+							Computed: true,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"catalog_encryption_mode": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+									"sse_aws_kms_key_id": {
+										Type:     schema.TypeString,
+										Computed: true,
+									},
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func dataSourceAwsGlueDataCatalogEncryptionSettingsRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	conn := meta.(*AWSClient).glueconn
+	id := d.Get("catalog_id").(string)
+	input := &glue.GetDataCatalogEncryptionSettingsInput{
+		CatalogId: aws.String(id),
+	}
+	out, err := conn.GetDataCatalogEncryptionSettings(input)
+	if err != nil {
+		return diag.Errorf("Error reading Glue Data Catalog Encryption Settings: %s", err)
+	}
+	d.SetId(id)
+	d.Set("catalog_id", d.Id())
+
+	if err := d.Set("data_catalog_encryption_settings", flattenGlueDataCatalogEncryptionSettings(out.DataCatalogEncryptionSettings)); err != nil {
+		return diag.Errorf("error setting data_catalog_encryption_settings: %s", err)
+	}
+	return nil
+}
diff --git a/aws/data_source_aws_glue_data_catalog_encryption_settings_test.go b/aws/data_source_aws_glue_data_catalog_encryption_settings_test.go
@@ -0,0 +1,62 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/service/glue"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+)
+
+func TestAccDataSourceAwsGlueDataCatalogEncryptionSettings_basic(t *testing.T) {
+	resourceName := "aws_glue_data_catalog_encryption_settings.test"
+	datasourceName := "data.aws_glue_data_catalog_encryption_settings.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:   func() { testAccPreCheck(t) },
+		ErrorCheck: testAccErrorCheck(t, glue.EndpointsID),
+		Providers:  testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceAwsGlueDataCatalogEncryptionSettingsConfig(),
+				Check: resource.ComposeTestCheckFunc(
+					testAccDataSourceAwsGlueDataCatalogEncryptionSettingsCheck(datasourceName),
+					resource.TestCheckResourceAttrPair(datasourceName, "catalog_id", resourceName, "catalog_id"),
+					resource.TestCheckResourceAttrPair(datasourceName, "data_catalog_encryption_settings", resourceName, "data_catalog_encryption_settings"),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceAwsGlueDataCatalogEncryptionSettingsCheck(name string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		_, ok := s.RootModule().Resources[name]
+		if !ok {
+			return fmt.Errorf("root module has no resource called %s", name)
+		}
+
+		return nil
+	}
+}
+
+func testAccDataSourceAwsGlueDataCatalogEncryptionSettingsConfig() string {
+	return `
+resource "aws_glue_data_catalog_encryption_settings" "test" {
+  data_catalog_encryption_settings {
+    connection_password_encryption {
+      return_connection_password_encrypted = false
+    }
+
+    encryption_at_rest {
+      catalog_encryption_mode = "DISABLED"
+    }
+  }
+}
+
+data "aws_glue_data_catalog_encryption_settings" "test" {
+  catalog_id = aws_glue_data_catalog_encryption_settings.test.id
+}
+`
+}
diff --git a/aws/provider.go b/aws/provider.go
@@ -288,6 +288,8 @@ func Provider() *schema.Provider {
 			"aws_elasticache_replication_group":              dataSourceAwsElasticacheReplicationGroup(),
 			"aws_elb_hosted_zone_id":                         dataSourceAwsElbHostedZoneId(),
 			"aws_elb_service_account":                        dataSourceAwsElbServiceAccount(),
+			"aws_glue_connection":                            dataSourceAwsGlueConnection(),
+			"aws_glue_data_catalog_encryption_settings":      dataSourceAwsGlueDataCatalogEncryptionSettings(),
 			"aws_glue_script":                                dataSourceAwsGlueScript(),
 			"aws_guardduty_detector":                         dataSourceAwsGuarddutyDetector(),
 			"aws_iam_account_alias":                          dataSourceAwsIamAccountAlias(),

diff --git a/website/docs/d/glue_connection.html.markdown b/website/docs/d/glue_connection.html.markdown
@@ -0,0 +1,34 @@
+---
+subcategory: "Glue"
+layout: "aws"
+page_title: "AWS: aws_glue_connection"
+description: |-
+  Get information on an AWS Glue Connection
+---
+
+# Data Source: aws_glue_connection
+
+This data source can be used to fetch information about a specific Glue Connection.
+
+## Example Usage
+
+```terraform
+data "aws_glue_connection" "example" {
+  id = "123456789123:connection"
+}
+```
+
+## Argument Reference
+
+* `id` - (Required) A concatenation of the catalog ID and connection name. For example, if your account ID is
+`123456789123` and the connection name is `conn` then the ID is `123456789123:conn`.
+
+## Attributes Reference
+
+* `arn` - The ARN of the Glue Connection.
+* `catalog_id` - The catalog ID of the Glue Connection.
+* `connection_type` - The type of Glue Connection.
+* `description` – Description of the connection.
+* `match_criteria` – A list of criteria that can be used in selecting this connection.
+* `name` - The name of the Glue Connection.
+* `physical_connection_requirements` - A map of physical connection requirements, such as VPC and SecurityGroup.