From 6c34f6c34806808722c9c63ef56ced6c9acbbc6b Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 30 Jan 2024 17:12:20 -0500 Subject: [PATCH 01/14] cloudtrail: Use AWS SDK for Go v2. --- names/data/names_data.csv | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/names/data/names_data.csv b/names/data/names_data.csv index 9bd4d8afe2cf..9838a380d470 100644 --- a/names/data/names_data.csv +++ b/names/data/names_data.csv @@ -66,7 +66,7 @@ cloudhsmv2,cloudhsmv2,cloudhsmv2,cloudhsmv2,,cloudhsmv2,,cloudhsm,CloudHSMV2,Clo cloudsearch,cloudsearch,cloudsearch,cloudsearch,,cloudsearch,,,CloudSearch,CloudSearch,,1,,,aws_cloudsearch_,,cloudsearch_,CloudSearch,Amazon,,,,,,,CloudSearch,,, cloudsearchdomain,cloudsearchdomain,cloudsearchdomain,cloudsearchdomain,,cloudsearchdomain,,,CloudSearchDomain,CloudSearchDomain,,1,,,aws_cloudsearchdomain_,,cloudsearchdomain_,CloudSearch Domain,Amazon,,x,,,,,CloudSearch Domain,,, ,,,,,,,,,,,,,,,,,CloudShell,AWS,x,,,,,,,,,No SDK support -cloudtrail,cloudtrail,cloudtrail,cloudtrail,,cloudtrail,,,CloudTrail,CloudTrail,,1,,aws_cloudtrail,aws_cloudtrail_,,cloudtrail,CloudTrail,AWS,,,,,,,CloudTrail,,, +cloudtrail,cloudtrail,cloudtrail,cloudtrail,,cloudtrail,,,CloudTrail,CloudTrail,,,2,aws_cloudtrail,aws_cloudtrail_,,cloudtrail,CloudTrail,AWS,,,,,,,CloudTrail,,, cloudwatch,cloudwatch,cloudwatch,cloudwatch,,cloudwatch,,,CloudWatch,CloudWatch,,1,,aws_cloudwatch_(?!(event_|log_|query_)),aws_cloudwatch_,,cloudwatch_dashboard;cloudwatch_metric_;cloudwatch_composite_,CloudWatch,Amazon,,,,,,,CloudWatch,,, application-insights,applicationinsights,applicationinsights,applicationinsights,,applicationinsights,,,ApplicationInsights,ApplicationInsights,,1,,,aws_applicationinsights_,,applicationinsights_,CloudWatch Application Insights,Amazon,,,,,,,Application Insights,,, evidently,evidently,cloudwatchevidently,evidently,,evidently,,cloudwatchevidently,Evidently,CloudWatchEvidently,,,2,,aws_evidently_,,evidently_,CloudWatch Evidently,Amazon,,,,,,,Evidently,,, From ced9b4e24c834278fb8be3398366df0eb15358f1 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 30 Jan 2024 17:13:59 -0500 Subject: [PATCH 02/14] Run 'make gen'. --- internal/conns/awsclient_gen.go | 6 ++-- internal/service/cloudtrail/generate.go | 2 +- .../service/cloudtrail/service_package_gen.go | 17 ++++++---- internal/service/cloudtrail/tags_gen.go | 34 +++++++++---------- 4 files changed, 31 insertions(+), 28 deletions(-) diff --git a/internal/conns/awsclient_gen.go b/internal/conns/awsclient_gen.go index 11021fa9c9ed..8354d7eef504 100644 --- a/internal/conns/awsclient_gen.go +++ b/internal/conns/awsclient_gen.go @@ -20,6 +20,7 @@ import ( chimesdkvoice_sdkv2 "github.com/aws/aws-sdk-go-v2/service/chimesdkvoice" cleanrooms_sdkv2 "github.com/aws/aws-sdk-go-v2/service/cleanrooms" cloudcontrol_sdkv2 "github.com/aws/aws-sdk-go-v2/service/cloudcontrol" + cloudtrail_sdkv2 "github.com/aws/aws-sdk-go-v2/service/cloudtrail" cloudwatchlogs_sdkv2 "github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs" codeartifact_sdkv2 "github.com/aws/aws-sdk-go-v2/service/codeartifact" codebuild_sdkv2 "github.com/aws/aws-sdk-go-v2/service/codebuild" @@ -136,7 +137,6 @@ import ( cloudfront_sdkv1 "github.com/aws/aws-sdk-go/service/cloudfront" cloudhsmv2_sdkv1 "github.com/aws/aws-sdk-go/service/cloudhsmv2" cloudsearch_sdkv1 "github.com/aws/aws-sdk-go/service/cloudsearch" - cloudtrail_sdkv1 "github.com/aws/aws-sdk-go/service/cloudtrail" cloudwatch_sdkv1 "github.com/aws/aws-sdk-go/service/cloudwatch" cloudwatchrum_sdkv1 "github.com/aws/aws-sdk-go/service/cloudwatchrum" cognitoidentity_sdkv1 "github.com/aws/aws-sdk-go/service/cognitoidentity" @@ -396,8 +396,8 @@ func (c *AWSClient) CloudSearchConn(ctx context.Context) *cloudsearch_sdkv1.Clou return errs.Must(conn[*cloudsearch_sdkv1.CloudSearch](ctx, c, names.CloudSearch, make(map[string]any))) } -func (c *AWSClient) CloudTrailConn(ctx context.Context) *cloudtrail_sdkv1.CloudTrail { - return errs.Must(conn[*cloudtrail_sdkv1.CloudTrail](ctx, c, names.CloudTrail, make(map[string]any))) +func (c *AWSClient) CloudTrailClient(ctx context.Context) *cloudtrail_sdkv2.Client { + return errs.Must(client[*cloudtrail_sdkv2.Client](ctx, c, names.CloudTrail, make(map[string]any))) } func (c *AWSClient) CloudWatchConn(ctx context.Context) *cloudwatch_sdkv1.CloudWatch { diff --git a/internal/service/cloudtrail/generate.go b/internal/service/cloudtrail/generate.go index 49c7b5278ce0..d10d3a7a211c 100644 --- a/internal/service/cloudtrail/generate.go +++ b/internal/service/cloudtrail/generate.go @@ -1,7 +1,7 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 -//go:generate go run ../../generate/tags/main.go -ListTags -ListTagsOp=ListTags -ListTagsInIDElem=ResourceIdList -ListTagsInIDNeedSlice=yes -ListTagsOutTagsElem=ResourceTagList[0].TagsList -ServiceTagsSlice -TagOp=AddTags -TagInIDElem=ResourceId -TagInTagsElem=TagsList -UntagOp=RemoveTags -UntagInNeedTagType -UntagInTagsElem=TagsList -UpdateTags +//go:generate go run ../../generate/tags/main.go -AWSSDKVersion=2 -ListTags -ListTagsOp=ListTags -ListTagsInIDElem=ResourceIdList -ListTagsInIDNeedSlice=yes -ListTagsOutTagsElem=ResourceTagList[0].TagsList -ServiceTagsSlice -TagOp=AddTags -TagInIDElem=ResourceId -TagInTagsElem=TagsList -UntagOp=RemoveTags -UntagInNeedTagType -UntagInTagsElem=TagsList -UpdateTags //go:generate go run ../../generate/servicepackage/main.go // ONLY generate directives and package declaration! Do not add anything else to this file. diff --git a/internal/service/cloudtrail/service_package_gen.go b/internal/service/cloudtrail/service_package_gen.go index 8d39defce073..e73643670e74 100644 --- a/internal/service/cloudtrail/service_package_gen.go +++ b/internal/service/cloudtrail/service_package_gen.go @@ -5,9 +5,8 @@ package cloudtrail import ( "context" - aws_sdkv1 "github.com/aws/aws-sdk-go/aws" - session_sdkv1 "github.com/aws/aws-sdk-go/aws/session" - cloudtrail_sdkv1 "github.com/aws/aws-sdk-go/service/cloudtrail" + aws_sdkv2 "github.com/aws/aws-sdk-go-v2/aws" + cloudtrail_sdkv2 "github.com/aws/aws-sdk-go-v2/service/cloudtrail" "github.com/hashicorp/terraform-provider-aws/internal/conns" "github.com/hashicorp/terraform-provider-aws/internal/types" "github.com/hashicorp/terraform-provider-aws/names" @@ -57,11 +56,15 @@ func (p *servicePackage) ServicePackageName() string { return names.CloudTrail } -// NewConn returns a new AWS SDK for Go v1 client for this service package's AWS API. -func (p *servicePackage) NewConn(ctx context.Context, config map[string]any) (*cloudtrail_sdkv1.CloudTrail, error) { - sess := config["session"].