From 3de914de01c8ae37665b6fa8933c1cbb0699b097 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Tue, 28 Nov 2023 13:46:29 -0500 Subject: [PATCH 01/12] internal/conns: upgrade ssoadmin client to aws sdk v2 --- go.mod | 1 + go.sum | 2 + internal/conns/awsclient_gen.go | 6 +-- internal/service/ssoadmin/generate.go | 2 +- internal/service/ssoadmin/service_package.go | 40 ++++++++++--------- .../service/ssoadmin/service_package_gen.go | 10 ----- internal/service/ssoadmin/tags_gen.go | 36 ++++++++--------- names/names.go | 1 + names/names_data.csv | 2 +- 9 files changed, 48 insertions(+), 52 deletions(-) diff --git a/go.mod b/go.mod index 9ab8dac862d..6710c46b4b8 100644 --- a/go.mod +++ b/go.mod @@ -86,6 +86,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/ssm v1.44.1 github.com/aws/aws-sdk-go-v2/service/ssmcontacts v1.20.1 github.com/aws/aws-sdk-go-v2/service/ssmincidents v1.27.1 + github.com/aws/aws-sdk-go-v2/service/ssoadmin v1.23.1 github.com/aws/aws-sdk-go-v2/service/sts v1.26.1 github.com/aws/aws-sdk-go-v2/service/swf v1.20.1 github.com/aws/aws-sdk-go-v2/service/timestreamwrite v1.23.1 diff --git a/go.sum b/go.sum index 5893eaad8f2..5f6257412a6 100644 --- a/go.sum +++ b/go.sum @@ -212,6 +212,8 @@ github.com/aws/aws-sdk-go-v2/service/ssmincidents v1.27.1 h1:1eP1sAN5FDkKwgM7B/0 github.com/aws/aws-sdk-go-v2/service/ssmincidents v1.27.1/go.mod h1:3dHBotx1TNQmPzo0H62Kl2rJF21cBDUQHtQ3ajDK0H8= github.com/aws/aws-sdk-go-v2/service/sso v1.18.1 h1:V40g2daNO3l1J94JYwqfkyvQMYXi5I25fs3fNQW8iDs= github.com/aws/aws-sdk-go-v2/service/sso v1.18.1/go.mod h1:0ZWQJP/mBOUxkCvZKybZNz1XmdUKSBxoF0dzgfxtvDs= +github.com/aws/aws-sdk-go-v2/service/ssoadmin v1.23.1 h1:m5TwU4+qNT3G7LfjOyAcscY+Td0L2jVZus8hd+gU7g0= +github.com/aws/aws-sdk-go-v2/service/ssoadmin v1.23.1/go.mod h1:e8g8LmmUKSu5dtDpsVu1cypJzqQNkeqdgfm4n2wOnVw= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.1 h1:uQrj7SpUNC3r55vc1CDh3qV9wJC66lz546xM9dhSo5s= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.1/go.mod h1:oyaTk5xEAOuPXX1kCD7HmIeuLqdj3Bk5yGkqGXtGi14= github.com/aws/aws-sdk-go-v2/service/sts v1.26.1 h1:K33V7L0XDdb23FMOZySr8bon1jou5SHn1fiv7NJ1SUg= diff --git a/internal/conns/awsclient_gen.go b/internal/conns/awsclient_gen.go index 3bd0d3008e5..9d9b23d4ba0 100644 --- a/internal/conns/awsclient_gen.go +++ b/internal/conns/awsclient_gen.go @@ -80,6 +80,7 @@ import ( ssm_sdkv2 "github.com/aws/aws-sdk-go-v2/service/ssm" ssmcontacts_sdkv2 "github.com/aws/aws-sdk-go-v2/service/ssmcontacts" ssmincidents_sdkv2 "github.com/aws/aws-sdk-go-v2/service/ssmincidents" + ssoadmin_sdkv2 "github.com/aws/aws-sdk-go-v2/service/ssoadmin" sts_sdkv2 "github.com/aws/aws-sdk-go-v2/service/sts" swf_sdkv2 "github.com/aws/aws-sdk-go-v2/service/swf" timestreamwrite_sdkv2 "github.com/aws/aws-sdk-go-v2/service/timestreamwrite" @@ -216,7 +217,6 @@ import ( shield_sdkv1 "github.com/aws/aws-sdk-go/service/shield" simpledb_sdkv1 "github.com/aws/aws-sdk-go/service/simpledb" ssm_sdkv1 "github.com/aws/aws-sdk-go/service/ssm" - ssoadmin_sdkv1 "github.com/aws/aws-sdk-go/service/ssoadmin" storagegateway_sdkv1 "github.com/aws/aws-sdk-go/service/storagegateway" sts_sdkv1 "github.com/aws/aws-sdk-go/service/sts" synthetics_sdkv1 "github.com/aws/aws-sdk-go/service/synthetics" @@ -993,8 +993,8 @@ func (c *AWSClient) SSMIncidentsClient(ctx context.Context) *ssmincidents_sdkv2. return errs.Must(client[*ssmincidents_sdkv2.Client](ctx, c, names.SSMIncidents)) } -func (c *AWSClient) SSOAdminConn(ctx context.Context) *ssoadmin_sdkv1.SSOAdmin { - return errs.Must(conn[*ssoadmin_sdkv1.SSOAdmin](ctx, c, names.SSOAdmin)) +func (c *AWSClient) SSOAdminClient(ctx context.Context) *ssoadmin_sdkv2.Client { + return errs.Must(client[*ssoadmin_sdkv2.Client](ctx, c, names.SSOAdmin)) } func (c *AWSClient) STSConn(ctx context.Context) *sts_sdkv1.STS { diff --git a/internal/service/ssoadmin/generate.go b/internal/service/ssoadmin/generate.go index 6ba7cb154cb..0b2de01e88f 100644 --- a/internal/service/ssoadmin/generate.go +++ b/internal/service/ssoadmin/generate.go @@ -1,7 +1,7 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 -//go:generate go run ../../generate/tags/main.go -ListTags -ServiceTagsSlice -TagResTypeElem=InstanceArn -UpdateTags +//go:generate go run ../../generate/tags/main.go -ListTags -ServiceTagsSlice -TagResTypeElem=InstanceArn -UpdateTags -AWSSDKVersion=2 //go:generate go run ../../generate/servicepackage/main.go // ONLY generate directives and package declaration! Do not add anything else to this file. diff --git a/internal/service/ssoadmin/service_package.go b/internal/service/ssoadmin/service_package.go index 82bd75183b1..1c20800c8fa 100644 --- a/internal/service/ssoadmin/service_package.go +++ b/internal/service/ssoadmin/service_package.go @@ -6,26 +6,28 @@ package ssoadmin import ( "context" - aws_sdkv1 "github.com/aws/aws-sdk-go/aws" - request_sdkv1 "github.com/aws/aws-sdk-go/aws/request" - ssoadmin_sdkv1 "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + aws_sdkv2 "github.com/aws/aws-sdk-go-v2/aws" + retry_sdkv2 "github.com/aws/aws-sdk-go-v2/aws/retry" + ssoadmin_sdkv2 "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + ssoadmin_sdkv2_types "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" + "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/errs" ) -// CustomizeConn customizes a new AWS SDK for Go v1 client for this service package's AWS API. -func (p *servicePackage) CustomizeConn(ctx context.Context, conn *ssoadmin_sdkv1.SSOAdmin) (*ssoadmin_sdkv1.SSOAdmin, error) { - // Reference: https://github.com/hashicorp/terraform-provider-aws/issues/19215. - conn.Handlers.Retry.PushBack(func(r *request_sdkv1.Request) { - switch err := r.Error; r.Operation.Name { - case "AttachCustomerManagedPolicyReferenceToPermissionSet", "DetachCustomerManagedPolicyReferenceFromPermissionSet", - "AttachManagedPolicyToPermissionSet", "DetachManagedPolicyFromPermissionSet", - "PutPermissionsBoundaryToPermissionSet", "DeletePermissionsBoundaryFromPermissionSet", - "ProvisionPermissionSet": - if tfawserr.ErrCodeEquals(err, ssoadmin_sdkv1.ErrCodeConflictException, ssoadmin_sdkv1.ErrCodeThrottlingException) { - r.Retryable = aws_sdkv1.Bool(true) - } - } - }) +// NewClient returns a new AWS SDK for Go v2 client for this service package's AWS API. +func (p *servicePackage) NewClient(ctx context.Context, config map[string]any) (*ssoadmin_sdkv2.Client, error) { + cfg := *(config["aws_sdkv2_config"].(*aws_sdkv2.Config)) - return conn, nil + return ssoadmin_sdkv2.NewFromConfig(cfg, func(o *ssoadmin_sdkv2.Options) { + if endpoint := config["endpoint"].(string); endpoint != "" { + o.BaseEndpoint = aws_sdkv2.String(endpoint) + } + o.Retryer = conns.AddIsErrorRetryables(cfg.Retryer().(aws_sdkv2.RetryerV2), retry_sdkv2.IsErrorRetryableFunc(func(err error) aws_sdkv2.Ternary { + if errs.IsA[*ssoadmin_sdkv2_types.ConflictException](err) || + errs.IsA[*ssoadmin_sdkv2_types.ThrottlingException](err) { + return aws_sdkv2.TrueTernary + } + return aws_sdkv2.UnknownTernary // Delegate to configured Retryer. + })) + }), nil } diff --git a/internal/service/ssoadmin/service_package_gen.go b/internal/service/ssoadmin/service_package_gen.go index 449c444a0ef..baec9f3d2fb 100644 --- a/internal/service/ssoadmin/service_package_gen.go +++ b/internal/service/ssoadmin/service_package_gen.go @@ -5,9 +5,6 @@ package ssoadmin import ( "context" - aws_sdkv1 "github.com/aws/aws-sdk-go/aws" - session_sdkv1 "github.com/aws/aws-sdk-go/aws/session" - ssoadmin_sdkv1 "github.com/aws/aws-sdk-go/service/ssoadmin" "github.com/hashicorp/terraform-provider-aws/internal/conns" "github.com/hashicorp/terraform-provider-aws/internal/types" "github.com/hashicorp/terraform-provider-aws/names" @@ -75,13 +72,6 @@ func (p *servicePackage) ServicePackageName() string { return names.SSOAdmin } -// NewConn returns a new AWS SDK for Go v1 client for this service package's AWS API. -func (p *servicePackage) NewConn(ctx context.Context, config map[string]any) (*ssoadmin_sdkv1.SSOAdmin, error) { - sess := config["session"].(*session_sdkv1.Session) - - return ssoadmin_sdkv1.New(sess.Copy(&aws_sdkv1.Config{Endpoint: aws_sdkv1.String(config["endpoint"].(string))})), nil -} - func ServicePackage(ctx context.Context) conns.ServicePackage { return &servicePackage{} } diff --git a/internal/service/ssoadmin/tags_gen.go b/internal/service/ssoadmin/tags_gen.go index 39b9e71ef35..1a854fe23fa 100644 --- a/internal/service/ssoadmin/tags_gen.go +++ b/internal/service/ssoadmin/tags_gen.go @@ -5,9 +5,9 @@ import ( "context" "fmt" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/aws/aws-sdk-go/service/ssoadmin/ssoadminiface" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-log/tflog" "github.com/hashicorp/terraform-provider-aws/internal/conns" "github.com/hashicorp/terraform-provider-aws/internal/logging" @@ -19,13 +19,13 @@ import ( // listTags lists ssoadmin service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. -func listTags(ctx context.Context, conn ssoadminiface.SSOAdminAPI, identifier, resourceType string) (tftags.KeyValueTags, error) { +func listTags(ctx context.Context, conn *ssoadmin.Client, identifier, resourceType string) (tftags.KeyValueTags, error) { input := &ssoadmin.ListTagsForResourceInput{ ResourceArn: aws.String(identifier), InstanceArn: aws.String(resourceType), } - output, err := conn.ListTagsForResourceWithContext(ctx, input) + output, err := conn.ListTagsForResource(ctx, input) if err != nil { return tftags.New(ctx, nil), err @@ -37,7 +37,7 @@ func listTags(ctx context.Context, conn ssoadminiface.SSOAdminAPI, identifier, r // ListTags lists ssoadmin service tags and set them in Context. // It is called from outside this package. func (p *servicePackage) ListTags(ctx context.Context, meta any, identifier, resourceType string) error { - tags, err := listTags(ctx, meta.(*conns.AWSClient).SSOAdminConn(ctx), identifier, resourceType) + tags, err := listTags(ctx, meta.(*conns.AWSClient).SSOAdminClient(ctx), identifier, resourceType) if err != nil { return err @@ -53,11 +53,11 @@ func (p *servicePackage) ListTags(ctx context.Context, meta any, identifier, res // []*SERVICE.Tag handling // Tags returns ssoadmin service tags. -func Tags(tags tftags.KeyValueTags) []*ssoadmin.Tag { - result := make([]*ssoadmin.Tag, 0, len(tags)) +func Tags(tags tftags.KeyValueTags) []awstypes.Tag { + result := make([]awstypes.Tag, 0, len(tags)) for k, v := range tags.Map() { - tag := &ssoadmin.Tag{ + tag := awstypes.Tag{ Key: aws.String(k), Value: aws.String(v), } @@ -69,11 +69,11 @@ func Tags(tags tftags.KeyValueTags) []*ssoadmin.Tag { } // KeyValueTags creates tftags.KeyValueTags from ssoadmin service tags. -func KeyValueTags(ctx context.Context, tags []*ssoadmin.Tag) tftags.KeyValueTags { +func KeyValueTags(ctx context.Context, tags []awstypes.Tag) tftags.KeyValueTags { m := make(map[string]*string, len(tags)) for _, tag := range tags { - m[aws.StringValue(tag.Key)] = tag.Value + m[aws.ToString(tag.Key)] = tag.Value } return tftags.New(ctx, m) @@ -81,7 +81,7 @@ func KeyValueTags(ctx context.Context, tags []*ssoadmin.Tag) tftags.KeyValueTags // getTagsIn returns ssoadmin service tags from Context. // nil is returned if there are no input tags. -func getTagsIn(ctx context.Context) []*ssoadmin.Tag { +func getTagsIn(ctx context.Context) []awstypes.Tag { if inContext, ok := tftags.FromContext(ctx); ok { if tags := Tags(inContext.TagsIn.UnwrapOrDefault()); len(tags) > 0 { return tags @@ -92,7 +92,7 @@ func getTagsIn(ctx context.Context) []*ssoadmin.Tag { } // setTagsOut sets ssoadmin service tags in Context. -func setTagsOut(ctx context.Context, tags []*ssoadmin.Tag) { +func setTagsOut(ctx context.Context, tags []awstypes.Tag) { if inContext, ok := tftags.FromContext(ctx); ok { inContext.TagsOut = types.Some(KeyValueTags(ctx, tags)) } @@ -101,7 +101,7 @@ func setTagsOut(ctx context.Context, tags []*ssoadmin.Tag) { // updateTags updates ssoadmin service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. -func updateTags(ctx context.Context, conn ssoadminiface.SSOAdminAPI, identifier, resourceType string, oldTagsMap, newTagsMap any) error { +func updateTags(ctx context.Context, conn *ssoadmin.Client, identifier, resourceType string, oldTagsMap, newTagsMap any) error { oldTags := tftags.New(ctx, oldTagsMap) newTags := tftags.New(ctx, newTagsMap) @@ -113,10 +113,10 @@ func updateTags(ctx context.Context, conn ssoadminiface.SSOAdminAPI, identifier, input := &ssoadmin.UntagResourceInput{ ResourceArn: aws.String(identifier), InstanceArn: aws.String(resourceType), - TagKeys: aws.StringSlice(removedTags.Keys()), + TagKeys: removedTags.Keys(), } - _, err := conn.UntagResourceWithContext(ctx, input) + _, err := conn.UntagResource(ctx, input) if err != nil { return fmt.Errorf("untagging resource (%s): %w", identifier, err) @@ -132,7 +132,7 @@ func updateTags(ctx context.Context, conn ssoadminiface.SSOAdminAPI, identifier, Tags: Tags(updatedTags), } - _, err := conn.TagResourceWithContext(ctx, input) + _, err := conn.TagResource(ctx, input) if err != nil { return fmt.Errorf("tagging resource (%s): %w", identifier, err) @@ -145,5 +145,5 @@ func updateTags(ctx context.Context, conn ssoadminiface.SSOAdminAPI, identifier, // UpdateTags updates ssoadmin service tags. // It is called from outside this package. func (p *servicePackage) UpdateTags(ctx context.Context, meta any, identifier, resourceType string, oldTags, newTags any) error { - return updateTags(ctx, meta.