-
Notifications
You must be signed in to change notification settings - Fork 70
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(resource): add aiven_kafka_native_acl resource (#1905)
- Loading branch information
Showing
9 changed files
with
274 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
--- | ||
# generated by https://github.com/hashicorp/terraform-plugin-docs | ||
page_title: "aiven_kafka_native_acl Resource - terraform-provider-aiven" | ||
subcategory: "" | ||
description: |- | ||
Manages native acls in kafka service https://aiven.io/docs/products/kafka/concepts/acl. | ||
--- | ||
|
||
# aiven_kafka_native_acl (Resource) | ||
|
||
Manages native acls in [kafka service](https://aiven.io/docs/products/kafka/concepts/acl). | ||
|
||
|
||
|
||
<!-- schema generated by tfplugindocs --> | ||
## Schema | ||
|
||
### Required | ||
|
||
- `operation` (String) The operation. The possible values are `All`, `Alter`, `AlterConfigs`, `ClusterAction`, `Create`, `CreateTokens`, `Delete`, `Describe`, `DescribeConfigs`, `DescribeTokens`, `IdempotentWrite`, `Read` and `Write`. Changing this property forces recreation of the resource. | ||
- `pattern_type` (String) Resource pattern used to match specified resources. The possible values are `LITERAL` and `PREFIXED`. Changing this property forces recreation of the resource. | ||
- `permission_type` (String) The permission type. The possible values are `ALLOW` and `DENY`. Changing this property forces recreation of the resource. | ||
- `principal` (String) Principal is in type:name' format. Maximum length: `256`. Changing this property forces recreation of the resource. | ||
- `project` (String) The name of the project this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource. | ||
- `resource_name` (String) The kafka resource name. Maximum length: `256`. Changing this property forces recreation of the resource. | ||
- `resource_type` (String) The kafka resource type. The possible values are `Topic`, `Group`, `Cluster`, `TransactionalId`, `DelegationToken` and `User`. Changing this property forces recreation of the resource. | ||
- `service_name` (String) The name of the service that this resource belongs to. To set up proper dependencies please refer to this variable as a reference. Changing this property forces recreation of the resource. | ||
|
||
### Optional | ||
|
||
- `host` (String) The host or `*` for all hosts. Maximum length: `256`. Changing this property forces recreation of the resource. | ||
- `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts)) | ||
|
||
### Read-Only | ||
|
||
- `id` (String) The ID of this resource. | ||
|
||
<a id="nestedblock--timeouts"></a> | ||
### Nested Schema for `timeouts` | ||
|
||
Optional: | ||
|
||
- `create` (String) | ||
- `default` (String) | ||
- `delete` (String) | ||
- `read` (String) | ||
- `update` (String) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,145 @@ | ||
package kafka | ||
|
||
import ( | ||
"context" | ||
|
||
avngen "github.com/aiven/go-client-codegen" | ||
"github.com/aiven/go-client-codegen/handler/kafka" | ||
|
||
"github.com/aiven/terraform-provider-aiven/internal/common" | ||
"github.com/aiven/terraform-provider-aiven/internal/schemautil" | ||
"github.com/aiven/terraform-provider-aiven/internal/schemautil/userconfig" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" | ||
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" | ||
) | ||
|
||
var aivenKafkaNativeACLSchema = map[string]*schema.Schema{ | ||
"project": schemautil.CommonSchemaProjectReference, | ||
"service_name": schemautil.CommonSchemaServiceNameReference, | ||
"resource_name": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
ValidateFunc: validation.StringLenBetween(1, 256), | ||
Description: userconfig.Desc("The kafka resource name").ForceNew().MaxLen(256).Build(), | ||
}, | ||
"resource_type": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
ValidateFunc: validation.StringInSlice(kafka.ResourceTypeChoices(), false), | ||
Description: userconfig.Desc("The kafka resource type").ForceNew().PossibleValuesString(kafka.ResourceTypeChoices()...).Build(), | ||
}, | ||
"pattern_type": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
ValidateFunc: validation.StringInSlice(kafka.PatternTypeChoices(), false), | ||
Description: userconfig.Desc("Resource pattern used to match specified resources").ForceNew().PossibleValuesString(kafka.PatternTypeChoices()...).Build(), | ||
}, | ||
"principal": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
ValidateFunc: validation.StringLenBetween(1, 256), | ||
Description: userconfig.Desc("Principal is in type:name' format").ForceNew().MaxLen(256).Build(), | ||
}, | ||
"host": { | ||
Type: schema.TypeString, | ||
Optional: true, | ||
ForceNew: true, | ||
ValidateFunc: validation.StringLenBetween(1, 256), | ||
Description: userconfig.Desc("The host or `*` for all hosts").ForceNew().MaxLen(256).Build(), | ||
}, | ||
"operation": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
ValidateFunc: validation.StringInSlice(kafka.OperationTypeChoices(), false), | ||
Description: userconfig.Desc("The operation").ForceNew().PossibleValuesString(kafka.OperationTypeChoices()...).Build(), | ||
}, | ||
"permission_type": { | ||
Type: schema.TypeString, | ||
