Skip to content

Commit

Permalink
Feat: add support for Duration for AWS Assume Roles in env0_aws_crede…
Browse files Browse the repository at this point in the history
…ntials resource
  • Loading branch information
TomerHeber committed Sep 19, 2023
1 parent 51748f7 commit 93be30b
Show file tree
Hide file tree
Showing 6 changed files with 36 additions and 7 deletions.
1 change: 1 addition & 0 deletions client/cloud_credentials.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ type AwsCredentialsCreatePayload struct {

type AwsCredentialsValuePayload struct {
RoleArn string `json:"roleArn" tfschema:"arn"`
Duration int `json:"duration,omitempty"`
AccessKeyId string `json:"accessKeyId"`
SecretAccessKey string `json:"secretAccessKey"`
}
Expand Down
6 changes: 4 additions & 2 deletions client/cloud_credentials_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,8 @@ var _ = Describe("CloudCredentials", func() {
mockOrganizationIdCall(organizationId)

payloadValue := AwsCredentialsValuePayload{
RoleArn: "role",
RoleArn: "role",
Duration: 1,
}

httpCall = mockHttpClient.EXPECT().
Expand Down Expand Up @@ -120,7 +121,8 @@ var _ = Describe("CloudCredentials", func() {
mockOrganizationIdCall(organizationId)

payloadValue := AwsCredentialsValuePayload{
RoleArn: "role",
RoleArn: "role",
Duration: 1,
}

httpCall = mockHttpClient.EXPECT().
Expand Down
6 changes: 6 additions & 0 deletions env0/resource_cost_credentials.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,12 @@ func resourceCostCredentials(providerName string) *schema.Resource {
Description: "the aws role arn",
Required: true,
},
"duration": {
Type: schema.TypeInt,
Description: "the session duration in seconds. If set must be one of the following: 3600 (1h), 7200 (2h), 14400 (4h), 18000 (5h default), 28800 (8h), 43200 (12h)",
Optional: true,
ValidateDiagFunc: NewIntInValidator([]int{3600, 7200, 14400, 18000, 28800, 43200}),
},
}
case AZURE:
return map[string]*schema.Schema{
Expand Down
12 changes: 9 additions & 3 deletions env0/resource_cost_credentials_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package env0

import (
"regexp"
"strconv"
"testing"

"github.com/env0/terraform-provider-env0/client"
Expand All @@ -22,8 +23,9 @@ func TestUnitAwsCostCredentialsResource(t *testing.T) {
}

updatedAwsCredentialResource := map[string]interface{}{
"name": "update",
"arn": "33333",
"name": "update",
"arn": "33333",
"duration": 3600,
}

awsCredCreatePayload := client.AwsCredentialsCreatePayload{
Expand All @@ -37,7 +39,8 @@ func TestUnitAwsCostCredentialsResource(t *testing.T) {
updateAwsCredCreatePayload := client.AwsCredentialsCreatePayload{
Name: updatedAwsCredentialResource["name"].(string),
Value: client.AwsCredentialsValuePayload{
RoleArn: updatedAwsCredentialResource["arn"].(string),
RoleArn: updatedAwsCredentialResource["arn"].(string),
Duration: updatedAwsCredentialResource["duration"].(int),
},
Type: client.AwsCostCredentialsType,
}
Expand All @@ -64,6 +67,7 @@ func TestUnitAwsCostCredentialsResource(t *testing.T) {
resource.TestCheckResourceAttr(accessor, "name", awsCredentialResource["name"].(string)),
resource.TestCheckResourceAttr(accessor, "arn", awsCredentialResource["arn"].(string)),
resource.TestCheckResourceAttr(accessor, "id", "id"),
resource.TestCheckNoResourceAttr(accessor, "duration"),
),
},
},
Expand All @@ -77,6 +81,7 @@ func TestUnitAwsCostCredentialsResource(t *testing.T) {
resource.TestCheckResourceAttr(accessor, "name", awsCredentialResource["name"].(string)),
resource.TestCheckResourceAttr(accessor, "arn", awsCredentialResource["arn"].(string)),
resource.TestCheckResourceAttr(accessor, "id", returnValues.Id),
resource.TestCheckNoResourceAttr(accessor, "duration"),
),
},
{
Expand All @@ -85,6 +90,7 @@ func TestUnitAwsCostCredentialsResource(t *testing.T) {
resource.TestCheckResourceAttr(accessor, "name", updatedAwsCredentialResource["name"].(string)),
resource.TestCheckResourceAttr(accessor, "arn", updatedAwsCredentialResource["arn"].(string)),
resource.TestCheckResourceAttr(accessor, "id", updateReturnValues.Id),
resource.TestCheckResourceAttr(accessor, "duration", strconv.Itoa(updatedAwsCredentialResource["duration"].(int))),
),
},
},
Expand Down
13 changes: 13 additions & 0 deletions env0/validators.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,19 @@ func NewStringInValidator(allowedValues []string) schema.SchemaValidateDiagFunc
}
}

func NewIntInValidator(allowedValues []int) schema.SchemaValidateDiagFunc {
return func(i interface{}, p cty.Path) diag.Diagnostics {
value := i.(int)
for _, allowedValue := range allowedValues {
if value == allowedValue {
return nil
}
}

return diag.Errorf("must be one of: %s", fmt.Sprint(allowedValues))
}
}

func NewGreaterThanValidator(greaterThan int) schema.SchemaValidateDiagFunc {
return func(i interface{}, p cty.Path) diag.Diagnostics {
value := i.(int)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,9 @@ resource "env0_project" "project" {
}

resource "env0_aws_cost_credentials" "cost" {
name = "cost-${random_string.random.result}"
arn = "arn"
name = "cost-${random_string.random.result}"
arn = "arn"
duration = 3600
}

resource "env0_cost_credentials_project_assignment" "cost_project_assignment" {
Expand Down

0 comments on commit 93be30b

Please sign in to comment.