(*conns.AWSClient).SSOAdminConn(ctx), identifier, resourceType, oldTags, newTags) + return updateTags(ctx, meta.(*conns.AWSClient).SSOAdminClient(ctx), identifier, resourceType, oldTags, newTags) } diff --git a/names/names.go b/names/names.go index a8630fd993d..8b73a986068 100644 --- a/names/names.go +++ b/names/names.go @@ -82,6 +82,7 @@ const ( SSMEndpointID = "ssm" SSMContactsEndpointID = "ssm-contacts" SSMIncidentsEndpointID = "ssm-incidents" + SSOAdminEndpointID = "sso" STSEndpointID = "sts" SWFEndpointID = "swf" TimestreamWriteEndpointID = "ingest.timestream" diff --git a/names/names_data.csv b/names/names_data.csv index 06cdbd191bf..2d23e1e6f97 100644 --- a/names/names_data.csv +++ b/names/names_data.csv @@ -341,7 +341,7 @@ ssm,ssm,ssm,ssm,,ssm,,,SSM,SSM,,1,2,,aws_ssm_,,ssm_,SSM (Systems Manager),AWS,,, ssm-contacts,ssmcontacts,ssmcontacts,ssmcontacts,,ssmcontacts,,,SSMContacts,SSMContacts,,,2,,aws_ssmcontacts_,,ssmcontacts_,SSM Contacts,AWS,,,,,,, ssm-incidents,ssmincidents,ssmincidents,ssmincidents,,ssmincidents,,,SSMIncidents,SSMIncidents,,,2,,aws_ssmincidents_,,ssmincidents_,SSM Incident Manager Incidents,AWS,,,,,,, sso,sso,sso,sso,,sso,,,SSO,SSO,,1,,,aws_sso_,,sso_,SSO (Single Sign-On),AWS,,x,x,,,, -sso-admin,ssoadmin,ssoadmin,ssoadmin,,ssoadmin,,,SSOAdmin,SSOAdmin,,1,,,aws_ssoadmin_,,ssoadmin_,SSO Admin,AWS,,,,,,, +sso-admin,ssoadmin,ssoadmin,ssoadmin,,ssoadmin,,,SSOAdmin,SSOAdmin,x,,2,,aws_ssoadmin_,,ssoadmin_,SSO Admin,AWS,,,,,,, identitystore,identitystore,identitystore,identitystore,,identitystore,,,IdentityStore,IdentityStore,,,2,,aws_identitystore_,,identitystore_,SSO Identity Store,AWS,,,,,,, sso-oidc,ssooidc,ssooidc,ssooidc,,ssooidc,,,SSOOIDC,SSOOIDC,,1,,,aws_ssooidc_,,ssooidc_,SSO OIDC,AWS,,x,,,,, storagegateway,storagegateway,storagegateway,storagegateway,,storagegateway,,,StorageGateway,StorageGateway,,1,,,aws_storagegateway_,,storagegateway_,Storage Gateway,AWS,,,,,,, From 44d5efc39bb0c22560bcbcd0f1f7d14ce2b78fb3 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Tue, 28 Nov 2023 14:00:52 -0500 Subject: [PATCH 02/12] internal/acctest: update ssoadmin client --- internal/acctest/acctest.go | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/internal/acctest/acctest.go b/internal/acctest/acctest.go index 0a0cf6437f1..912d69043a8 100644 --- a/internal/acctest/acctest.go +++ b/internal/acctest/acctest.go @@ -21,6 +21,8 @@ import ( ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types" "github.com/aws/aws-sdk-go-v2/service/inspector2" inspector2types "github.com/aws/aws-sdk-go-v2/service/inspector2/types" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + ssoadmintypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/aws/endpoints" @@ -29,7 +31,6 @@ import ( "github.com/aws/aws-sdk-go/service/ec2" "github.com/aws/aws-sdk-go/service/iam" "github.com/aws/aws-sdk-go/service/outposts" - "github.com/aws/aws-sdk-go/service/ssoadmin" "github.com/aws/aws-sdk-go/service/wafv2" "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" "github.com/hashicorp/terraform-plugin-go/tfprotov5" @@ -1029,31 +1030,28 @@ func PreCheckOrganizationMemberAccount(ctx context.Context, t *testing.T) { } func PreCheckSSOAdminInstances(ctx context.Context, t *testing.T) { - conn := Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) input := &ssoadmin.ListInstancesInput{} - var instances []*ssoadmin.InstanceMetadata + var instances []ssoadmintypes.InstanceMetadata - err := conn.ListInstancesPagesWithContext(ctx, input, func(page *ssoadmin.ListInstancesOutput, lastPage bool) bool { - if page == nil { - return !lastPage + paginator := ssoadmin.NewListInstancesPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if PreCheckSkipError(err) { + t.Skipf("skipping tests: %s", err) + } + if err != nil { + t.Fatalf("listing SSO Instances: %s", err) } - instances = append(instances, page.Instances...) - - return !lastPage - }) - - if PreCheckSkipError(err) { - t.Skipf("skipping tests: %s", err) + if page != nil { + instances = append(instances, page.Instances...) + } } if len(instances) == 0 { t.Skip("skipping tests; no SSO Instances found.") } - - if err != nil { - t.Fatalf("listing SSO Instances: %s", err) - } } func PreCheckHasIAMRole(ctx context.Context, t *testing.T, roleName string) { From bccad2d974240c5273a1e94f1e331cdb360373f2 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 13:35:21 -0500 Subject: [PATCH 03/12] d/aws_ssoadmin_instances: upgrade aws sdk client --- .../service/ssoadmin/instances_data_source.go | 35 ++++++++----------- .../ssoadmin/instances_data_source_test.go | 4 +-- 2 files changed, 17 insertions(+), 22 deletions(-) diff --git a/internal/service/ssoadmin/instances_data_source.go b/internal/service/ssoadmin/instances_data_source.go index 7be220da16a..a7e163773a1 100644 --- a/internal/service/ssoadmin/instances_data_source.go +++ b/internal/service/ssoadmin/instances_data_source.go @@ -6,8 +6,9 @@ package ssoadmin import ( "context" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-aws/internal/conns" @@ -36,7 +37,7 @@ func DataSourceInstances() *schema.Resource { func dataSourceInstancesRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) output, err := findInstanceMetadatas(ctx, conn) @@ -47,8 +48,8 @@ func dataSourceInstancesRead(ctx context.Context, d *schema.ResourceData, meta i var identityStoreIDs, arns []string for _, v := range output { - identityStoreIDs = append(identityStoreIDs, aws.StringValue(v.IdentityStoreId)) - arns = append(arns, aws.StringValue(v.InstanceArn)) + identityStoreIDs = append(identityStoreIDs, aws.ToString(v.IdentityStoreId)) + arns = append(arns, aws.ToString(v.InstanceArn)) } d.SetId(meta.(*conns.AWSClient).Region) @@ -58,26 +59,20 @@ func dataSourceInstancesRead(ctx context.Context, d *schema.ResourceData, meta i return diags } -func findInstanceMetadatas(ctx context.Context, conn *ssoadmin.SSOAdmin) ([]*ssoadmin.InstanceMetadata, error) { +func findInstanceMetadatas(ctx context.Context, conn *ssoadmin.Client) ([]awstypes.InstanceMetadata, error) { input := &ssoadmin.ListInstancesInput{} - var output []*ssoadmin.InstanceMetadata + var output []awstypes.InstanceMetadata - err := conn.ListInstancesPagesWithContext(ctx, input, func(page *ssoadmin.ListInstancesOutput, lastPage bool) bool { - if page == nil { - return !lastPage + paginator := ssoadmin.NewListInstancesPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if err != nil { + return nil, err } - for _, v := range page.Instances { - if v != nil { - output = append(output, v) - } + if page != nil { + output = append(output, page.Instances...) } - - return !lastPage - }) - - if err != nil { - return nil, err } return output, nil diff --git a/internal/service/ssoadmin/instances_data_source_test.go b/internal/service/ssoadmin/instances_data_source_test.go index 9b2b2a7f332..83f375f9111 100644 --- a/internal/service/ssoadmin/instances_data_source_test.go +++ b/internal/service/ssoadmin/instances_data_source_test.go @@ -7,9 +7,9 @@ import ( "testing" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/service/ssoadmin" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-provider-aws/internal/acctest" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdminInstancesDataSource_basic(t *testing.T) { @@ -18,7 +18,7 @@ func TestAccSSOAdminInstancesDataSource_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, Steps: []resource.TestStep{ { From 4ea9384f5e1a1e3738db2d566d25acfae02e4480 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 14:46:34 -0500 Subject: [PATCH 04/12] r/aws_ssoadmin_permission_set: upgrade aws sdk client --- internal/service/ssoadmin/permission_set.go | 60 ++++++++++--------- .../service/ssoadmin/permission_set_test.go | 22 +++---- 2 files changed, 42 insertions(+), 40 deletions(-) diff --git a/internal/service/ssoadmin/permission_set.go b/internal/service/ssoadmin/permission_set.go index f12a576bce0..ba1710beac1 100644 --- a/internal/service/ssoadmin/permission_set.go +++ b/internal/service/ssoadmin/permission_set.go @@ -12,14 +12,16 @@ import ( "time" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/enum" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" @@ -100,7 +102,7 @@ func ResourcePermissionSet() *schema.Resource { func resourcePermissionSetCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) instanceARN := d.Get("instance_arn").(string) name := d.Get("name").(string) @@ -122,20 +124,20 @@ func resourcePermissionSetCreate(ctx context.Context, d *schema.ResourceData, me input.SessionDuration = aws.String(v.(string)) } - output, err := conn.CreatePermissionSetWithContext(ctx, input) + output, err := conn.CreatePermissionSet(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "creating SSO Permission Set (%s): %s", name, err) } - d.SetId(fmt.Sprintf("%s,%s", aws.StringValue(output.PermissionSet.PermissionSetArn), instanceARN)) + d.SetId(fmt.Sprintf("%s,%s", aws.ToString(output.PermissionSet.PermissionSetArn), instanceARN)) return append(diags, resourcePermissionSetRead(ctx, d, meta)...) } func resourcePermissionSetRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) permissionSetARN, instanceARN, err := ParseResourceID(d.Id()) if err != nil { @@ -175,7 +177,7 @@ func resourcePermissionSetRead(ctx context.Context, d *schema.ResourceData, meta func resourcePermissionSetUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) permissionSetARN, instanceARN, err := ParseResourceID(d.Id()) if err != nil { @@ -205,7 +207,7 @@ func resourcePermissionSetUpdate(ctx context.Context, d *schema.ResourceData, me input.SessionDuration = aws.String(v.