Required: true, | ||
ForceNew: true, | ||
ValidateFunc: validation.StringInSlice(kafka.KafkaAclPermissionTypeChoices(), false), | ||
Description: userconfig.Desc("The permission type").ForceNew().PossibleValuesString(kafka.KafkaAclPermissionTypeChoices()...).Build(), | ||
}, | ||
} | ||
|
||
func ResourceKafkaNativeACL() *schema.Resource { | ||
return &schema.Resource{ | ||
Description: userconfig.Desc(`Manages native acls in [kafka service](https://aiven.io/docs/products/kafka/concepts/acl)`).Build(), | ||
CreateContext: common.WithGenClient(resourceKafkaNativeACLCreate), | ||
ReadContext: common.WithGenClient(resourceKafkaNativeACLRead), | ||
DeleteContext: common.WithGenClient(resourceKafkaNativeACLDelete), | ||
Importer: &schema.ResourceImporter{ | ||
StateContext: schema.ImportStatePassthroughContext, | ||
}, | ||
Timeouts: schemautil.DefaultResourceTimeouts(), | ||
Schema: aivenKafkaNativeACLSchema, | ||
} | ||
} | ||
|
||
func resourceKafkaNativeACLCreate(ctx context.Context, d *schema.ResourceData, client avngen.Client) error { | ||
var req kafka.ServiceKafkaNativeAclAddIn | ||
err := schemautil.ResourceDataGet(d, &req) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
project := d.Get("project").(string) | ||
serviceName := d.Get("service_name").(string) | ||
|
||
acl, err := client.ServiceKafkaNativeAclAdd( | ||
ctx, | ||
project, | ||
serviceName, | ||
&req, | ||
) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
err = schemautil.ResourceDataSet(aivenKafkaNativeACLSchema, d, acl) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
d.SetId(schemautil.BuildResourceID(project, serviceName, acl.Id)) | ||
return resourceKafkaNativeACLRead(ctx, d, client) | ||
} | ||
|
||
func resourceKafkaNativeACLRead(ctx context.Context, d *schema.ResourceData, client avngen.Client) error { | ||
project, serviceName, aclID, err := schemautil.SplitResourceID3(d.Id()) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
acl, err := client.ServiceKafkaNativeAclGet( | ||
ctx, | ||
project, | ||
serviceName, | ||
aclID, | ||
) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
err = schemautil.ResourceDataSet(aivenKafkaNativeACLSchema, d, acl) | ||
return err | ||
} | ||
|
||
func resourceKafkaNativeACLDelete(ctx context.Context, d *schema.ResourceData, client avngen.Client) error { | ||
project, serviceName, aclID, err := schemautil.SplitResourceID3(d.Id()) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
return client.ServiceKafkaNativeAclDelete( | ||
ctx, | ||
project, | ||
serviceName, | ||
aclID, | ||
) | ||
} |
75 changes: 75 additions & 0 deletions
75
internal/sdkprovider/service/kafka/kafka_native_acl_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
package kafka_test | ||
|
||
import ( | ||
"fmt" | ||
"os" | ||
"testing" | ||
|
||
"github.com/hashicorp/terraform-plugin-testing/helper/acctest" | ||
"github.com/hashicorp/terraform-plugin-testing/helper/resource" | ||
|
||
acc "github.com/aiven/terraform-provider-aiven/internal/acctest" | ||
) | ||
|
||
// TestKafkaNativeAcl tests the kafka acl resource. | ||
func TestKafkaNativeAcl(t *testing.T) { | ||
projectName := os.Getenv("AIVEN_PROJECT_NAME") | ||
serviceName := fmt.Sprintf("test-acc-native-acl-%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)) | ||
resourceName := "aiven_kafka_native_acl.foo" | ||
|
||
resource.ParallelTest(t, resource.TestCase{ | ||
ProtoV6ProviderFactories: acc.TestProtoV6ProviderFactories, | ||
PreCheck: func() { acc.TestAccPreCheck(t) }, | ||
Steps: []resource.TestStep{ | ||
{ | ||
Config: testKafkaACLConfig(projectName, serviceName), | ||
Check: resource.ComposeTestCheckFunc( | ||
resource.TestCheckResourceAttrSet(resourceName, "project"), | ||
resource.TestCheckResourceAttrSet(resourceName, "service_name"), | ||
resource.TestCheckResourceAttrSet(resourceName, "resource_name"), | ||
resource.TestCheckResourceAttrSet(resourceName, "resource_type"), | ||
resource.TestCheckResourceAttrSet(resourceName, "pattern_type"), | ||
resource.TestCheckResourceAttrSet(resourceName, "principal"), | ||
resource.TestCheckResourceAttrSet(resourceName, "host"), | ||
resource.TestCheckResourceAttrSet(resourceName, "operation"), | ||
resource.TestCheckResourceAttrSet(resourceName, "permission_type"), | ||
), | ||
}, | ||
}, | ||
}) | ||
} | ||
|
||
func testKafkaACLConfig(projectName string, serviceName string) string { | ||
return fmt.Sprintf(` | ||
data "aiven_project" "foo" { | ||
project = "%s" | ||
} | ||
resource "aiven_kafka" "bar" { | ||
project = data.aiven_project.foo.project | ||
cloud_name = "google-europe-west1" | ||
plan = "startup-2" | ||
service_name = "%s" | ||
maintenance_window_dow = "monday" | ||
maintenance_window_time = "10:00:00" | ||
kafka_user_config { | ||
kafka { | ||
group_max_session_timeout_ms = 70000 | ||
log_retention_bytes = 1000000000 | ||
} | ||
} | ||
} | ||
resource "aiven_kafka_native_acl" "foo" { | ||
project = data.aiven_project.foo.project | ||
service_name = aiven_kafka.bar.service_name | ||
resource_name = "name-test" | ||
resource_type = "Topic" | ||
pattern_type = "LITERAL" | ||
principal = "User:alice" | ||
host = "host-test" | ||
operation = "Create" | ||
permission_type = "ALLOW" | ||
}`, projectName, serviceName) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters