changes after CRs + consts

dome9 · Apr 4, 2024 · fee5408 · fee5408
1 parent f230019
commit fee5408
Show file tree

Hide file tree

Showing 5 changed files with 46 additions and 37 deletions.
diff --git a/dome9/common/providerconst/const.go b/dome9/common/providerconst/const.go
@@ -109,13 +109,13 @@ const (
 	AF_SOUTH_1          = "26"
 	EU_SOUTH_1          = "27"
 	AP_NORTHEAST_3      = "28"
-	ME_CENTRAL_1	    = "29"
-	AP_SOUTH_2	    = "30"
-	AP_SOUTHEAST_3	    = "31"
-	AP_SOUTHEAST_4	    = "32"
-	EU_CENTRAL_2	    = "33"
-	EU_SOUTH_2	    = "34"
-	IL_CENTRAL_1 	    = "35"
+	ME_CENTRAL_1        = "29"
+	AP_SOUTH_2          = "30"
+	AP_SOUTHEAST_3      = "31"
+	AP_SOUTHEAST_4      = "32"
+	EU_CENTRAL_2        = "33"
+	EU_SOUTH_2          = "34"
+	IL_CENTRAL_1        = "35"
 )
 
 // Azure consts
@@ -185,11 +185,11 @@ var AWSRegionsEnum = map[string]string{
 	"af_south_1":          AF_SOUTH_1,
 	"eu_south_1":          EU_SOUTH_1,
 	"ap_northeast_3":      AP_NORTHEAST_3,
-	"me_central_1":        ME_CENTRAL_1,	
-	"ap_south_2":          AP_SOUTH_2,		
-	"ap_southeast_3":      AP_SOUTHEAST_3,	
-	"ap_southeast_4":      AP_SOUTHEAST_4,	
-	"eu_central_2":        EU_CENTRAL_2,	
+	"me_central_1":        ME_CENTRAL_1,
+	"ap_south_2":          AP_SOUTH_2,
+	"ap_southeast_3":      AP_SOUTHEAST_3,
+	"ap_southeast_4":      AP_SOUTHEAST_4,
+	"eu_central_2":        EU_CENTRAL_2,
 	"eu_south_2":          EU_SOUTH_2,
 	"il_central_1":        IL_CENTRAL_1,
 }
@@ -201,3 +201,12 @@ var PermissionTrafficType = map[string]string{
 
 // All Assessments Cloud Accounts Types
 var AssessmentCloudAccountType = []string{"Aws", "Azure", "GCP", "Kubernetes", "Terraform", "Generic", "KubernetesRuntimeAssurance", "ShiftLeft", "SourceCodeAssurance", "ImageAssurance", "Alibaba", "Cft", "ContainerRegistry", "Ers"}
+
+// AWP AWS Constants
+const (
+	DefaultScanMachineIntervalInHoursSaas      = 24
+	DefaultScanMachineIntervalInHoursInAccount = 4
+	DefaultMaxConcurrentScansPerRegion         = 20
+	MinMaxConcurrentScansPerRegion             = 1
+	MaxScanMachineIntervalInHours              = 1000
+)
diff --git a/dome9/common/testing/variable/variable.go b/dome9/common/testing/variable/variable.go
@@ -214,16 +214,16 @@ const (
 
 // awp aws onboarding data resource/data source
 const (
-	OnboardedAwsCloudGuardAccountID    = "36f79243-5456-4aa7-88c1-6637cad1f426"
-	AwpAwsCrossAccountRoleName         = "CloudGuardAWPCrossAccountRole"
-	ScanMode                           = "inAccount"
-	DisabledRegions                    = `["us-east-1", "us-west-1"]`
-	DisabledRegionsUpdate              = `["us-east-1", "us-west-1", "ap-northeast-1", "ap-southeast-2"]`
-	ScanMachineIntervalInHours         = "6"
-	ScanMachineIntervalInHoursUpdate   = "10"
-	MaxConcurrencyScansPerRegion       = "4"
-	MaxConcurrenceScansPerRegionUpdate = "8"
-	CustomTags                         = `{
+	OnboardedAwsCloudGuardAccountID   = "36f79243-5456-4aa7-88c1-6637cad1f426"
+	AwpAwsCrossAccountRoleName        = "CloudGuardAWPCrossAccountRole"
+	ScanMode                          = "inAccount"
+	DisabledRegions                   = `["us-east-1", "us-west-1"]`
+	DisabledRegionsUpdate             = `["us-east-1", "us-west-1", "ap-northeast-1", "ap-southeast-2"]`
+	ScanMachineIntervalInHours        = "6"
+	ScanMachineIntervalInHoursUpdate  = "10"
+	MaxConcurrentScansPerRegion       = "4"
+	MaxConcurrentScansPerRegionUpdate = "8"
+	CustomTags                        = `{
 			tag1 = "value1"
 			tag2 = "value2"
 		}`