(string)) } - _, err := conn.UpdatePermissionSetWithContext(ctx, input) + _, err := conn.UpdatePermissionSet(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "updating SSO Permission Set (%s): %s", d.Id(), err) @@ -229,7 +231,7 @@ func resourcePermissionSetUpdate(ctx context.Context, d *schema.ResourceData, me func resourcePermissionSetDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) permissionSetARN, instanceARN, err := ParseResourceID(d.Id()) if err != nil { @@ -237,12 +239,12 @@ func resourcePermissionSetDelete(ctx context.Context, d *schema.ResourceData, me } log.Printf("[INFO] Deleting SSO Permission Set: %s", d.Id()) - _, err = conn.DeletePermissionSetWithContext(ctx, &ssoadmin.DeletePermissionSetInput{ + _, err = conn.DeletePermissionSet(ctx, &ssoadmin.DeletePermissionSetInput{ InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), }) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return diags } @@ -261,15 +263,15 @@ func ParseResourceID(id string) (string, string, error) { return idParts[0], idParts[1], nil } -func FindPermissionSet(ctx context.Context, conn *ssoadmin.SSOAdmin, permissionSetARN, instanceARN string) (*ssoadmin.PermissionSet, error) { +func FindPermissionSet(ctx context.Context, conn *ssoadmin.Client, permissionSetARN, instanceARN string) (*awstypes.PermissionSet, error) { input := &ssoadmin.DescribePermissionSetInput{ InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), } - output, err := conn.DescribePermissionSetWithContext(ctx, input) + output, err := conn.DescribePermissionSet(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return nil, &retry.NotFoundError{ LastError: err, LastRequest: input, @@ -287,35 +289,35 @@ func FindPermissionSet(ctx context.Context, conn *ssoadmin.SSOAdmin, permissionS return output.PermissionSet, nil } -func provisionPermissionSet(ctx context.Context, conn *ssoadmin.SSOAdmin, permissionSetARN, instanceARN string, timeout time.Duration) error { +func provisionPermissionSet(ctx context.Context, conn *ssoadmin.Client, permissionSetARN, instanceARN string, timeout time.Duration) error { input := &ssoadmin.ProvisionPermissionSetInput{ InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), - TargetType: aws.String(ssoadmin.ProvisionTargetTypeAllProvisionedAccounts), + TargetType: awstypes.ProvisionTargetTypeAllProvisionedAccounts, } - output, err := conn.ProvisionPermissionSetWithContext(ctx, input) + output, err := conn.ProvisionPermissionSet(ctx, input) if err != nil { return fmt.Errorf("provisioning SSO Permission Set (%s): %w", permissionSetARN, err) } - if _, err := waitPermissionSetProvisioned(ctx, conn, instanceARN, aws.StringValue(output.PermissionSetProvisioningStatus.RequestId), timeout); err != nil { + if _, err := waitPermissionSetProvisioned(ctx, conn, instanceARN, aws.ToString(output.PermissionSetProvisioningStatus.RequestId), timeout); err != nil { return fmt.Errorf("waiting for SSO Permission Set (%s) provision: %w", permissionSetARN, err) } return nil } -func findPermissionSetProvisioningStatus(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceARN, requestID string) (*ssoadmin.PermissionSetProvisioningStatus, error) { +func findPermissionSetProvisioningStatus(ctx context.Context, conn *ssoadmin.Client, instanceARN, requestID string) (*awstypes.PermissionSetProvisioningStatus, error) { input := &ssoadmin.DescribePermissionSetProvisioningStatusInput{ InstanceArn: aws.String(instanceARN), ProvisionPermissionSetRequestId: aws.String(requestID), } - output, err := conn.DescribePermissionSetProvisioningStatusWithContext(ctx, input) + output, err := conn.DescribePermissionSetProvisioningStatus(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return nil, &retry.NotFoundError{ LastError: err, LastRequest: input, @@ -333,7 +335,7 @@ func findPermissionSetProvisioningStatus(ctx context.Context, conn *ssoadmin.SSO return output.PermissionSetProvisioningStatus, nil } -func statusPermissionSetProvisioning(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceARN, requestID string) retry.StateRefreshFunc { +func statusPermissionSetProvisioning(ctx context.Context, conn *ssoadmin.Client, instanceARN, requestID string) retry.StateRefreshFunc { return func() (interface{}, string, error) { output, err := findPermissionSetProvisioningStatus(ctx, conn, instanceARN, requestID) @@ -345,14 +347,14 @@ func statusPermissionSetProvisioning(ctx context.Context, conn *ssoadmin.SSOAdmi return nil, "", err } - return output, aws.StringValue(output.Status), nil + return output, string(output.Status), nil } } -func waitPermissionSetProvisioned(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceARN, requestID string, timeout time.Duration) (*ssoadmin.PermissionSetProvisioningStatus, error) { +func waitPermissionSetProvisioned(ctx context.Context, conn *ssoadmin.Client, instanceARN, requestID string, timeout time.Duration) (*awstypes.PermissionSetProvisioningStatus, error) { stateConf := retry.StateChangeConf{ - Pending: []string{ssoadmin.StatusValuesInProgress}, - Target: []string{ssoadmin.StatusValuesSucceeded}, + Pending: enum.Slice(awstypes.StatusValuesInProgress), + Target: enum.Slice(awstypes.StatusValuesSucceeded), Refresh: statusPermissionSetProvisioning(ctx, conn, instanceARN, requestID), Timeout: timeout, Delay: 5 * time.Second, @@ -360,8 +362,8 @@ func waitPermissionSetProvisioned(ctx context.Context, conn *ssoadmin.SSOAdmin, outputRaw, err := stateConf.WaitForStateContext(ctx) - if output, ok := outputRaw.(*ssoadmin.PermissionSetProvisioningStatus); ok { - tfresource.SetLastError(err, errors.New(aws.StringValue(output.FailureReason))) + if output, ok := outputRaw.(*awstypes.PermissionSetProvisioningStatus); ok { + tfresource.SetLastError(err, errors.New(aws.ToString(output.FailureReason))) return output, err } diff --git a/internal/service/ssoadmin/permission_set_test.go b/internal/service/ssoadmin/permission_set_test.go index 67df100fc7c..26637b04109 100644 --- a/internal/service/ssoadmin/permission_set_test.go +++ b/internal/service/ssoadmin/permission_set_test.go @@ -8,7 +8,6 @@ import ( "fmt" "testing" - "github.com/aws/aws-sdk-go/service/ssoadmin" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" @@ -16,6 +15,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" tfssoadmin "github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdminPermissionSet_basic(t *testing.T) { @@ -25,7 +25,7 @@ func TestAccSSOAdminPermissionSet_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetDestroy(ctx), Steps: []resource.TestStep{ @@ -51,9 +51,9 @@ func TestAccSSOAdminPermissionSet_tags(t *testing.T) { resourceName := "aws_ssoadmin_permission_set.test" rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetDestroy(ctx), Steps: []resource.TestStep{ @@ -108,7 +108,7 @@ func TestAccSSOAdminPermissionSet_updateDescription(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetDestroy(ctx), Steps: []resource.TestStep{ @@ -142,7 +142,7 @@ func TestAccSSOAdminPermissionSet_updateRelayState(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetDestroy(ctx), Steps: []resource.TestStep{ @@ -176,7 +176,7 @@ func TestAccSSOAdminPermissionSet_updateSessionDuration(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetDestroy(ctx), Steps: []resource.TestStep{ @@ -212,7 +212,7 @@ func TestAccSSOAdminPermissionSet_RelayState_updateSessionDuration(t *testing.T) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetDestroy(ctx), Steps: []resource.TestStep{ @@ -252,7 +252,7 @@ func TestAccSSOAdminPermissionSet_mixedPolicyAttachments(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetDestroy(ctx), Steps: []resource.TestStep{ @@ -279,7 +279,7 @@ func TestAccSSOAdminPermissionSet_mixedPolicyAttachments(t *testing.T) { func testAccCheckPermissionSetDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_ssoadmin_permission_set" { @@ -320,7 +320,7 @@ func testAccCheckSOAdminPermissionSetExists(ctx context.Context, n string) resou return err } - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) _, err = tfssoadmin.FindPermissionSet(ctx, conn, permissionSetARN, instanceARN) From 3fd4864909bd0be24754057ca295dbe339aeb496 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 14:49:46 -0500 Subject: [PATCH 05/12] d/aws_ssoadmin_permission_set: upgrade aws sdk client --- .../ssoadmin/permission_set_data_source.go | 74 ++++++++----------- .../permission_set_data_source_test.go | 8 +- 2 files changed, 33 insertions(+), 49 deletions(-) diff --git a/internal/service/ssoadmin/permission_set_data_source.go b/internal/service/ssoadmin/permission_set_data_source.go index 4f3840751fe..1e091cae689 100644 --- a/internal/service/ssoadmin/permission_set_data_source.go +++ b/internal/service/ssoadmin/permission_set_data_source.go @@ -8,8 +8,9 @@ import ( "time" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" @@ -32,23 +33,19 @@ func DataSourcePermissionSet() *schema.Resource { ValidateFunc: verify.ValidARN, ExactlyOneOf: []string{"arn", "name"}, }, - "created_date": { Type: schema.TypeString, Computed: true, }, - "description": { Type: schema.TypeString, Computed: true, }, - "instance_arn": { Type: schema.TypeString, Required: true, ValidateFunc: verify.ValidARN, }, - "name": { Type: schema.TypeString, Optional: true, @@ -59,17 +56,14 @@ func DataSourcePermissionSet() *schema.Resource { ), ExactlyOneOf: []string{"name", "arn"}, }, - "relay_state": { Type: schema.TypeString, Computed: true, }, - "session_duration": { Type: schema.TypeString, Computed: true, }, - "tags": tftags.TagsSchemaComputed(), }, } @@ -77,12 +71,12 @@ func DataSourcePermissionSet() *schema.Resource { func dataSourcePermissionSetRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) ignoreTagsConfig := meta.(*conns.AWSClient).IgnoreTagsConfig instanceArn := d.Get("instance_arn").(string) - var permissionSet *ssoadmin.PermissionSet + var permissionSet *awstypes.PermissionSet if v, ok := d.GetOk("arn"); ok { arn := v.(string) @@ -92,7 +86,7 @@ func dataSourcePermissionSetRead(ctx context.Context, d *schema.ResourceData, me PermissionSetArn: aws.String(arn), } - output, err := conn.DescribePermissionSetWithContext(ctx, input) + output, err := conn.DescribePermissionSet(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "reading SSO Admin Permission Set (%s): %s", arn, err) } @@ -104,50 +98,40 @@ func dataSourcePermissionSetRead(ctx context.Context, d *schema.ResourceData, me permissionSet = output.PermissionSet } else if v, ok := d.GetOk("name"); ok { name := v.(string) - var describeErr error input := &ssoadmin.ListPermissionSetsInput{ InstanceArn: aws.String(instanceArn), } - err := conn.ListPermissionSetsPagesWithContext(ctx, input, func(page *ssoadmin.ListPermissionSetsOutput, lastPage bool) bool { - if page == nil { - return !lastPage + var permissionSetArns []string + paginator := ssoadmin.NewListPermissionSetsPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if err != nil { + return sdkdiag.AppendErrorf(diags, "listing SSO Permission Sets: %s", err) } - for _, permissionSetArn := range page.PermissionSets { - if permissionSetArn == nil { - continue - } - - output, describeErr := conn.DescribePermissionSetWithContext(ctx, &ssoadmin.DescribePermissionSetInput{ - InstanceArn: aws.String(instanceArn), - PermissionSetArn: permissionSetArn, - }) - - if describeErr != nil { - return false - } + permissionSetArns = append(permissionSetArns, page.PermissionSets...) + } - if output == nil || output.PermissionSet == nil { - continue - } + for _, permissionSetArn := range permissionSetArns { + output, err := conn.DescribePermissionSet(ctx, &ssoadmin.DescribePermissionSetInput{ + InstanceArn: aws.String(instanceArn), + PermissionSetArn: aws.String(permissionSetArn), + }) - if aws.StringValue(output.PermissionSet.Name) == name { - permissionSet = output.PermissionSet - return false - } + if err != nil { + // Proceed with attempting to describe the remaining permission sets + continue } - return !lastPage - }) - - if err != nil { - return sdkdiag.AppendErrorf(diags, "listing SSO Permission Sets: %s", err) - } + if output == nil || output.PermissionSet == nil { + continue + } - if describeErr != nil { - return sdkdiag.AppendErrorf(diags, "reading SSO Permission Set (%s): %s", name, describeErr) + if aws.ToString(output.PermissionSet.Name) == name { + permissionSet = output.PermissionSet + } } } @@ -155,7 +139,7 @@ func dataSourcePermissionSetRead(ctx context.Context, d *schema.ResourceData, me return sdkdiag.AppendErrorf(diags, "reading SSO Permission Set: not found") } - arn := aws.StringValue(permissionSet.PermissionSetArn) + arn := aws.ToString(permissionSet.PermissionSetArn) d.SetId(arn) d.Set("arn", arn) diff --git a/internal/service/ssoadmin/permission_set_data_source_test.go b/internal/service/ssoadmin/permission_set_data_source_test.go index 9f4bb862661..56ff7f13959 100644 --- a/internal/service/ssoadmin/permission_set_data_source_test.go +++ b/internal/service/ssoadmin/permission_set_data_source_test.go @@ -8,10 +8,10 @@ import ( "testing" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/service/ssoadmin" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-provider-aws/internal/acctest" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdminPermissionSetDataSource_arn(t *testing.T) { @@ -22,7 +22,7 @@ func TestAccSSOAdminPermissionSetDataSource_arn(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, Steps: []resource.TestStep{ { @@ -48,7 +48,7 @@ func TestAccSSOAdminPermissionSetDataSource_name(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, Steps: []resource.TestStep{ { @@ -70,7 +70,7 @@ func TestAccSSOAdminPermissionSetDataSource_nonExistent(t *testing.T) { ctx := acctest.Context(t) resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, Steps: []resource.TestStep{ { From 69651ac6aa3ed574445de31a6c1b99149afd5232 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 15:44:44 -0500 Subject: [PATCH 06/12] r/aws_ssoadmin_account_assignment: upgrade aws sdk client --- .../service/ssoadmin/account_assignment.go | 147 ++++++++++-------- .../ssoadmin/account_assignment_test.go | 14 +- 2 files changed, 87 insertions(+), 74 deletions(-) diff --git a/internal/service/ssoadmin/account_assignment.go b/internal/service/ssoadmin/account_assignment.go index 5360669f344..bb0386d3d55 100644 --- a/internal/service/ssoadmin/account_assignment.go +++ b/internal/service/ssoadmin/account_assignment.go @@ -12,14 +12,16 @@ import ( "time" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/enum" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" tfslices "github.com/hashicorp/terraform-provider-aws/internal/slices" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" @@ -65,10 +67,10 @@ func ResourceAccountAssignment() *schema.Resource { ), }, "principal_type": { - Type: schema.TypeString, - Required: true, - ForceNew: true, - ValidateFunc: validation.StringInSlice(ssoadmin.PrincipalType_Values(), false), + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateDiagFunc: enum.Validate[awstypes.PrincipalType](), }, "target_id": { Type: schema.TypeString, @@ -77,10 +79,10 @@ func ResourceAccountAssignment() *schema.Resource { ValidateFunc: verify.ValidAccountID, }, "target_type": { - Type: schema.TypeString, - Optional: true, - ForceNew: true, - ValidateFunc: validation.StringInSlice(ssoadmin.TargetType_Values(), false), + Type: schema.TypeString, + Optional: true, + ForceNew: true, + ValidateDiagFunc: enum.Validate[awstypes.TargetType](), }, }, } @@ -88,7 +90,7 @@ func ResourceAccountAssignment() *schema.Resource { func resourceAccountAssignmentCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) instanceARN := d.Get("instance_arn").