Merge pull request #6976 from kterada0509/feature/add-import-aws_iam_…

…user_group_membership

Add import support for aws_iam_user_group_membership resource

aws/resource_aws_iam_user_group_membership.go

@@ -3,6 +3,7 @@ package aws
 import (
 	"fmt"
 	"log"
+	"strings"
 
 	"github.com/aws/aws-sdk-go/service/iam"
 
@@ -16,6 +17,9 @@ func resourceAwsIamUserGroupMembership() *schema.Resource {
 		Read:   resourceAwsIamUserGroupMembershipRead,
 		Update: resourceAwsIamUserGroupMembershipUpdate,
 		Delete: resourceAwsIamUserGroupMembershipDelete,
+		Importer: &schema.ResourceImporter{
+			State: resourceAwsIamUserGroupMembershipImport,
+		},
 
 		Schema: map[string]*schema.Schema{
 			"user": {
@@ -162,3 +166,19 @@ func addUserToGroups(conn *iam.IAM, user string, groups []*string) error {
 
 	return nil
 }
+
+func resourceAwsIamUserGroupMembershipImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {
+	idParts := strings.Split(d.Id(), "/")
+	if len(idParts) < 2 {
+		return nil, fmt.Errorf("unexpected format of ID (%q), expected <user-name>/<group-name1>/...", d.Id())
+	}
+
+	userName := idParts[0]
+	groupList := idParts[1:]
+
+	d.Set("user", userName)
+	d.Set("groups", groupList)
+	d.SetId(resource.UniqueId())
+
+	return []*schema.ResourceData{d}, nil
+}

aws/resource_aws_iam_user_group_membership_test.go

@@ -2,6 +2,7 @@ package aws
 
 import (
 	"fmt"
+	"strconv"
 	"testing"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -35,6 +36,21 @@ func TestAccAWSUserGroupMembership_basic(t *testing.T) {
 					testAccAWSUserGroupMembershipCheckGroupListForUser(userName1, []string{groupName1}, []string{groupName2, groupName3}),
 				),
 			},
+			{
+				ResourceName:      "aws_iam_user_group_membership.user1_test1",
+				ImportState:       true,
+				ImportStateIdFunc: testAccAWSUserGroupMembershipImportStateIdFunc("aws_iam_user_group_membership.user1_test1"),
+				// We do not have a way to align IDs since the Create function uses resource.UniqueId()
+				// Failed state verification, resource with ID USER/GROUP not found
+				//ImportStateVerify: true,
+				ImportStateCheck: func(s []*terraform.InstanceState) error {
+					if len(s) != 1 {
+						return fmt.Errorf("expected 1 state: %#v", s)
+					}
+
+					return nil
+				},
+			},
 			// test adding an additional group to an existing resource
 			{
 				Config: usersAndGroupsConfig + testAccAWSUserGroupMembershipConfigAddOne,
@@ -161,6 +177,23 @@ func testAccAWSUserGroupMembershipCheckGroupListForUser(userName string, groups
 	}
 }
 
+func testAccAWSUserGroupMembershipImportStateIdFunc(resourceName string) resource.ImportStateIdFunc {
+	return func(s *terraform.State) (string, error) {
+		rs, ok := s.RootModule().Resources[resourceName]
+		if !ok {
+			return "", fmt.Errorf("Not found: %s", resourceName)
+		}
+
+		groupCount, _ := strconv.Atoi(rs.Primary.Attributes["groups.#"])
+		stateId := rs.Primary.Attributes["user"]
+		for i := 0; i < groupCount; i++ {
+			groupName := rs.Primary.Attributes[fmt.Sprintf("group.%d", i)]
+			stateId = fmt.Sprintf("%s/%s", stateId, groupName)
+		}
+		return stateId, nil
+	}
+}
+
 // users and groups for all other tests
 func testAccAWSUserGroupMembershipConfigUsersAndGroups(userName1, userName2, groupName1, groupName2, groupName3 string) string {
 	return fmt.Sprintf(`

website/docs/r/iam_user_group_membership.html.markdown

@@ -68,3 +68,11 @@ The following arguments are supported:
 [1]: /docs/providers/aws/r/iam_group.html
 [2]: /docs/providers/aws/r/iam_user.html
 [3]: /docs/providers/aws/r/iam_group_membership.html
+
+## Import
+
+IAM user group membership can be imported using the user name and group names separated by `/`.
+
+```
+$ terraform import aws_iam_user_group_membership.example1 user1/group1/group2
+```