(*session_sdkv1.Session) +// NewClient returns a new AWS SDK for Go v2 client for this service package's AWS API. +func (p *servicePackage) NewClient(ctx context.Context, config map[string]any) (*cloudtrail_sdkv2.Client, error) { + cfg := *(config["aws_sdkv2_config"].(*aws_sdkv2.Config)) - return cloudtrail_sdkv1.New(sess.Copy(&aws_sdkv1.Config{Endpoint: aws_sdkv1.String(config["endpoint"].(string))})), nil + return cloudtrail_sdkv2.NewFromConfig(cfg, func(o *cloudtrail_sdkv2.Options) { + if endpoint := config["endpoint"].(string); endpoint != "" { + o.BaseEndpoint = aws_sdkv2.String(endpoint) + } + }), nil } func ServicePackage(ctx context.Context) conns.ServicePackage { diff --git a/internal/service/cloudtrail/tags_gen.go b/internal/service/cloudtrail/tags_gen.go index 405fe71aecd3..430302c403b0 100644 --- a/internal/service/cloudtrail/tags_gen.go +++ b/internal/service/cloudtrail/tags_gen.go @@ -5,9 +5,9 @@ import ( "context" "fmt" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/cloudtrail" - "github.com/aws/aws-sdk-go/service/cloudtrail/cloudtrailiface" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/cloudtrail" + awstypes "github.com/aws/aws-sdk-go-v2/service/cloudtrail/types" "github.com/hashicorp/terraform-plugin-log/tflog" "github.com/hashicorp/terraform-provider-aws/internal/conns" "github.com/hashicorp/terraform-provider-aws/internal/logging" @@ -19,12 +19,12 @@ import ( // listTags lists cloudtrail service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. -func listTags(ctx context.Context, conn cloudtrailiface.CloudTrailAPI, identifier string) (tftags.KeyValueTags, error) { +func listTags(ctx context.Context, conn *cloudtrail.Client, identifier string, optFns ...func(*cloudtrail.Options)) (tftags.KeyValueTags, error) { input := &cloudtrail.ListTagsInput{ ResourceIdList: aws.StringSlice([]string{identifier}), } - output, err := conn.ListTagsWithContext(ctx, input) + output, err := conn.ListTags(ctx, input, optFns...) if err != nil { return tftags.New(ctx, nil), err @@ -36,7 +36,7 @@ func listTags(ctx context.Context, conn cloudtrailiface.CloudTrailAPI, identifie // ListTags lists cloudtrail service tags and set them in Context. // It is called from outside this package. func (p *servicePackage) ListTags(ctx context.Context, meta any, identifier string) error { - tags, err := listTags(ctx, meta.(*conns.AWSClient).CloudTrailConn(ctx), identifier) + tags, err := listTags(ctx, meta.(*conns.AWSClient).CloudTrailClient(ctx), identifier) if err != nil { return err @@ -52,11 +52,11 @@ func (p *servicePackage) ListTags(ctx context.Context, meta any, identifier stri // []*SERVICE.Tag handling // Tags returns cloudtrail service tags. -func Tags(tags tftags.KeyValueTags) []*cloudtrail.Tag { - result := make([]*cloudtrail.Tag, 0, len(tags)) +func Tags(tags tftags.KeyValueTags) []awstypes.Tag { + result := make([]awstypes.Tag, 0, len(tags)) for k, v := range tags.Map() { - tag := &cloudtrail.Tag{ + tag := awstypes.Tag{ Key: aws.String(k), Value: aws.String(v), } @@ -68,11 +68,11 @@ func Tags(tags tftags.KeyValueTags) []*cloudtrail.Tag { } // KeyValueTags creates tftags.KeyValueTags from cloudtrail service tags. -func KeyValueTags(ctx context.Context, tags []*cloudtrail.Tag) tftags.KeyValueTags { +func KeyValueTags(ctx context.Context, tags []awstypes.Tag) tftags.KeyValueTags { m := make(map[string]*string, len(tags)) for _, tag := range tags { - m[aws.StringValue(tag.Key)] = tag.Value + m[aws.ToString(tag.Key)] = tag.Value } return tftags.New(ctx, m) @@ -80,7 +80,7 @@ func KeyValueTags(ctx context.Context, tags []*cloudtrail.Tag) tftags.KeyValueTa // getTagsIn returns cloudtrail service tags from Context. // nil is returned if there are no input tags. -func getTagsIn(ctx context.Context) []*cloudtrail.Tag { +func getTagsIn(ctx context.Context) []awstypes.Tag { if inContext, ok := tftags.FromContext(ctx); ok { if tags := Tags(inContext.TagsIn.UnwrapOrDefault()); len(tags) > 0 { return tags @@ -91,7 +91,7 @@ func getTagsIn(ctx context.Context) []*cloudtrail.Tag { } // setTagsOut sets cloudtrail service tags in Context. -func setTagsOut(ctx context.Context, tags []*cloudtrail.Tag) { +func setTagsOut(ctx context.Context, tags []awstypes.Tag) { if inContext, ok := tftags.FromContext(ctx); ok { inContext.TagsOut = option.Some(KeyValueTags(ctx, tags)) } @@ -100,7 +100,7 @@ func setTagsOut(ctx context.Context, tags []*cloudtrail.Tag) { // updateTags updates cloudtrail service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. -func updateTags(ctx context.Context, conn cloudtrailiface.CloudTrailAPI, identifier string, oldTagsMap, newTagsMap any) error { +func updateTags(ctx context.Context, conn *cloudtrail.Client, identifier string, oldTagsMap, newTagsMap any, optFns ...func(*cloudtrail.Options)) error { oldTags := tftags.New(ctx, oldTagsMap) newTags := tftags.New(ctx, newTagsMap) @@ -114,7 +114,7 @@ func updateTags(ctx context.Context, conn cloudtrailiface.CloudTrailAPI, identif TagsList: Tags(removedTags), } - _, err := conn.RemoveTagsWithContext(ctx, input) + _, err := conn.RemoveTags(ctx, input, optFns...) if err != nil { return fmt.Errorf("untagging resource (%s): %w", identifier, err) @@ -129,7 +129,7 @@ func updateTags(ctx context.Context, conn cloudtrailiface.CloudTrailAPI, identif TagsList: Tags(updatedTags), } - _, err := conn.AddTagsWithContext(ctx, input) + _, err := conn.AddTags(ctx, input, optFns...) if err != nil { return fmt.Errorf("tagging resource (%s): %w", identifier, err) @@ -142,5 +142,5 @@ func updateTags(ctx context.Context, conn cloudtrailiface.CloudTrailAPI, identif // UpdateTags updates cloudtrail service tags. // It is called from outside this package. func (p *servicePackage) UpdateTags(ctx context.Context, meta any, identifier string, oldTags, newTags any) error { - return updateTags(ctx, meta.(*conns.AWSClient).CloudTrailConn(ctx), identifier, oldTags, newTags) + return updateTags(ctx, meta.(*conns.AWSClient).CloudTrailClient(ctx), identifier, oldTags, newTags) } From b2260fb74926eca8d848cf92d6db73029e5852f1 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 30 Jan 2024 17:15:27 -0500 Subject: [PATCH 03/14] Run 'go get github.com/aws/aws-sdk-go-v2/service/cloudtrail@v1.36.0 && go mod tidy'. --- go.mod | 1 + go.sum | 2 ++ 2 files changed, 3 insertions(+) diff --git a/go.mod b/go.mod index 8682d51df66e..5b01908247a8 100644 --- a/go.mod +++ b/go.mod @@ -26,6 +26,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/chimesdkvoice v1.12.6 github.com/aws/aws-sdk-go-v2/service/cleanrooms v1.8.6 github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.15.7 + github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.36.0 github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.31.0 