(string) permissionSetARN := d.Get("permission_set_arn").(string) @@ -110,18 +112,18 @@ func resourceAccountAssignmentCreate(ctx context.Context, d *schema.ResourceData InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), PrincipalId: aws.String(principalID), - PrincipalType: aws.String(principalType), + PrincipalType: awstypes.PrincipalType(principalType), TargetId: aws.String(targetID), - TargetType: aws.String(targetType), + TargetType: awstypes.TargetType(targetType), } - output, err := conn.CreateAccountAssignmentWithContext(ctx, input) + output, err := conn.CreateAccountAssignment(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "creating SSO Account Assignment for %s (%s): %s", principalType, principalID, err) } - if _, err := waitAccountAssignmentCreated(ctx, conn, instanceARN, aws.StringValue(output.AccountAssignmentCreationStatus.RequestId), d.Timeout(schema.TimeoutCreate)); err != nil { + if _, err := waitAccountAssignmentCreated(ctx, conn, instanceARN, aws.ToString(output.AccountAssignmentCreationStatus.RequestId), d.Timeout(schema.TimeoutCreate)); err != nil { return sdkdiag.AppendErrorf(diags, "waiting for SSO Account Assignment for %s (%s) create: %s", principalType, principalID, err) } @@ -132,7 +134,7 @@ func resourceAccountAssignmentCreate(ctx context.Context, d *schema.ResourceData func resourceAccountAssignmentRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) idParts, err := ParseAccountAssignmentID(d.Id()) if err != nil { @@ -170,7 +172,7 @@ func resourceAccountAssignmentRead(ctx context.Context, d *schema.ResourceData, func resourceAccountAssignmentDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) idParts, err := ParseAccountAssignmentID(d.Id()) if err != nil { @@ -188,14 +190,14 @@ func resourceAccountAssignmentDelete(ctx context.Context, d *schema.ResourceData InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), PrincipalId: aws.String(principalID), - PrincipalType: aws.String(principalType), - TargetType: aws.String(targetType), + PrincipalType: awstypes.PrincipalType(principalType), TargetId: aws.String(targetID), + TargetType: awstypes.TargetType(targetType), } - output, err := conn.DeleteAccountAssignmentWithContext(ctx, input) + output, err := conn.DeleteAccountAssignment(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return diags } @@ -203,7 +205,7 @@ func resourceAccountAssignmentDelete(ctx context.Context, d *schema.ResourceData return sdkdiag.AppendErrorf(diags, "deleting SSO Account Assignment for Principal (%s): %s", principalID, err) } - if _, err := waitAccountAssignmentDeleted(ctx, conn, instanceARN, aws.StringValue(output.AccountAssignmentDeletionStatus.RequestId), d.Timeout(schema.TimeoutDelete)); err != nil { + if _, err := waitAccountAssignmentDeleted(ctx, conn, instanceARN, aws.ToString(output.AccountAssignmentDeletionStatus.RequestId), d.Timeout(schema.TimeoutDelete)); err != nil { return sdkdiag.AppendErrorf(diags, "waiting for SSO Account Assignment for Principal (%s) delete: %s", principalID, err) } @@ -219,69 +221,80 @@ func ParseAccountAssignmentID(id string) ([]string, error) { return idParts, nil } -func FindAccountAssignment(ctx context.Context, conn *ssoadmin.SSOAdmin, principalID, principalType, accountID, permissionSetARN, instanceARN string) (*ssoadmin.AccountAssignment, error) { +func FindAccountAssignment(ctx context.Context, conn *ssoadmin.Client, principalID, principalType, accountID, permissionSetARN, instanceARN string) (*awstypes.AccountAssignment, error) { input := &ssoadmin.ListAccountAssignmentsInput{ AccountId: aws.String(accountID), InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), } - filter := func(a *ssoadmin.AccountAssignment) bool { - return aws.StringValue(a.PrincipalId) == principalID && aws.StringValue(a.PrincipalType) == principalType + filter := func(a awstypes.AccountAssignment) bool { + return aws.ToString(a.PrincipalId) == principalID && string(a.PrincipalType) == principalType } return findAccountAssignment(ctx, conn, input, filter) } -func findAccountAssignment(ctx context.Context, conn *ssoadmin.SSOAdmin, input *ssoadmin.ListAccountAssignmentsInput, filter tfslices.Predicate[*ssoadmin.AccountAssignment]) (*ssoadmin.AccountAssignment, error) { +func findAccountAssignment( + ctx context.Context, + conn *ssoadmin.Client, + input *ssoadmin.ListAccountAssignmentsInput, + filter tfslices.Predicate[awstypes.AccountAssignment], +) (*awstypes.AccountAssignment, error) { output, err := findAccountAssignments(ctx, conn, input, filter) if err != nil { return nil, err } - return tfresource.AssertSinglePtrResult(output) + return tfresource.AssertSingleValueResult(output) } -func findAccountAssignments(ctx context.Context, conn *ssoadmin.SSOAdmin, input *ssoadmin.ListAccountAssignmentsInput, filter tfslices.Predicate[*ssoadmin.AccountAssignment]) ([]*ssoadmin.AccountAssignment, error) { - var output []*ssoadmin.AccountAssignment +func findAccountAssignments( + ctx context.Context, + conn *ssoadmin.Client, + input *ssoadmin.ListAccountAssignmentsInput, + filter tfslices.Predicate[awstypes.AccountAssignment], +) ([]awstypes.AccountAssignment, error) { + var output []awstypes.AccountAssignment + + paginator := ssoadmin.NewListAccountAssignmentsPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if errs.IsA[*awstypes.ResourceNotFoundException](err) { + return nil, &retry.NotFoundError{ + LastError: err, + LastRequest: input, + } + } - err := conn.ListAccountAssignmentsPagesWithContext(ctx, input, func(page *ssoadmin.ListAccountAssignmentsOutput, lastPage bool) bool { - if page == nil { - return !lastPage + if err != nil { + return nil, err } for _, v := range page.AccountAssignments { - if v != nil && filter(v) { + if filter(v) { output = append(output, v) } } - - return !lastPage - }) - - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { - return nil, &retry.NotFoundError{ - LastError: err, - LastRequest: input, - } - } - - if err != nil { - return nil, err } return output, nil } -func findAccountAssignmentCreationStatus(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceARN, requestID string) (*ssoadmin.AccountAssignmentOperationStatus, error) { +func findAccountAssignmentCreationStatus( + ctx context.Context, + conn *ssoadmin.Client, + instanceARN, + requestID string, +) (*awstypes.AccountAssignmentOperationStatus, error) { input := &ssoadmin.DescribeAccountAssignmentCreationStatusInput{ AccountAssignmentCreationRequestId: aws.String(requestID), InstanceArn: aws.String(instanceARN), } - output, err := conn.DescribeAccountAssignmentCreationStatusWithContext(ctx, input) + output, err := conn.DescribeAccountAssignmentCreationStatus(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return nil, &retry.NotFoundError{ LastError: err, LastRequest: input, @@ -299,7 +312,7 @@ func findAccountAssignmentCreationStatus(ctx context.Context, conn *ssoadmin.SSO return output.AccountAssignmentCreationStatus, nil } -func statusAccountAssignmentCreation(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceARN, requestID string) retry.StateRefreshFunc { +func statusAccountAssignmentCreation(ctx context.Context, conn *ssoadmin.Client, instanceARN, requestID string) retry.StateRefreshFunc { return func() (interface{}, string, error) { output, err := findAccountAssignmentCreationStatus(ctx, conn, instanceARN, requestID) @@ -311,19 +324,19 @@ func statusAccountAssignmentCreation(ctx context.Context, conn *ssoadmin.SSOAdmi return nil, "", err } - return output, aws.StringValue(output.Status), nil + return output, string(output.Status), nil } } -func findAccountAssignmentDeletionStatus(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceARN, requestID string) (*ssoadmin.AccountAssignmentOperationStatus, error) { +func findAccountAssignmentDeletionStatus(ctx context.Context, conn *ssoadmin.Client, instanceARN, requestID string) (*awstypes.AccountAssignmentOperationStatus, error) { input := &ssoadmin.DescribeAccountAssignmentDeletionStatusInput{ AccountAssignmentDeletionRequestId: aws.String(requestID), InstanceArn: aws.String(instanceARN), } - output, err := conn.DescribeAccountAssignmentDeletionStatusWithContext(ctx, input) + output, err := conn.DescribeAccountAssignmentDeletionStatus(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return nil, &retry.NotFoundError{ LastError: err, LastRequest: input, @@ -341,7 +354,7 @@ func findAccountAssignmentDeletionStatus(ctx context.Context, conn *ssoadmin.SSO return output.AccountAssignmentDeletionStatus, nil } -func statusAccountAssignmentDeletion(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceARN, requestID string) retry.StateRefreshFunc { +func statusAccountAssignmentDeletion(ctx context.Context, conn *ssoadmin.Client, instanceARN, requestID string) retry.StateRefreshFunc { return func() (interface{}, string, error) { output, err := findAccountAssignmentDeletionStatus(ctx, conn, instanceARN, requestID) @@ -353,14 +366,14 @@ func statusAccountAssignmentDeletion(ctx context.Context, conn *ssoadmin.SSOAdmi return nil, "", err } - return output, aws.StringValue(output.Status), nil + return output, string(output.Status), nil } } -func waitAccountAssignmentCreated(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceARN, requestID string, timeout time.Duration) (*ssoadmin.AccountAssignmentOperationStatus, error) { +func waitAccountAssignmentCreated(ctx context.Context, conn *ssoadmin.Client, instanceARN, requestID string, timeout time.Duration) (*awstypes.AccountAssignmentOperationStatus, error) { stateConf := &retry.StateChangeConf{ - Pending: []string{ssoadmin.StatusValuesInProgress}, - Target: []string{ssoadmin.StatusValuesSucceeded}, + Pending: enum.Slice(awstypes.StatusValuesInProgress), + Target: enum.Slice(awstypes.StatusValuesSucceeded), Refresh: statusAccountAssignmentCreation(ctx, conn, instanceARN, requestID), Timeout: timeout, Delay: 10 * time.Second, @@ -369,8 +382,8 @@ func waitAccountAssignmentCreated(ctx context.Context, conn *ssoadmin.SSOAdmin, outputRaw, err := stateConf.WaitForStateContext(ctx) - if output, ok := outputRaw.(*ssoadmin.AccountAssignmentOperationStatus); ok { - tfresource.SetLastError(err, errors.New(aws.StringValue(output.FailureReason))) + if output, ok := outputRaw.(*awstypes.AccountAssignmentOperationStatus); ok { + tfresource.SetLastError(err, errors.New(aws.ToString(output.FailureReason))) return output, err } @@ -378,10 +391,10 @@ func waitAccountAssignmentCreated(ctx context.Context, conn *ssoadmin.SSOAdmin, return nil, err } -func waitAccountAssignmentDeleted(ctx context.Context, conn *ssoadmin.SSOAdmin, instanceArn, requestID string, timeout time.Duration) (*ssoadmin.AccountAssignmentOperationStatus, error) { +func waitAccountAssignmentDeleted(ctx context.Context, conn *ssoadmin.Client, instanceArn, requestID string, timeout time.Duration) (*awstypes.AccountAssignmentOperationStatus, error) { stateConf := &retry.StateChangeConf{ - Pending: []string{ssoadmin.StatusValuesInProgress}, - Target: []string{ssoadmin.StatusValuesSucceeded}, + Pending: enum.Slice(awstypes.StatusValuesInProgress), + Target: enum.Slice(awstypes.StatusValuesSucceeded), Refresh: statusAccountAssignmentDeletion(ctx, conn, instanceArn, requestID), Timeout: timeout, Delay: 10 * time.Second, @@ -390,8 +403,8 @@ func waitAccountAssignmentDeleted(ctx context.Context, conn *ssoadmin.SSOAdmin, outputRaw, err := stateConf.WaitForStateContext(ctx) - if output, ok := outputRaw.