diff --git a/dome9/resource_dome9_awp_aws_onboarding.go b/dome9/resource_dome9_awp_aws_onboarding.go
@@ -242,17 +242,17 @@ func expandAgentlessAccountSettings(d *schema.ResourceData) (*awp_aws_onboarding
 
 	var scanMachineIntervalInHours int
 	if scanMode == "saas" {
-		scanMachineIntervalInHours = 24
+		scanMachineIntervalInHours = providerconst.DefaultScanMachineIntervalInHoursSaas
 	} else {
-		scanMachineIntervalInHours = 4
+		scanMachineIntervalInHours = providerconst.DefaultScanMachineIntervalInHoursInAccount
 	}
 
 	// Initialize the AgentlessAccountSettings struct with default values
 	agentlessAccountSettings := &awp_aws_onboarding.AgentlessAccountSettings{
 		DisabledRegions:              make([]string, 0),
 		CustomTags:                   make(map[string]string),
 		ScanMachineIntervalInHours:   scanMachineIntervalInHours,
-		MaxConcurrenceScansPerRegion: 20,
+		MaxConcurrenceScansPerRegion: providerconst.DefaultMaxConcurrentScansPerRegion,
 	}
 
 	// Check if the key exists and is not nil
@@ -269,19 +269,19 @@ func expandAgentlessAccountSettings(d *schema.ResourceData) (*awp_aws_onboarding
 	}
 
 	if scanMachineInterval, ok := agentlessAccountSettingsMap["scan_machine_interval_in_hours"].(int); ok {
-		if scanMode == "saas" && (scanMachineInterval < 24 || scanMachineInterval > 1000) {
-			return nil, fmt.Errorf("scan_machine_interval_in_hours must be between 24 and 1000 for saas mode")
-		} else if scanMode == "inAccount" && (scanMachineInterval < 4 || scanMachineInterval > 1000) {
-			return nil, fmt.Errorf("scan_machine_interval_in_hours must be between 4 and 1000 for inAccount mode")
+		if scanMode == "saas" && (scanMachineInterval < providerconst.DefaultScanMachineIntervalInHoursSaas || scanMachineInterval > providerconst.MaxScanMachineIntervalInHours) {
+			return nil, fmt.Errorf("scan_machine_interval_in_hours must be between %d and %d for saas mode", providerconst.DefaultScanMachineIntervalInHoursSaas, providerconst.MaxScanMachineIntervalInHours)
+		} else if scanMode == "inAccount" && (scanMachineInterval < providerconst.DefaultScanMachineIntervalInHoursInAccount || scanMachineInterval > providerconst.MaxScanMachineIntervalInHours) {
+			return nil, fmt.Errorf("scan_machine_interval_in_hours must be between %d and %d for inAccount mode", providerconst.DefaultScanMachineIntervalInHoursInAccount, providerconst.MaxScanMachineIntervalInHours)
 		}
 		agentlessAccountSettings.ScanMachineIntervalInHours = scanMachineInterval
 	}
 
-	if maxConcurrenceScans, ok := agentlessAccountSettingsMap["max_concurrent_scans_per_region"].(int); ok {
-		if maxConcurrenceScans < 1 || maxConcurrenceScans > 20 {
+	if maxConcurrentScans, ok := agentlessAccountSettingsMap["max_concurrent_scans_per_region"].(int); ok {
+		if maxConcurrentScans < providerconst.MinMaxConcurrentScansPerRegion || maxConcurrentScans > providerconst.DefaultMaxConcurrentScansPerRegion {
 			return nil, fmt.Errorf("max_concurrent_scans_per_region must be between 1 and 20")
 		}
-		agentlessAccountSettings.MaxConcurrenceScansPerRegion = maxConcurrenceScans
+		agentlessAccountSettings.MaxConcurrenceScansPerRegion = maxConcurrentScans
 	}
 
 	if customTagsInterface, ok := agentlessAccountSettingsMap["custom_tags"].(map[string]interface{}); ok {

diff --git a/dome9/resource_dome9_awp_aws_onboarding_test.go b/dome9/resource_dome9_awp_aws_onboarding_test.go
@@ -48,7 +48,7 @@ func TestAccResourceAWPAWSOnboardingBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.disabled_regions.0", disabledRegion1),
 					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.disabled_regions.1", disabledRegion2),
 					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.scan_machine_interval_in_hours", variable.ScanMachineIntervalInHours),
-					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.max_concurrent_scans_per_region", variable.MaxConcurrencyScansPerRegion),
+					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.max_concurrent_scans_per_region", variable.MaxConcurrentScansPerRegion),
 					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.custom_tags.%", "2"),
 					resource.TestCheckResourceAttrSet(resourceTypeAndName, "id"),
 					resource.TestCheckResourceAttr(resourceTypeAndName, "cloud_provider", "aws"),
@@ -69,7 +69,7 @@ func TestAccResourceAWPAWSOnboardingBasic(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.disabled_regions.2", disabledRegionUpdate3),
 					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.disabled_regions.3", disabledRegionUpdate4),
 					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.scan_machine_interval_in_hours", variable.ScanMachineIntervalInHoursUpdate),
-					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.max_concurrent_scans_per_region", variable.MaxConcurrenceScansPerRegionUpdate),
+					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.max_concurrent_scans_per_region", variable.MaxConcurrentScansPerRegionUpdate),
 					resource.TestCheckResourceAttr(resourceTypeAndName, "agentless_account_settings.0.custom_tags.%", "3"),
 					resource.TestCheckResourceAttrSet(resourceTypeAndName, "id"),
 					resource.TestCheckResourceAttr(resourceTypeAndName, "cloud_provider", "aws"),
@@ -166,7 +166,7 @@ resource "%s" "%s" {
 		variable.ScanMode,
 		IfThenElse(updateAction, variable.DisabledRegionsUpdate, variable.DisabledRegions),
 		IfThenElse(updateAction, variable.ScanMachineIntervalInHoursUpdate, variable.ScanMachineIntervalInHours),
-		IfThenElse(updateAction, variable.MaxConcurrenceScansPerRegionUpdate, variable.MaxConcurrencyScansPerRegion),
+		IfThenElse(updateAction, variable.MaxConcurrentScansPerRegionUpdate, variable.MaxConcurrentScansPerRegion),
 		IfThenElse(updateAction, variable.CustomTagsUpdate, variable.CustomTags),
 	)
 }

diff --git a/website/docs/r/awp_aws_onboarding.html.markdown b/website/docs/r/awp_aws_onboarding.html.markdown
@@ -66,7 +66,7 @@ module "terraform-dome9-awp-aws" {
 # The agentless_account_settings attribute is used to specify the agentless account settings of the Dome9 AWP AWS Onboarding.
 # The disabled_regions attribute is used to specify the disabled regions of the agentless account settings of the Dome9 AWP AWS Onboarding.
 # The scan_machine_interval_in_hours attribute is used to specify the scan machine interval in hours of the agentless account settings of the Dome9 AWP AWS Onboarding.
-# The max_concurrent_scans_per_region attribute is used to specify the max concurrence scans per region of the agentless account settings of the Dome9 AWP AWS Onboarding.
+# The max_concurrent_scans_per_region attribute is used to specify the max concurrent scans per region of the agentless account settings of the Dome9 AWP AWS Onboarding.
 # The custom_tags attribute is used to specify the custom tags of the agentless account settings of the Dome9 AWP AWS Onboarding.
 resource "dome9_awp_aws_onboarding" "awp_aws_onboarding_test" {
   cloudguard_account_id = "dome9_cloudaccount_aws.aws_onboarding_account_test.id | <CLOUDGUARD_ACCOUNT_ID> | <EXTERNAL_AWS_ACCOUNT_NUMBER>"
@@ -102,7 +102,7 @@ The following arguments are supported:
 * `agentless_account_settings` - (Optional) The agentless account settings.
   * `disabled_regions` - (Optional) The disabled regions. valid values are "af-south-1", "ap-south-1", "eu-north-1", "eu-west-3", "eu-south-1", "eu-west-2", "eu-west-1", "ap-northeast-3", "ap-northeast-2", "me-south-1", "ap-northeast-1", "me-central-1", "ca-central-1", "sa-east-1", "ap-east-1", "ap-southeast-1", "ap-southeast-2", "eu-central-1", "ap-southeast-3", "us-east-1", "us-east-2", "us-west-1", "us-west-2"
   * `scan_machine_interval_in_hours` - (Optional) The scan machine interval in hours
-  * `max_concurrent_scans_per_region` - (Optional) The max concurrence scans per region
+  * `max_concurrent_scans_per_region` - (Optional) The max concurrent scans per region
   * `custom_tags` - (Optional) The custom tags.
 * `should_create_policy` - (Optional) Whether to create a policy. Default is true.