Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New Data Source: aws_ssoadmin_permission_sets #38741

Merged
merged 6 commits into from
Aug 19, 2024
Merged

New Data Source: aws_ssoadmin_permission_sets #38741

merged 6 commits into from
Aug 19, 2024

Conversation

gramsa49
Copy link
Contributor

@gramsa49 gramsa49 commented Aug 7, 2024

Description

New Data Source: aws_ssoadmin_permission_sets

Relations

Internal Feature Request ID: IPL-7043

References

The new data source, aws_ssoadmin_permission_sets, is intended to address a shortcoming with the existing data source, aws_ssoadmin_permission_set, where lookups by name result in 1 sso:ListPermissionSets and N sso:DescribePermissionSets (1 for each provisioned Permission Set).

This is problematic if you need to lookup a series of permission sets by name.
Assume 1000 permission sets are provisioned and you need to lookup 10 by name:

  • 10 sso:ListPermissionSet calls
  • 10,000 sso:DescribePermissionSet calls ((10 lookups by name * 1000 provisioned Permission Sets) + 10 sso:ListPermissionSets)
  • 10,010 API calls total

This can be used to retrieve a list of ARNs of all permission sets, then the existing data source, aws_ssoadmin_permission_set, can be used to lookup the permission sets by ARN, which only issues a single sso:DescribePermissionSet call.

Using the same example above with the new data source:
Assume 1000 permission sets are provisioned and you need to lookup 10 by name:

  • 1 sso:ListPermissionSet call
  • 1000 sso:DescribePermissionSet calls (1000 lookups by ARN)
  • 1001 API calls total

The data returned using this method can be converted to a map indexed by name as follows:

data "aws_ssoadmin_instances" "example" {}

data "aws_ssoadmin_permission_sets" "example" {
  instance_arn = tolist(data.aws_ssoadmin_instances.example.arns)[0]
}

data "aws_ssoadmin_permission_set" "example" {
  for_each     = data.aws_ssoadmin_permission_sets.example.arns
  instance_arn = tolist(data.aws_ssoadmin_instances.example.arns)[0]
  arn          = each.key
}

locals {
  psets_all = {
    for idx, val in data.aws_ssoadmin_permission_set.example :
    val.name => val
  }
}

Output from Acceptance Testing

% make testacc TESTS=TestAccXXX PKG=ec2

...

@gramsa49 gramsa49 requested a review from a team as a code owner August 7, 2024 15:01
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 7, 2024

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/ssoadmin Issues and PRs that pertain to the ssoadmin service. generators Relates to code generators. needs-triage Waiting for first response or review from a maintainer. labels Aug 7, 2024
@justinretzolk justinretzolk added new-data-source Introduces a new data source. and removed needs-triage Waiting for first response or review from a maintainer. labels Aug 12, 2024
@ewbankkit ewbankkit self-assigned this Aug 19, 2024
@github-actions github-actions bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Aug 19, 2024
ewbankkit
ewbankkit approved these changes Aug 19, 2024
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% make testacc TESTARGS='-run=TestAccSSOAdminPermissionSetsDataSource_' PKG=ssoadmin
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.6 test ./internal/service/ssoadmin/... -v -count 1 -parallel 20  -run=TestAccSSOAdminPermissionSetsDataSource_ -timeout 360m
=== RUN   TestAccSSOAdminPermissionSetsDataSource_basic
=== PAUSE TestAccSSOAdminPermissionSetsDataSource_basic
=== CONT  TestAccSSOAdminPermissionSetsDataSource_basic
--- PASS: TestAccSSOAdminPermissionSetsDataSource_basic (11.44s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/ssoadmin	16.413s

@ewbankkit
Copy link
Contributor

@gramsa49 Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit be7be81 into hashicorp:main Aug 19, 2024
39 checks passed
@github-actions github-actions bot added this to the v5.64.0 milestone Aug 19, 2024
@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Aug 20, 2024
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.63.1 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions GitHub Actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 21, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees

@ewbankkit ewbankkit

Labels
documentation Introduces or discusses updates to documentation. generators Relates to code generators. new-data-source Introduces a new data source. service/ssoadmin Issues and PRs that pertain to the ssoadmin service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.63.1
Development

Successfully merging this pull request may close these issues.
3 participants
@gramsa49 @ewbankkit @justinretzolk