(*ssoadmin.AccountAssignmentOperationStatus); ok { - tfresource.SetLastError(err, errors.New(aws.StringValue(output.FailureReason))) + if output, ok := outputRaw.(*awstypes.AccountAssignmentOperationStatus); ok { + tfresource.SetLastError(err, errors.New(aws.ToString(output.FailureReason))) return output, err } diff --git a/internal/service/ssoadmin/account_assignment_test.go b/internal/service/ssoadmin/account_assignment_test.go index e3808c25064..cba95758428 100644 --- a/internal/service/ssoadmin/account_assignment_test.go +++ b/internal/service/ssoadmin/account_assignment_test.go @@ -10,7 +10,6 @@ import ( "testing" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/service/ssoadmin" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" @@ -18,6 +17,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" tfssoadmin "github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdminAccountAssignment_Basic_group(t *testing.T) { @@ -32,7 +32,7 @@ func TestAccSSOAdminAccountAssignment_Basic_group(t *testing.T) { acctest.PreCheckSSOAdminInstances(ctx, t) testAccPreCheckIdentityStoreGroupName(t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckAccountAssignmentDestroy(ctx), Steps: []resource.TestStep{ @@ -66,7 +66,7 @@ func TestAccSSOAdminAccountAssignment_Basic_user(t *testing.T) { acctest.PreCheckSSOAdminInstances(ctx, t) testAccPreCheckIdentityStoreUserName(t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckAccountAssignmentDestroy(ctx), Steps: []resource.TestStep{ @@ -99,7 +99,7 @@ func TestAccSSOAdminAccountAssignment_MissingPolicy(t *testing.T) { acctest.PreCheckSSOAdminInstances(ctx, t) testAccPreCheckIdentityStoreUserName(t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckAccountAssignmentDestroy(ctx), Steps: []resource.TestStep{ @@ -124,7 +124,7 @@ func TestAccSSOAdminAccountAssignment_disappears(t *testing.T) { acctest.PreCheckSSOAdminInstances(ctx, t) testAccPreCheckIdentityStoreGroupName(t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckAccountAssignmentDestroy(ctx), Steps: []resource.TestStep{ @@ -142,7 +142,7 @@ func TestAccSSOAdminAccountAssignment_disappears(t *testing.T) { func testAccCheckAccountAssignmentDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_ssoadmin_account_assignment" { @@ -184,7 +184,7 @@ func testAccCheckAccountAssignmentExists(ctx context.Context, n string) resource return fmt.Errorf("Not found: %s", n) } - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) idParts, err := tfssoadmin.ParseAccountAssignmentID(rs.Primary.ID) if err != nil { From c78980e48d765d5996eb44e720a71588c6b849ec Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 16:09:10 -0500 Subject: [PATCH 07/12] r/aws_ssoadmin_customer_managed_policy_attachment: upgrade aws sdk client --- .../customer_managed_policy_attachment.go | 85 ++++++++++--------- ...customer_managed_policy_attachment_test.go | 20 ++--- 2 files changed, 56 insertions(+), 49 deletions(-) diff --git a/internal/service/ssoadmin/customer_managed_policy_attachment.go b/internal/service/ssoadmin/customer_managed_policy_attachment.go index ce78d027385..f952d85d72a 100644 --- a/internal/service/ssoadmin/customer_managed_policy_attachment.go +++ b/internal/service/ssoadmin/customer_managed_policy_attachment.go @@ -10,14 +10,15 @@ import ( "strings" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" tfslices "github.com/hashicorp/terraform-provider-aws/internal/slices" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" @@ -82,7 +83,7 @@ func ResourceCustomerManagedPolicyAttachment() *schema.Resource { func resourceCustomerManagedPolicyAttachmentCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) tfMap := d.Get("customer_managed_policy_reference").([]interface{})[0].(map[string]interface{}) policyName := tfMap["name"].(string) @@ -96,7 +97,7 @@ func resourceCustomerManagedPolicyAttachmentCreate(ctx context.Context, d *schem PermissionSetArn: aws.String(permissionSetARN), } - _, err := conn.AttachCustomerManagedPolicyReferenceToPermissionSetWithContext(ctx, input) + _, err := conn.AttachCustomerManagedPolicyReferenceToPermissionSet(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "creating SSO Customer Managed Policy Attachment (%s): %s", id, err) @@ -114,7 +115,7 @@ func resourceCustomerManagedPolicyAttachmentCreate(ctx context.Context, d *schem func resourceCustomerManagedPolicyAttachmentRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) policyName, policyPath, permissionSetARN, instanceARN, err := CustomerManagedPolicyAttachmentParseResourceID(d.Id()) if err != nil { @@ -144,7 +145,7 @@ func resourceCustomerManagedPolicyAttachmentRead(ctx context.Context, d *schema. func resourceCustomerManagedPolicyAttachmentDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) policyName, policyPath, permissionSetARN, instanceARN, err := CustomerManagedPolicyAttachmentParseResourceID(d.Id()) if err != nil { @@ -152,7 +153,7 @@ func resourceCustomerManagedPolicyAttachmentDelete(ctx context.Context, d *schem } input := &ssoadmin.DetachCustomerManagedPolicyReferenceFromPermissionSetInput{ - CustomerManagedPolicyReference: &ssoadmin.CustomerManagedPolicyReference{ + CustomerManagedPolicyReference: &awstypes.CustomerManagedPolicyReference{ Name: aws.String(policyName), Path: aws.String(policyPath), }, @@ -161,9 +162,9 @@ func resourceCustomerManagedPolicyAttachmentDelete(ctx context.Context, d *schem } log.Printf("[INFO] Deleting SSO Customer Managed Policy Attachment: %s", d.Id()) - _, err = conn.DetachCustomerManagedPolicyReferenceFromPermissionSetWithContext(ctx, input) + _, err = conn.DetachCustomerManagedPolicyReferenceFromPermissionSet(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return diags } @@ -198,65 +199,71 @@ func CustomerManagedPolicyAttachmentParseResourceID(id string) (string, string, return "", "", "", "", fmt.Errorf("unexpected format for ID (%[1]s), expected CUSTOMER_MANAGED_POLICY_NAME%[2]sCUSTOMER_MANAGED_POLICY_PATH%[2]sPERMISSION_SET_ARN%[2]sINSTANCE_ARN", id, customerManagedPolicyAttachmentIDSeparator) } -func FindCustomerManagedPolicy(ctx context.Context, conn *ssoadmin.SSOAdmin, policyName, policyPath, permissionSetARN, instanceARN string) (*ssoadmin.CustomerManagedPolicyReference, error) { +func FindCustomerManagedPolicy(ctx context.Context, conn *ssoadmin.Client, policyName, policyPath, permissionSetARN, instanceARN string) (*awstypes.CustomerManagedPolicyReference, error) { input := &ssoadmin.ListCustomerManagedPolicyReferencesInPermissionSetInput{ InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), } - filter := func(c *ssoadmin.CustomerManagedPolicyReference) bool { - return aws.StringValue(c.Name) == policyName && aws.StringValue(c.Path) == policyPath + filter := func(c awstypes.CustomerManagedPolicyReference) bool { + return aws.ToString(c.Name) == policyName && aws.ToString(c.Path) == policyPath } return findCustomerManagedPolicyReference(ctx, conn, input, filter) } -func findCustomerManagedPolicyReference(ctx context.Context, conn *ssoadmin.SSOAdmin, input *ssoadmin.ListCustomerManagedPolicyReferencesInPermissionSetInput, filter tfslices.Predicate[*ssoadmin.CustomerManagedPolicyReference]) (*ssoadmin.CustomerManagedPolicyReference, error) { +func findCustomerManagedPolicyReference( + ctx context.Context, + conn *ssoadmin.Client, + input *ssoadmin.ListCustomerManagedPolicyReferencesInPermissionSetInput, + filter tfslices.Predicate[awstypes.CustomerManagedPolicyReference], +) (*awstypes.CustomerManagedPolicyReference, error) { output, err := findCustomerManagedPolicyReferences(ctx, conn, input, filter) if err != nil { return nil, err } - return tfresource.AssertSinglePtrResult(output) + return tfresource.AssertSingleValueResult(output) } -func findCustomerManagedPolicyReferences(ctx context.Context, conn *ssoadmin.SSOAdmin, input *ssoadmin.ListCustomerManagedPolicyReferencesInPermissionSetInput, filter tfslices.Predicate[*ssoadmin.CustomerManagedPolicyReference]) ([]*ssoadmin.CustomerManagedPolicyReference, error) { - var output []*ssoadmin.CustomerManagedPolicyReference +func findCustomerManagedPolicyReferences( + ctx context.Context, + conn *ssoadmin.Client, + input *ssoadmin.ListCustomerManagedPolicyReferencesInPermissionSetInput, + filter tfslices.Predicate[awstypes.CustomerManagedPolicyReference], +) ([]awstypes.CustomerManagedPolicyReference, error) { + var output []awstypes.CustomerManagedPolicyReference + + paginator := ssoadmin.NewListCustomerManagedPolicyReferencesInPermissionSetPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if errs.IsA[*awstypes.ResourceNotFoundException](err) { + return nil, &retry.NotFoundError{ + LastError: err, + LastRequest: input, + } + } - err := conn.ListCustomerManagedPolicyReferencesInPermissionSetPagesWithContext(ctx, input, func(page *ssoadmin.ListCustomerManagedPolicyReferencesInPermissionSetOutput, lastPage bool) bool { - if page == nil { - return !lastPage + if err != nil { + return nil, err } for _, v := range page.CustomerManagedPolicyReferences { - if v != nil && filter(v) { + if filter(v) { output = append(output, v) } } - - return !lastPage - }) - - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { - return nil, &retry.NotFoundError{ - LastError: err, - LastRequest: input, - } - } - - if err != nil { - return nil, err } return output, nil } -func expandCustomerManagedPolicyReference(tfMap map[string]interface{}) *ssoadmin.CustomerManagedPolicyReference { +func expandCustomerManagedPolicyReference(tfMap map[string]interface{}) *awstypes.CustomerManagedPolicyReference { if tfMap == nil { return nil } - apiObject := &ssoadmin.CustomerManagedPolicyReference{} + apiObject := &awstypes.CustomerManagedPolicyReference{} if v, ok := tfMap["name"].(string); ok && v != "" { apiObject.Name = aws.String(v) @@ -269,7 +276,7 @@ func expandCustomerManagedPolicyReference(tfMap map[string]interface{}) *ssoadmi return apiObject } -func flattenCustomerManagedPolicyReference(apiObject *ssoadmin.CustomerManagedPolicyReference) map[string]interface{} { +func flattenCustomerManagedPolicyReference(apiObject *awstypes.CustomerManagedPolicyReference) map[string]interface{} { if apiObject == nil { return nil } @@ -277,11 +284,11 @@ func flattenCustomerManagedPolicyReference(apiObject *ssoadmin.CustomerManagedPo tfMap := map[string]interface{}{} if v := apiObject.Name; v != nil { - tfMap["name"] = aws.StringValue(v) + tfMap["name"] = aws.ToString(v) } if v := apiObject.Path; v != nil { - tfMap["path"] = aws.StringValue(v) + tfMap["path"] = aws.ToString(v) } return tfMap diff --git a/internal/service/ssoadmin/customer_managed_policy_attachment_test.go b/internal/service/ssoadmin/customer_managed_policy_attachment_test.go index ef47903db41..0123a95a90f 100644 --- a/internal/service/ssoadmin/customer_managed_policy_attachment_test.go +++ b/internal/service/ssoadmin/customer_managed_policy_attachment_test.go @@ -8,7 +8,6 @@ import ( "fmt" "testing" - "github.com/aws/aws-sdk-go/service/ssoadmin" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" @@ -16,6 +15,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" tfssoadmin "github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdminCustomerManagedPolicyAttachment_basic(t *testing.T) { @@ -28,7 +28,7 @@ func TestAccSSOAdminCustomerManagedPolicyAttachment_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckCustomerManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -60,7 +60,7 @@ func TestAccSSOAdminCustomerManagedPolicyAttachment_forceNew(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckCustomerManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -95,9 +95,9 @@ func TestAccSSOAdminCustomerManagedPolicyAttachment_disappears(t *testing.T) { rNamePolicy1 := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) rNamePolicy2 := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckCustomerManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -121,9 +121,9 @@ func TestAccSSOAdminCustomerManagedPolicyAttachment_Disappears_permissionSet(t * rNamePolicy1 := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) rNamePolicy2 := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckCustomerManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -151,7 +151,7 @@ func TestAccSSOAdminCustomerManagedPolicyAttachment_multipleManagedPolicies(t *t resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckCustomerManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -182,7 +182,7 @@ func TestAccSSOAdminCustomerManagedPolicyAttachment_multipleManagedPolicies(t *t func testAccCheckCustomerManagedPolicyAttachmentDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_ssoadmin_customer_managed_policy_attachment" { @@ -227,7 +227,7 @@ func testAccCheckCustomerManagedPolicyAttachmentExists(ctx context.Context, n st return err } - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) _, err = tfssoadmin.FindCustomerManagedPolicy(ctx, conn, policyName, policyPath, permissionSetARN, instanceARN) From 10e3bd2dd19f8d72fa7b473ea283c86b164792b1 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 16:15:00 -0500 Subject: [PATCH 08/12] r/aws_ssoadmin_managed_policy_attachment: upgrade aws sdk client --- .../ssoadmin/managed_policy_attachment.go | 73 ++++++++++--------- .../managed_policy_attachment_test.go | 20 ++--- 2 files changed, 50 insertions(+), 43 deletions(-) diff --git a/internal/service/ssoadmin/managed_policy_attachment.go b/internal/service/ssoadmin/managed_policy_attachment.go index 0c3918365c3..cb434e9b292 100644 --- a/internal/service/ssoadmin/managed_policy_attachment.go +++ b/internal/service/ssoadmin/managed_policy_attachment.go @@ -10,13 +10,14 @@ import ( "strings" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" tfslices "github.com/hashicorp/terraform-provider-aws/internal/slices" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" @@ -68,7 +69,7 @@ func ResourceManagedPolicyAttachment() *schema.Resource { func resourceManagedPolicyAttachmentCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) instanceARN := d.Get("instance_arn").(string) managedPolicyARN := d.Get("managed_policy_arn").(string) @@ -89,7 +90,7 @@ func resourceManagedPolicyAttachmentCreate(ctx context.Context, d *schema.Resour PermissionSetArn: aws.String(permissionSetARN), } - _, err = conn.AttachManagedPolicyToPermissionSetWithContext(ctx, input) + _, err = conn.AttachManagedPolicyToPermissionSet(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "attaching Managed Policy (%s) to SSO Permission Set (%s): %s", managedPolicyARN, permissionSetARN, err) @@ -107,7 +108,7 @@ func resourceManagedPolicyAttachmentCreate(ctx context.Context, d *schema.Resour func resourceManagedPolicyAttachmentRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) managedPolicyARN, permissionSetARN, instanceARN, err := ParseManagedPolicyAttachmentID(d.Id()) if err != nil { @@ -136,7 +137,7 @@ func resourceManagedPolicyAttachmentRead(ctx context.Context, d *schema.Resource func resourceManagedPolicyAttachmentDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) managedPolicyARN, permissionSetARN, instanceARN, err := ParseManagedPolicyAttachmentID(d.Id()) if err != nil { @@ -149,9 +150,9 @@ func resourceManagedPolicyAttachmentDelete(ctx context.Context, d *schema.Resour PermissionSetArn: aws.String(permissionSetARN), } - _, err = conn.DetachManagedPolicyFromPermissionSetWithContext(ctx, input) + _, err = conn.DetachManagedPolicyFromPermissionSet(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return diags } @@ -175,54 +176,60 @@ func ParseManagedPolicyAttachmentID(id string) (string, string, string, error) { return idParts[0], idParts[1], idParts[2], nil } -func FindManagedPolicy(ctx context.Context, conn *ssoadmin.SSOAdmin, managedPolicyARN, permissionSetARN, instanceARN string) (*ssoadmin.AttachedManagedPolicy, error) { +func FindManagedPolicy(ctx context.Context, conn *ssoadmin.Client, managedPolicyARN, permissionSetARN, instanceARN string) (*awstypes.AttachedManagedPolicy, error) { input := &ssoadmin.ListManagedPoliciesInPermissionSetInput{ InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), } - filter := func(a *ssoadmin.AttachedManagedPolicy) bool { - return aws.StringValue(a.Arn) == managedPolicyARN + filter := func(a awstypes.AttachedManagedPolicy) bool { + return aws.ToString(a.Arn) == managedPolicyARN } return findAttachedManagedPolicy(ctx, conn, input, filter) } -func findAttachedManagedPolicy(ctx context.Context, conn *ssoadmin.SSOAdmin, input *ssoadmin.ListManagedPoliciesInPermissionSetInput, filter tfslices.Predicate[*ssoadmin.AttachedManagedPolicy]) (*ssoadmin.AttachedManagedPolicy, error) { +func findAttachedManagedPolicy( + ctx context.Context, + conn *ssoadmin.Client, + input *ssoadmin.ListManagedPoliciesInPermissionSetInput, + filter tfslices.Predicate[awstypes.AttachedManagedPolicy], +) (*awstypes.AttachedManagedPolicy, error) { output, err := findAttachedManagedPolicies(ctx, conn, input, filter) if err != nil { return nil, err } - return tfresource.AssertSinglePtrResult(output) + return tfresource.AssertSingleValueResult(output) } -func findAttachedManagedPolicies(ctx context.Context, conn *ssoadmin.SSOAdmin, input *ssoadmin.ListManagedPoliciesInPermissionSetInput, filter tfslices.Predicate[*ssoadmin.AttachedManagedPolicy]) ([]*ssoadmin.AttachedManagedPolicy, error) { - var output []*ssoadmin.AttachedManagedPolicy +func findAttachedManagedPolicies( + ctx context.Context, + conn *ssoadmin.Client, + input *ssoadmin.ListManagedPoliciesInPermissionSetInput, + filter tfslices.Predicate[awstypes.AttachedManagedPolicy], +) ([]awstypes.AttachedManagedPolicy, error) { + var output []awstypes.AttachedManagedPolicy + + paginator := ssoadmin.NewListManagedPoliciesInPermissionSetPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if errs.IsA[*awstypes.ResourceNotFoundException](err) { + return nil, &retry.NotFoundError{ + LastError: err, + LastRequest: input, + } + } - err := conn.ListManagedPoliciesInPermissionSetPagesWithContext(ctx, input, func(page *ssoadmin.ListManagedPoliciesInPermissionSetOutput, lastPage bool) bool { - if page == nil { - return !lastPage + if err != nil { + return nil, err } for _, v := range page.AttachedManagedPolicies { - if v != nil && filter(v) { + if filter(v) { output = append(output, v) } } - - return !lastPage - }) - - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { - return nil, &retry.NotFoundError{ - LastError: err, - LastRequest: input, - } - } - - if err != nil { - return nil, err } return output, nil diff --git a/internal/service/ssoadmin/managed_policy_attachment_test.go b/internal/service/ssoadmin/managed_policy_attachment_test.go index d5fb00c717c..96de0b02d75 100644 --- a/internal/service/ssoadmin/managed_policy_attachment_test.go +++ b/internal/service/ssoadmin/managed_policy_attachment_test.go @@ -9,7 +9,6 @@ import ( "testing" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/service/ssoadmin" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" @@ -17,6 +16,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" tfssoadmin "github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdminManagedPolicyAttachment_basic(t *testing.T) { @@ -27,7 +27,7 @@ func TestAccSSOAdminManagedPolicyAttachment_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -59,7 +59,7 @@ func TestAccSSOAdminManagedPolicyAttachment_forceNew(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -94,9 +94,9 @@ func TestAccSSOAdminManagedPolicyAttachment_disappears(t *testing.T) { resourceName := "aws_ssoadmin_managed_policy_attachment.test" rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -118,9 +118,9 @@ func TestAccSSOAdminManagedPolicyAttachment_Disappears_permissionSet(t *testing. permissionSetResourceName := "aws_ssoadmin_permission_set.test" rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -145,7 +145,7 @@ func TestAccSSOAdminManagedPolicyAttachment_multipleManagedPolicies(t *testing.T resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckManagedPolicyAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -178,7 +178,7 @@ func TestAccSSOAdminManagedPolicyAttachment_multipleManagedPolicies(t *testing.T func testAccCheckManagedPolicyAttachmentDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_ssoadmin_managed_policy_attachment" { @@ -219,7 +219,7 @@ func testAccCheckManagedPolicyAttachmentExists(ctx context.Context, n string) re return err } - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) _, err = tfssoadmin.FindManagedPolicy(ctx, conn, managedPolicyARN, permissionSetARN, instanceARN) From 780468574b6d9018ff8844f070774d92b0385d38 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 16:22:26 -0500 Subject: [PATCH 09/12] r/aws_ssoadmin_instance_access_control_attributes: upgrade aws sdk client --- .../instance_access_control_attributes.go | 57 ++++++++++--------- ...instance_access_control_attributes_test.go | 14 ++--- 2 files changed, 37 insertions(+), 34 deletions(-) diff --git a/internal/service/ssoadmin/instance_access_control_attributes.go b/internal/service/ssoadmin/instance_access_control_attributes.go index 4df0c8e69f1..4709ab70e0d 100644 --- a/internal/service/ssoadmin/instance_access_control_attributes.go +++ b/internal/service/ssoadmin/instance_access_control_attributes.go @@ -7,13 +7,14 @@ import ( "context" "log" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" "github.com/hashicorp/terraform-provider-aws/internal/flex" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" @@ -80,17 +81,17 @@ func ResourceAccessControlAttributes() *schema.Resource { func resourceAccessControlAttributesCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) instanceARN := d.Get("instance_arn").(string) input := &ssoadmin.CreateInstanceAccessControlAttributeConfigurationInput{ InstanceArn: aws.String(instanceARN), - InstanceAccessControlAttributeConfiguration: &ssoadmin.InstanceAccessControlAttributeConfiguration{ + InstanceAccessControlAttributeConfiguration: &awstypes.InstanceAccessControlAttributeConfiguration{ AccessControlAttributes: expandAccessControlAttributes(d), }, } - _, err := conn.CreateInstanceAccessControlAttributeConfigurationWithContext(ctx, input) + _, err := conn.CreateInstanceAccessControlAttributeConfiguration(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "creating SSO Instance Access Control Attributes (%s): %s", instanceARN, err) @@ -103,7 +104,7 @@ func resourceAccessControlAttributesCreate(ctx context.Context, d *schema.Resour func resourceAccessControlAttributesRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) output, err := FindInstanceAttributeControlAttributesByARN(ctx, conn, d.Id()) @@ -129,16 +130,16 @@ func resourceAccessControlAttributesRead(ctx context.Context, d *schema.Resource func resourceAccessControlAttributesUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) input := &ssoadmin.UpdateInstanceAccessControlAttributeConfigurationInput{ InstanceArn: aws.String(d.Id()), - InstanceAccessControlAttributeConfiguration: &ssoadmin.InstanceAccessControlAttributeConfiguration{ + InstanceAccessControlAttributeConfiguration: &awstypes.InstanceAccessControlAttributeConfiguration{ AccessControlAttributes: expandAccessControlAttributes(d), }, } - _, err := conn.UpdateInstanceAccessControlAttributeConfigurationWithContext(ctx, input) + _, err := conn.UpdateInstanceAccessControlAttributeConfiguration(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "updating SSO Instance Access Control Attributes (%s): %s", d.Id(), err) @@ -149,9 +150,9 @@ func resourceAccessControlAttributesUpdate(ctx context.Context, d *schema.Resour func resourceAccessControlAttributesDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) - _, err := conn.DeleteInstanceAccessControlAttributeConfigurationWithContext(ctx, &ssoadmin.DeleteInstanceAccessControlAttributeConfigurationInput{ + _, err := conn.DeleteInstanceAccessControlAttributeConfiguration(ctx, &ssoadmin.DeleteInstanceAccessControlAttributeConfigurationInput{ InstanceArn: aws.String(d.Id()), }) @@ -162,14 +163,14 @@ func resourceAccessControlAttributesDelete(ctx context.Context, d *schema.Resour return diags } -func FindInstanceAttributeControlAttributesByARN(ctx context.Context, conn *ssoadmin.SSOAdmin, arn string) (*ssoadmin.DescribeInstanceAccessControlAttributeConfigurationOutput, error) { +func FindInstanceAttributeControlAttributesByARN(ctx context.Context, conn *ssoadmin.Client, arn string) (*ssoadmin.DescribeInstanceAccessControlAttributeConfigurationOutput, error) { input := &ssoadmin.DescribeInstanceAccessControlAttributeConfigurationInput{ InstanceArn: aws.String(arn), } - output, err := conn.DescribeInstanceAccessControlAttributeConfigurationWithContext(ctx, input) + output, err := conn.DescribeInstanceAccessControlAttributeConfiguration(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return nil, &retry.NotFoundError{ LastError: err, LastRequest: input, @@ -187,42 +188,44 @@ func FindInstanceAttributeControlAttributesByARN(ctx context.Context, conn *ssoa return output, nil } -func expandAccessControlAttributes(d *schema.ResourceData) (attributes []*ssoadmin.AccessControlAttribute) { +func expandAccessControlAttributes(d *schema.ResourceData) []awstypes.AccessControlAttribute { + var attributes []awstypes.AccessControlAttribute + attInterface := d.Get("attribute").