test: implement user basic make (hadenlabs#3)

test/user-basic/docs/include/terraform.md

@@ -0,0 +1,47 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.12.20, < 2.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 2.51, < 4.0 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_main"></a> [main](#module\_main) | ../.. | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_enabled"></a> [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `true` | no |
+| <a name="input_name"></a> [name](#input\_name) | name | `string` | n/a | yes |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no |
+| <a name="input_s3_actions"></a> [s3\_actions](#input\_s3\_actions) | Actions to allow in the policy | `list(string)` | <pre>[<br>  "s3:GetObject"<br>]</pre> | no |
+| <a name="input_s3_resources"></a> [s3\_resources](#input\_s3\_resources) | S3 resources to apply the actions specified in the policy | `list(string)` | n/a | yes |
+| <a name="input_stage"></a> [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | Additional tags (e.g. `map('BusinessUnit','XYZ')` | `map(string)` | `{}` | no |
+| <a name="input_use_fullname"></a> [use\_fullname](#input\_use\_fullname) | If set to 'true' then the full ID for the IAM user name (e.g. `[var.namespace]-[var.stage]-[var.name]`) will be used. | `bool` | `false` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_access_key_id"></a> [access\_key\_id](#output\_access\_key\_id) | The access key ID |
+| <a name="output_enabled"></a> [enabled](#output\_enabled) | Enabled property of module |
+| <a name="output_secret_access_key"></a> [secret\_access\_key](#output\_secret\_access\_key) | The secret access key. This will be written to the state file in plain-text |
+| <a name="output_use_fullname"></a> [use\_fullname](#output\_use\_fullname) | return if enabled use fullname |
+| <a name="output_user_arn"></a> [user\_arn](#output\_user\_arn) | The ARN assigned by AWS for this user |
+| <a name="output_user_name"></a> [user\_name](#output\_user\_name) | Normalized IAM user name |
+| <a name="output_user_unique_id"></a> [user\_unique\_id](#output\_user\_unique\_id) | The unique ID assigned by AWS |
+<!-- END_TF_DOCS -->

test/user-basic/main.tf

@@ -0,0 +1,12 @@
+module "main" {
+  source       = "../.."
+  depends_on   = []
+  enabled      = var.enabled
+  name         = var.name
+  stage        = var.stage
+  namespace    = var.namespace
+  tags         = var.tags
+  use_fullname = var.use_fullname
+  s3_actions   = var.s3_actions
+  s3_resources = var.s3_resources
+}

test/user-basic/outputs.tf

@@ -0,0 +1,36 @@
+output "enabled" {
+  description = "Enabled property of module"
+  value       = module.main.enabled
+}
+
+output "user_name" {
+  description = "Normalized IAM user name"
+  value       = module.main.user_name
+}
+
+output "user_arn" {
+  description = "The ARN assigned by AWS for this user"
+  value       = module.main.user_arn
+}
+
+output "user_unique_id" {
+  description = "The unique ID assigned by AWS"
+  value       = module.main.user_unique_id
+}
+
+output "access_key_id" {
+  sensitive   = true
+  description = "The access key ID"
+  value       = module.main.access_key_id
+}
+
+output "secret_access_key" {
+  sensitive   = true
+  description = "The secret access key. This will be written to the state file in plain-text"
+  value       = module.main.secret_access_key
+}
+
+output "use_fullname" {
+  description = "return if enabled use fullname"
+  value       = module.main.use_fullname
+}

test/user-basic/variables.tf

@@ -0,0 +1,47 @@
+variable "namespace" {
+  type        = string
+  default     = null
+  description = "ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique"
+}
+
+variable "stage" {
+  type        = string
+  default     = null
+  description = "ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release'"
+}
+
+variable "name" {
+  type        = string
+  description = "name"
+}
+
+variable "tags" {
+  type        = map(string)
+  description = "Additional tags (e.g. `map('BusinessUnit','XYZ')`"
+  default     = {}
+}
+
+variable "enabled" {
+  type        = bool
+  default     = true
+  description = "Set to false to prevent the module from creating any resources"
+}
+
+variable "use_fullname" {
+  type        = bool
+  default     = false
+  description = <<-EOT
+  If set to 'true' then the full ID for the IAM user name (e.g. `[var.namespace]-[var.stage]-[var.name]`) will be used.
+  EOT
+}
+
+variable "s3_actions" {
+  type        = list(string)
+  default     = ["s3:GetObject"]
+  description = "Actions to allow in the policy"
+}
+
+variable "s3_resources" {
+  type        = list(string)
+  description = "S3 resources to apply the actions specified in the policy"
+}

test/user-basic/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 0.12.20, < 2.0"
+
+  required_providers {
+    aws = {
+      version = ">= 2.51, < 4.0"
+      source  = "hashicorp/aws"
+    }
+  }
+}

test/user_basic_test.go

@@ -0,0 +1,54 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/gruntwork-io/terratest/modules/terraform"
+	"github.com/stretchr/testify/assert"
+
+	"github.com/hadenlabs/terraform-aws-iam-s3-user/internal/app/external/faker"
+	"github.com/hadenlabs/terraform-aws-iam-s3-user/internal/testutil"
+)
+
+func TestBasicSuccess(t *testing.T) {
+	t.Parallel()
+
+	tags := map[string]interface{}{
+		"tag1": "tags1",
+	}
+	namespace := testutil.Company
+	stage := testutil.Stage
+	name := faker.Server().Name()
+	enabled := true
+	useFullName := true
+	s3Actions := []string{
+		"s3:ListAllMyBuckets",
+	}
+	s3Resources := []string{
+		"arn:aws:s3:::bucket-name/*",
+	}
+
+	terraformOptions := &terraform.Options{
+		// The path to where your Terraform code is located
+		TerraformDir: "user-basic",
+		Upgrade:      true,
+		Vars: map[string]interface{}{
+			"namespace":    namespace,
+			"stage":        stage,
+			"name":         name,
+			"enabled":      enabled,
+			"tags":         tags,
+			"use_fullname": useFullName,
+			"s3_actions":   s3Actions,
+			"s3_resources": s3Resources,
+		},
+	}
+
+	// At the end of the test, run `terraform destroy` to clean up any resources that were created
+	defer terraform.Destroy(t, terraformOptions)
+
+	// This will run `terraform init` and `terraform apply` and fail the test if there are any errors
+	terraform.InitAndApply(t, terraformOptions)
+	outputUserName := terraform.Output(t, terraformOptions, "user_name")
+	assert.NotEmpty(t, outputUserName, outputUserName)
+}