(*schema.Set).List() for _, attrMap := range attInterface { attr := attrMap.(map[string]interface{}) - var attribute ssoadmin.AccessControlAttribute + var attribute awstypes.AccessControlAttribute if key, ok := attr["key"].(string); ok { attribute.Key = aws.String(key) } val := attr["value"].(*schema.Set).List()[0].(map[string]interface{}) if v, ok := val["source"].(*schema.Set); ok && len(v.List()) > 0 { - attribute.Value = &ssoadmin.AccessControlAttributeValue{ - Source: flex.ExpandStringSet(v), + attribute.Value = &awstypes.AccessControlAttributeValue{ + Source: flex.ExpandStringValueSet(v), } } - attributes = append(attributes, &attribute) + attributes = append(attributes, attribute) } - return + + return attributes } -func flattenAccessControlAttributes(attributes []*ssoadmin.AccessControlAttribute) []interface{} { +func flattenAccessControlAttributes(attributes []awstypes.AccessControlAttribute) []interface{} { var results []interface{} if len(attributes) == 0 { return []interface{}{} } + for _, attr := range attributes { - if attr == nil { - continue - } var val []interface{} val = append(val, map[string]interface{}{ - "source": flex.FlattenStringSet(attr.Value.Source), + "source": flex.FlattenStringValueSet(attr.Value.Source), }) results = append(results, map[string]interface{}{ - "key": aws.StringValue(attr.Key), + "key": aws.ToString(attr.Key), "value": val, }) } + return results } diff --git a/internal/service/ssoadmin/instance_access_control_attributes_test.go b/internal/service/ssoadmin/instance_access_control_attributes_test.go index 60f8f56b0b1..2a7507627ac 100644 --- a/internal/service/ssoadmin/instance_access_control_attributes_test.go +++ b/internal/service/ssoadmin/instance_access_control_attributes_test.go @@ -8,13 +8,13 @@ import ( "fmt" "testing" - "github.com/aws/aws-sdk-go/service/ssoadmin" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" "github.com/hashicorp/terraform-provider-aws/internal/acctest" "github.com/hashicorp/terraform-provider-aws/internal/conns" tfssoadmin "github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdmin_serial(t *testing.T) { @@ -38,7 +38,7 @@ func testAccInstanceAccessControlAttributes_basic(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckInstanceAccessControlAttributesDestroy(ctx), Steps: []resource.TestStep{ @@ -65,7 +65,7 @@ func testAccInstanceAccessControlAttributes_disappears(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetInlinePolicyDestroy(ctx), Steps: []resource.TestStep{ @@ -87,7 +87,7 @@ func testAccInstanceAccessControlAttributes_multiple(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckInstanceAccessControlAttributesDestroy(ctx), Steps: []resource.TestStep{ @@ -114,7 +114,7 @@ func testAccInstanceAccessControlAttributes_update(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckInstanceAccessControlAttributesDestroy(ctx), Steps: []resource.TestStep{ @@ -141,7 +141,7 @@ func testAccInstanceAccessControlAttributes_update(t *testing.T) { func testAccCheckInstanceAccessControlAttributesDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_ssoadmin_instance_access_control_attributes" { @@ -176,7 +176,7 @@ func testAccCheckInstanceAccessControlAttributesExists(ctx context.Context, reso return fmt.Errorf("No SSO Instance Access Control Attributes ID is set") } - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) _, err := tfssoadmin.FindInstanceAttributeControlAttributesByARN(ctx, conn, rs.Primary.ID) From 034bc6ada81407b62dcfbbd0c4b31b8f3fb53049 Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 16:30:35 -0500 Subject: [PATCH 10/12] r/aws_ssoadmin_permission_set_inline_policy: upgrade aws sdk client --- .../ssoadmin/permission_set_inline_policy.go | 29 ++++++++++--------- .../permission_set_inline_policy_test.go | 18 ++++++------ 2 files changed, 24 insertions(+), 23 deletions(-) diff --git a/internal/service/ssoadmin/permission_set_inline_policy.go b/internal/service/ssoadmin/permission_set_inline_policy.go index f89731fcd53..3dba8999d19 100644 --- a/internal/service/ssoadmin/permission_set_inline_policy.go +++ b/internal/service/ssoadmin/permission_set_inline_policy.go @@ -9,14 +9,15 @@ import ( "log" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" "github.com/hashicorp/terraform-provider-aws/internal/verify" @@ -69,7 +70,7 @@ func ResourcePermissionSetInlinePolicy() *schema.Resource { func resourcePermissionSetInlinePolicyPut(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) policy, err := structure.NormalizeJsonString(d.Get("inline_policy").(string)) if err != nil { @@ -84,7 +85,7 @@ func resourcePermissionSetInlinePolicyPut(ctx context.Context, d *schema.Resourc PermissionSetArn: aws.String(permissionSetARN), } - _, err = conn.PutInlinePolicyToPermissionSetWithContext(ctx, input) + _, err = conn.PutInlinePolicyToPermissionSet(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "putting SSO Permission Set (%s) Inline Policy: %s", permissionSetARN, err) @@ -102,7 +103,7 @@ func resourcePermissionSetInlinePolicyPut(ctx context.Context, d *schema.Resourc func resourcePermissionSetInlinePolicyRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) permissionSetARN, instanceARN, err := ParseResourceID(d.Id()) if err != nil { @@ -135,7 +136,7 @@ func resourcePermissionSetInlinePolicyRead(ctx context.Context, d *schema.Resour func resourcePermissionSetInlinePolicyDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) permissionSetARN, instanceARN, err := ParseResourceID(d.Id()) if err != nil { @@ -147,9 +148,9 @@ func resourcePermissionSetInlinePolicyDelete(ctx context.Context, d *schema.Reso PermissionSetArn: aws.String(permissionSetARN), } - _, err = conn.DeleteInlinePolicyFromPermissionSetWithContext(ctx, input) + _, err = conn.DeleteInlinePolicyFromPermissionSet(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return diags } @@ -165,15 +166,15 @@ func resourcePermissionSetInlinePolicyDelete(ctx context.Context, d *schema.Reso return diags } -func FindPermissionSetInlinePolicy(ctx context.Context, conn *ssoadmin.SSOAdmin, permissionSetARN, instanceARN string) (string, error) { +func FindPermissionSetInlinePolicy(ctx context.Context, conn *ssoadmin.Client, permissionSetARN, instanceARN string) (string, error) { input := &ssoadmin.GetInlinePolicyForPermissionSetInput{ InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), } - output, err := conn.GetInlinePolicyForPermissionSetWithContext(ctx, input) + output, err := conn.GetInlinePolicyForPermissionSet(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return "", &retry.NotFoundError{ LastError: err, LastRequest: input, @@ -184,9 +185,9 @@ func FindPermissionSetInlinePolicy(ctx context.Context, conn *ssoadmin.SSOAdmin, return "", err } - if output == nil || aws.StringValue(output.InlinePolicy) == "" { + if output == nil || aws.ToString(output.InlinePolicy) == "" { return "", tfresource.NewEmptyResultError(input) } - return aws.StringValue(output.InlinePolicy), nil + return aws.ToString(output.InlinePolicy), nil } diff --git a/internal/service/ssoadmin/permission_set_inline_policy_test.go b/internal/service/ssoadmin/permission_set_inline_policy_test.go index cd75e71014b..3a879883b53 100644 --- a/internal/service/ssoadmin/permission_set_inline_policy_test.go +++ b/internal/service/ssoadmin/permission_set_inline_policy_test.go @@ -9,7 +9,6 @@ import ( "testing" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/service/ssoadmin" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" @@ -17,6 +16,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" tfssoadmin "github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdminPermissionSetInlinePolicy_basic(t *testing.T) { @@ -27,7 +27,7 @@ func TestAccSSOAdminPermissionSetInlinePolicy_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetInlinePolicyDestroy(ctx), Steps: []resource.TestStep{ @@ -57,7 +57,7 @@ func TestAccSSOAdminPermissionSetInlinePolicy_update(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetInlinePolicyDestroy(ctx), Steps: []resource.TestStep{ @@ -88,9 +88,9 @@ func TestAccSSOAdminPermissionSetInlinePolicy_disappears(t *testing.T) { resourceName := "aws_ssoadmin_permission_set_inline_policy.test" rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetInlinePolicyDestroy(ctx), Steps: []resource.TestStep{ @@ -112,9 +112,9 @@ func TestAccSSOAdminPermissionSetInlinePolicy_Disappears_permissionSet(t *testin permissionSetResourceName := "aws_ssoadmin_permission_set.test" rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionSetInlinePolicyDestroy(ctx), Steps: []resource.TestStep{ @@ -132,7 +132,7 @@ func TestAccSSOAdminPermissionSetInlinePolicy_Disappears_permissionSet(t *testin func testAccCheckPermissionSetInlinePolicyDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_ssoadmin_permission_set_inline_policy" { @@ -173,7 +173,7 @@ func testAccCheckPermissionSetInlinePolicyExists(ctx context.Context, n string) return err } - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) _, err = tfssoadmin.FindPermissionSetInlinePolicy(ctx, conn, permissionSetARN, instanceARN) From c795399462e58111b25d10917f3e3ed3c0441b4e Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 16:32:07 -0500 Subject: [PATCH 11/12] r/aws_ssoadmin_permissions_boundary_attachment: upgrade aws sdk client --- .../permissions_boundary_attachment.go | 33 ++++++++++--------- .../permissions_boundary_attachment_test.go | 20 +++++------ 2 files changed, 27 insertions(+), 26 deletions(-) diff --git a/internal/service/ssoadmin/permissions_boundary_attachment.go b/internal/service/ssoadmin/permissions_boundary_attachment.go index 92d798699c6..a2de3d4f1c9 100644 --- a/internal/service/ssoadmin/permissions_boundary_attachment.go +++ b/internal/service/ssoadmin/permissions_boundary_attachment.go @@ -10,14 +10,15 @@ import ( "strings" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" "github.com/hashicorp/terraform-provider-aws/internal/verify" @@ -98,7 +99,7 @@ func ResourcePermissionsBoundaryAttachment() *schema.Resource { func resourcePermissionsBoundaryAttachmentCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) tfMap := d.Get("permissions_boundary").([]interface{})[0].(map[string]interface{}) instanceARN := d.Get("instance_arn").(string) @@ -110,7 +111,7 @@ func resourcePermissionsBoundaryAttachmentCreate(ctx context.Context, d *schema. PermissionsBoundary: expandPermissionsBoundary(tfMap), } - _, err := conn.PutPermissionsBoundaryToPermissionSetWithContext(ctx, input) + _, err := conn.PutPermissionsBoundaryToPermissionSet(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "creating SSO Permissions Boundary Attachment (%s): %s", id, err) @@ -128,7 +129,7 @@ func resourcePermissionsBoundaryAttachmentCreate(ctx context.Context, d *schema. func resourcePermissionsBoundaryAttachmentRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) permissionSetARN, instanceARN, err := PermissionsBoundaryAttachmentParseResourceID(d.Id()) if err != nil { @@ -158,7 +159,7 @@ func resourcePermissionsBoundaryAttachmentRead(ctx context.Context, d *schema.Re func resourcePermissionsBoundaryAttachmentDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).SSOAdminConn(ctx) + conn := meta.(*conns.AWSClient).SSOAdminClient(ctx) permissionSetARN, instanceARN, err := PermissionsBoundaryAttachmentParseResourceID(d.Id()) if err != nil { @@ -170,9 +171,9 @@ func resourcePermissionsBoundaryAttachmentDelete(ctx context.Context, d *schema. PermissionSetArn: aws.String(permissionSetARN), } - _, err = conn.DeletePermissionsBoundaryFromPermissionSetWithContext(ctx, input) + _, err = conn.DeletePermissionsBoundaryFromPermissionSet(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return diags } @@ -207,15 +208,15 @@ func PermissionsBoundaryAttachmentParseResourceID(id string) (string, string, er return "", "", fmt.Errorf("unexpected format for ID (%[1]s), expected PERMISSION_SET_ARN%[2]sINSTANCE_ARN", id, permissionsBoundaryAttachmentIDSeparator) } -func FindPermissionsBoundary(ctx context.Context, conn *ssoadmin.SSOAdmin, permissionSetARN, instanceARN string) (*ssoadmin.PermissionsBoundary, error) { +func FindPermissionsBoundary(ctx context.Context, conn *ssoadmin.Client, permissionSetARN, instanceARN string) (*awstypes.PermissionsBoundary, error) { input := &ssoadmin.GetPermissionsBoundaryForPermissionSetInput{ InstanceArn: aws.String(instanceARN), PermissionSetArn: aws.String(permissionSetARN), } - output, err := conn.GetPermissionsBoundaryForPermissionSetWithContext(ctx, input) + output, err := conn.GetPermissionsBoundaryForPermissionSet(ctx, input) - if tfawserr.ErrCodeEquals(err, ssoadmin.ErrCodeResourceNotFoundException) { + if errs.IsA[*awstypes.ResourceNotFoundException](err) { return nil, &retry.NotFoundError{ LastError: err, LastRequest: input, @@ -233,12 +234,12 @@ func FindPermissionsBoundary(ctx context.Context, conn *ssoadmin.SSOAdmin, permi return output.PermissionsBoundary, nil } -func expandPermissionsBoundary(tfMap map[string]interface{}) *ssoadmin.PermissionsBoundary { +func expandPermissionsBoundary(tfMap map[string]interface{}) *awstypes.PermissionsBoundary { if tfMap == nil { return nil } - apiObject := &ssoadmin.PermissionsBoundary{} + apiObject := &awstypes.PermissionsBoundary{} if v, ok := tfMap["customer_managed_policy_reference"].([]interface{}); ok && len(v) > 0 { if cmpr, ok := v[0].(map[string]interface{}); ok { @@ -252,7 +253,7 @@ func expandPermissionsBoundary(tfMap map[string]interface{}) *ssoadmin.Permissio return apiObject } -func flattenPermissionsBoundary(apiObject *ssoadmin.PermissionsBoundary) map[string]interface{} { +func flattenPermissionsBoundary(apiObject *awstypes.PermissionsBoundary) map[string]interface{} { if apiObject == nil { return nil } @@ -260,7 +261,7 @@ func flattenPermissionsBoundary(apiObject *ssoadmin.PermissionsBoundary) map[str tfMap := map[string]interface{}{} if v := apiObject.ManagedPolicyArn; v != nil { - tfMap["managed_policy_arn"] = aws.StringValue(v) + tfMap["managed_policy_arn"] = aws.ToString(v) } else if v := apiObject.CustomerManagedPolicyReference; v != nil { tfMap["customer_managed_policy_reference"] = []map[string]interface{}{flattenCustomerManagedPolicyReference(v)} } diff --git a/internal/service/ssoadmin/permissions_boundary_attachment_test.go b/internal/service/ssoadmin/permissions_boundary_attachment_test.go index f0cd39a7049..2e4fd26578f 100644 --- a/internal/service/ssoadmin/permissions_boundary_attachment_test.go +++ b/internal/service/ssoadmin/permissions_boundary_attachment_test.go @@ -9,7 +9,6 @@ import ( "testing" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/service/ssoadmin" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" @@ -17,6 +16,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" tfssoadmin "github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccSSOAdminPermissionsBoundaryAttachment_basic(t *testing.T) { @@ -29,7 +29,7 @@ func TestAccSSOAdminPermissionsBoundaryAttachment_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionsBoundaryAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -61,7 +61,7 @@ func TestAccSSOAdminPermissionsBoundaryAttachment_forceNew(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionsBoundaryAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -96,9 +96,9 @@ func TestAccSSOAdminPermissionsBoundaryAttachment_disappears(t *testing.T) { rNamePolicy1 := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) rNamePolicy2 := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionsBoundaryAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -122,9 +122,9 @@ func TestAccSSOAdminPermissionsBoundaryAttachment_Disappears_permissionSet(t *te rNamePolicy1 := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) rNamePolicy2 := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) - resource.Test(t, resource.TestCase{ + resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionsBoundaryAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -148,7 +148,7 @@ func TestAccSSOAdminPermissionsBoundaryAttachment_managedPolicyAndCustomerManage resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckSSOAdminInstances(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, ssoadmin.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.SSOAdminEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckPermissionsBoundaryAttachmentDestroy(ctx), Steps: []resource.TestStep{ @@ -162,7 +162,7 @@ func TestAccSSOAdminPermissionsBoundaryAttachment_managedPolicyAndCustomerManage func testAccCheckPermissionsBoundaryAttachmentDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_ssoadmin_permissions_boundary_attachment" { @@ -203,7 +203,7 @@ func testAccCheckPermissionsBoundaryAttachmentExists(ctx context.Context, n stri return err } - conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).SSOAdminClient(ctx) _, err = tfssoadmin.FindPermissionsBoundary(ctx, conn, permissionSetARN, instanceARN) From 91b4f82442d3cc87ade50e3d7e7e26bba706ab7a Mon Sep 17 00:00:00 2001 From: Jared Baker Date: Wed, 29 Nov 2023 16:36:28 -0500 Subject: [PATCH 12/12] ssoadmin(sweeper): upgrade aws sdk client --- internal/service/ssoadmin/sweep.go | 134 ++++++++++++----------------- 1 file changed, 56 insertions(+), 78 deletions(-) diff --git a/internal/service/ssoadmin/sweep.go b/internal/service/ssoadmin/sweep.go index 37c42772dcf..06b5a44dee2 100644 --- a/internal/service/ssoadmin/sweep.go +++ b/internal/service/ssoadmin/sweep.go @@ -8,12 +8,13 @@ import ( "log" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/ssoadmin" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/ssoadmin" + awstypes "github.com/aws/aws-sdk-go-v2/service/ssoadmin/types" "github.com/hashicorp/go-multierror" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-provider-aws/internal/sweep" - "github.com/hashicorp/terraform-provider-aws/internal/sweep/awsv1" + "github.com/hashicorp/terraform-provider-aws/internal/sweep/awsv2" "github.com/hashicorp/terraform-provider-aws/internal/sweep/sdk" ) @@ -38,7 +39,7 @@ func sweepAccountAssignments(region string) error { if err != nil { return fmt.Errorf("error getting client: %w", err) } - conn := client.SSOAdminConn(ctx) + conn := client.SSOAdminClient(ctx) sweepResources := make([]sweep.Sweepable, 0) var sweeperErrs *multierror.Error @@ -67,68 +68,55 @@ func sweepAccountAssignments(region string) error { InstanceArn: aws.String(instanceArn), } - err = conn.ListPermissionSetsPagesWithContext(ctx, input, func(page *ssoadmin.ListPermissionSetsOutput, lastPage bool) bool { - if page == nil { - return !lastPage + var permissionSetArns []string + paginator := ssoadmin.NewListPermissionSetsPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if awsv2.SkipSweepError(err) { + log.Printf("[WARN] Skipping SSO Account Assignment sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SSO Permission Sets for Account Assignment sweep: %w", err)) } - for _, permissionSet := range page.PermissionSets { - if permissionSet == nil { - continue - } - - permissionSetArn := aws.StringValue(permissionSet) - - input := &ssoadmin.ListAccountAssignmentsInput{ - AccountId: aws.String(client.AccountID), - InstanceArn: aws.String(instanceArn), - PermissionSetArn: permissionSet, - } - - err := conn.ListAccountAssignmentsPagesWithContext(ctx, input, func(page *ssoadmin.ListAccountAssignmentsOutput, lastPage bool) bool { - if page == nil { - return !lastPage - } - - for _, a := range page.AccountAssignments { - if a == nil { - continue - } - - principalID := aws.StringValue(a.PrincipalId) - principalType := aws.StringValue(a.PrincipalType) - targetID := aws.StringValue(a.AccountId) - targetType := ssoadmin.TargetTypeAwsAccount // only valid value currently accepted by API - - r := ResourceAccountAssignment() - d := r.Data(nil) - d.SetId(fmt.Sprintf("%s,%s,%s,%s,%s,%s", principalID, principalType, targetID, targetType, permissionSetArn, instanceArn)) - - sweepResources = append(sweepResources, sweep.NewSweepResource(r, d, client)) - } + if page != nil { + permissionSetArns = append(permissionSetArns, page.PermissionSets...) + } + } - return !lastPage - }) + for _, permissionSetArn := range permissionSetArns { + input := &ssoadmin.ListAccountAssignmentsInput{ + AccountId: aws.String(client.AccountID), + InstanceArn: aws.String(instanceArn), + PermissionSetArn: aws.String(permissionSetArn), + } - if awsv1.SkipSweepError(err) { + paginator := ssoadmin.NewListAccountAssignmentsPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if awsv2.SkipSweepError(err) { log.Printf("[WARN] Skipping SSO Account Assignment sweep (PermissionSet %s) for %s: %s", permissionSetArn, region, err) continue } if err != nil { sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SSO Account Assignments for Permission Set (%s): %w", permissionSetArn, err)) } - } - return !lastPage - }) - } + for _, a := range page.AccountAssignments { + principalID := aws.ToString(a.PrincipalId) + principalType := string(a.PrincipalType) + targetID := aws.ToString(a.AccountId) + targetType := awstypes.TargetTypeAwsAccount // only valid value currently accepted by API - if awsv1.SkipSweepError(err) { - log.Printf("[WARN] Skipping SSO Account Assignment sweep for %s: %s", region, err) - return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors - } - if err != nil { - sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SSO Permission Sets for Account Assignment sweep: %w", err)) + r := ResourceAccountAssignment() + d := r.Data(nil) + d.SetId(fmt.Sprintf("%s,%s,%s,%s,%s,%s", principalID, principalType, targetID, targetType, permissionSetArn, instanceArn)) + + sweepResources = append(sweepResources, sweep.NewSweepResource(r, d, client)) + } + } + } } if err := sweep.SweepOrchestrator(ctx, sweepResources); err != nil { @@ -144,7 +132,7 @@ func sweepPermissionSets(region string) error { if err != nil { return fmt.Errorf("error getting client: %w", err) } - conn := client.SSOAdminConn(ctx) + conn := client.SSOAdminClient(ctx) sweepResources := make([]sweep.Sweepable, 0) var sweeperErrs *multierror.Error @@ -171,37 +159,27 @@ func sweepPermissionSets(region string) error { InstanceArn: aws.String(instanceArn), } - err = conn.ListPermissionSetsPagesWithContext(ctx, input, func(page *ssoadmin.ListPermissionSetsOutput, lastPage bool) bool { - if page == nil { - return !lastPage + paginator := ssoadmin.NewListPermissionSetsPaginator(conn, input) + for paginator.HasMorePages() { + page, err := paginator.NextPage(ctx) + if awsv2.SkipSweepError(err) { + log.Printf("[WARN] Skipping SSO Permission Set sweep for %s: %s", region, err) + return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + } + if err != nil { + sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SSO Permission Sets: %w", err)) } - for _, permissionSet := range page.PermissionSets { - if permissionSet == nil { - continue - } - - arn := aws.StringValue(permissionSet) - - log.Printf("[INFO] Deleting SSO Permission Set: %s", arn) + for _, permissionSetArn := range page.PermissionSets { + log.Printf("[INFO] Deleting SSO Permission Set: %s", permissionSetArn) r := ResourcePermissionSet() d := r.Data(nil) - d.SetId(fmt.Sprintf("%s,%s", arn, instanceArn)) + d.SetId(fmt.Sprintf("%s,%s", permissionSetArn, instanceArn)) sweepResources = append(sweepResources, sweep.NewSweepResource(r, d, client)) } - - return !lastPage - }) - } - - if awsv1.SkipSweepError(err) { - log.Printf("[WARN] Skipping SSO Permission Set sweep for %s: %s", region, err) - return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors - } - if err != nil { - sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving SSO Permission Sets: %w", err)) + } } if err := sweep.SweepOrchestrator(ctx, sweepResources); err != nil {