github.com/aws/aws-sdk-go-v2/service/codeartifact v1.23.6 github.com/aws/aws-sdk-go-v2/service/codebuild v1.28.0 diff --git a/go.sum b/go.sum index 0871043f946e..ed1d194d5de4 100644 --- a/go.sum +++ b/go.sum @@ -72,6 +72,8 @@ github.com/aws/aws-sdk-go-v2/service/cleanrooms v1.8.6 h1:ype6mmLnDjOX8d4pkbj7SX github.com/aws/aws-sdk-go-v2/service/cleanrooms v1.8.6/go.mod h1:ibuCTolZ5/w65nBDKpsXhzZUeQluX/m0hnXAiwFPvP8= github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.15.7 h1:8sBfx7QkDZ6dgfUNXWHWRc6Eax7WOI3Slgj6OKDHKTI= github.com/aws/aws-sdk-go-v2/service/cloudcontrol v1.15.7/go.mod h1:P1EMD13hrBE2KUw030w482Eyk2NmOFIvGqmgNi4XRDc= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.36.0 h1:tRzTDe5E/dgGwJRR1cltjV9NPG9J5L7HK01+p2B4gCM= +github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.36.0/go.mod h1:ZyywmYcQbdJcIh8YMwqkw18mkA6nuQ+Uj1ouT2rXTYQ= github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.31.0 h1:Rk+Ft0Mu/eiNt2iJ2oS8Gf1h5m6q5crwS8cmlTylnvM= github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.31.0/go.mod h1:jZNaJEtn9TLi3pfxycLz79HVkKxP8ZdYm92iaNFgBsA= github.com/aws/aws-sdk-go-v2/service/codeartifact v1.23.6 h1:QuI+Nh9lQ9EgCMhLzIDEp95cLnNd1vFHyODD0he0oQs= From 2cb193eb31e73179d0ca678390e97b9ece4a8c99 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Tue, 30 Jan 2024 17:22:04 -0500 Subject: [PATCH 04/14] cloudtrail: Fix tagging code generation. --- internal/service/cloudtrail/generate.go | 2 +- internal/service/cloudtrail/tags_gen.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/internal/service/cloudtrail/generate.go b/internal/service/cloudtrail/generate.go index d10d3a7a211c..1a855a86b3c1 100644 --- a/internal/service/cloudtrail/generate.go +++ b/internal/service/cloudtrail/generate.go @@ -1,7 +1,7 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 -//go:generate go run ../../generate/tags/main.go -AWSSDKVersion=2 -ListTags -ListTagsOp=ListTags -ListTagsInIDElem=ResourceIdList -ListTagsInIDNeedSlice=yes -ListTagsOutTagsElem=ResourceTagList[0].TagsList -ServiceTagsSlice -TagOp=AddTags -TagInIDElem=ResourceId -TagInTagsElem=TagsList -UntagOp=RemoveTags -UntagInNeedTagType -UntagInTagsElem=TagsList -UpdateTags +//go:generate go run ../../generate/tags/main.go -AWSSDKVersion=2 -ListTags -ListTagsOp=ListTags -ListTagsInIDElem=ResourceIdList --ListTagsInIDNeedValueSlice=yes -ListTagsOutTagsElem=ResourceTagList[0].TagsList -ServiceTagsSlice -TagOp=AddTags -TagInIDElem=ResourceId -TagInTagsElem=TagsList -UntagOp=RemoveTags -UntagInNeedTagType -UntagInTagsElem=TagsList -UpdateTags //go:generate go run ../../generate/servicepackage/main.go // ONLY generate directives and package declaration! Do not add anything else to this file. diff --git a/internal/service/cloudtrail/tags_gen.go b/internal/service/cloudtrail/tags_gen.go index 430302c403b0..8ade4d5e2b7e 100644 --- a/internal/service/cloudtrail/tags_gen.go +++ b/internal/service/cloudtrail/tags_gen.go @@ -21,7 +21,7 @@ import ( // it may also be a different identifier depending on the service. func listTags(ctx context.Context, conn *cloudtrail.Client, identifier string, optFns ...func(*cloudtrail.Options)) (tftags.KeyValueTags, error) { input := &cloudtrail.ListTagsInput{ - ResourceIdList: aws.StringSlice([]string{identifier}), + ResourceIdList: []string{identifier}, } output, err := conn.ListTags(ctx, input, optFns...) From a2eb3f95b2fc3a720d5d1243c274dba9cb55678f Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 31 Jan 2024 09:24:28 -0500 Subject: [PATCH 05/14] d/aws_cloudtrail_service_account: Migrate to AWS SDK for Go v2. --- internal/service/cloudtrail/exports_test.go | 2 ++ .../cloudtrail/service_account_data_source.go | 23 ++++++++++--------- .../service/cloudtrail/service_package_gen.go | 3 ++- 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/internal/service/cloudtrail/exports_test.go b/internal/service/cloudtrail/exports_test.go index 48590334d86e..b3bcf034ba2e 100644 --- a/internal/service/cloudtrail/exports_test.go +++ b/internal/service/cloudtrail/exports_test.go @@ -6,4 +6,6 @@ package cloudtrail // Exports for use in tests only. var ( FindTrailByARN = findTrailByARN + + ServiceAccountPerRegionMap = serviceAccountPerRegionMap ) diff --git a/internal/service/cloudtrail/service_account_data_source.go b/internal/service/cloudtrail/service_account_data_source.go index 698e76c2f672..84d4950cf398 100644 --- a/internal/service/cloudtrail/service_account_data_source.go +++ b/internal/service/cloudtrail/service_account_data_source.go @@ -18,7 +18,7 @@ import ( // See https://docs.aws.amazon.com/govcloud-us/latest/ug-east/verifying-cloudtrail.html // See https://docs.aws.amazon.com/govcloud-us/latest/ug-west/verifying-cloudtrail.html -var ServiceAccountPerRegionMap = map[string]string{ +var serviceAccountPerRegionMap = map[string]string{ endpoints.AfSouth1RegionID: "525921808201", endpoints.ApEast1RegionID: "119688915426", endpoints.ApNortheast1RegionID: "216624486486", @@ -53,37 +53,38 @@ var ServiceAccountPerRegionMap = map[string]string{ endpoints.UsWest2RegionID: "113285607260", } -// @SDKDataSource("aws_cloudtrail_service_account") -func DataSourceServiceAccount() *schema.Resource { +// @SDKDataSource("aws_cloudtrail_service_account", name="Service Account") +func dataSourceServiceAccount() *schema.Resource { return &schema.Resource{ ReadWithoutTimeout: dataSourceServiceAccountRead, Schema: map[string]*schema.Schema{ - "region": { - Type: schema.TypeString, - Optional: true, - }, "arn": { Type: schema.TypeString, Computed: true, }, + "region": { + Type: schema.TypeString, + Optional: true, + }, }, } } func dataSourceServiceAccountRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics + region := meta.(*conns.AWSClient).Region if v, ok := d.GetOk("region"); ok { region = v.(string) } - if accid, ok := ServiceAccountPerRegionMap[region]; ok { - d.SetId(accid) + if v, ok := serviceAccountPerRegionMap[region]; ok { + d.SetId(v) arn := arn.ARN{ Partition: meta.(*conns.AWSClient).Partition, Service: "iam", - AccountID: accid, + AccountID: v, Resource: "root", }.String() d.Set("arn", arn) @@ -91,5 +92,5 @@ func dataSourceServiceAccountRead(ctx context.Context, d *schema.ResourceData, m return diags } - return sdkdiag.AppendErrorf(diags, "Unknown region (%q)", region) + return sdkdiag.AppendErrorf(diags, "unsupported CloudTrail Service Account Region (%s)", region) } diff --git a/internal/service/cloudtrail/service_package_gen.go b/internal/service/cloudtrail/service_package_gen.go index e73643670e74..bc2628bbfc17 100644 --- a/internal/service/cloudtrail/service_package_gen.go +++ b/internal/service/cloudtrail/service_package_gen.go @@ -25,8 +25,9 @@ func (p *servicePackage) FrameworkResources(ctx context.Context) []*types.Servic func (p *servicePackage) SDKDataSources(ctx context.Context) []*types.ServicePackageSDKDataSource { return []*types.ServicePackageSDKDataSource{ { - Factory: DataSourceServiceAccount, + Factory: dataSourceServiceAccount, TypeName: "aws_cloudtrail_service_account", + Name: "Service Account", }, } } From e10957859bd0116fdc598a449d399ee3d2846c5f Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 31 Jan 2024 09:27:46 -0500 Subject: [PATCH 06/14] Run 'go generate ./internal/generate/serviceendpointtests'. --- .../cloudtrail/service_endpoints_gen_test.go | 40 ++++++++++++------- 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/internal/service/cloudtrail/service_endpoints_gen_test.go b/internal/service/cloudtrail/service_endpoints_gen_test.go index 7bb60888cf90..9f87ef4d624d 100644 --- a/internal/service/cloudtrail/service_endpoints_gen_test.go +++ b/internal/service/cloudtrail/service_endpoints_gen_test.go @@ -4,16 +4,16 @@ package cloudtrail_test import ( "context" + "errors" "fmt" - "net/url" "os" "path/filepath" "reflect" "strings" "testing" - "github.com/aws/aws-sdk-go/aws/endpoints" - cloudtrail_sdkv1 "github.com/aws/aws-sdk-go/service/cloudtrail" + aws_sdkv2 "github.com/aws/aws-sdk-go-v2/aws" + cloudtrail_sdkv2 "github.com/aws/aws-sdk-go-v2/service/cloudtrail" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" "github.com/google/go-cmp/cmp" @@ -212,32 +212,42 @@ func TestEndpointConfiguration(t *testing.T) { //nolint:paralleltest // uses t.S } func defaultEndpoint(region string) string { - r := endpoints.DefaultResolver() + r := cloudtrail_sdkv2.NewDefaultEndpointResolverV2() - ep, err := r.EndpointFor(cloudtrail_sdkv1.EndpointsID, region) + ep, err := r.ResolveEndpoint(context.Background(), cloudtrail_sdkv2.EndpointParameters{ + Region: aws_sdkv2.String(region), + }) if err != nil { return err.Error() } - url, _ := url.Parse(ep.URL) - - if url.Path == "" { - url.Path = "/" + if ep.URI.Path == "" { + ep.URI.Path = "/" } - return url.String() + return ep.URI.String() } func callService(ctx context.Context, t *testing.T, meta *conns.AWSClient) string { t.Helper() - client := meta.CloudTrailConn(ctx) - - req, _ := client.ListChannelsRequest(&cloudtrail_sdkv1.ListChannelsInput{}) + var endpoint string - req.HTTPRequest.URL.Path = "/" + client := meta.CloudTrailClient(ctx) - endpoint := req.HTTPRequest.URL.String() + _, err := client.ListChannels(ctx, &cloudtrail_sdkv2.ListChannelsInput{}, + func(opts *cloudtrail_sdkv2.Options) { + opts.APIOptions = append(opts.APIOptions, + addRetrieveEndpointURLMiddleware(t, &endpoint), + addCancelRequestMiddleware(), + ) + }, + ) + if err == nil { + t.Fatal("Expected an error, got none") + } else if !errors.Is(err, errCancelOperation) { + t.Fatalf("Unexpected error: %s", err) + } return endpoint } From 522a282c3403020c4b2a8b0d37fa63d4acd0cea5 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 31 Jan 2024 17:15:55 -0500 Subject: [PATCH 07/14] r/aws_cloudtrail: Migrate to AWS SDK for Go v2. --- internal/service/cloudtrail/cloudtrail.go | 227 +++++++++--------- .../service/cloudtrail/cloudtrail_test.go | 4 +- internal/service/cloudtrail/exports_test.go | 5 +- .../service/cloudtrail/service_package_gen.go | 4 +- 4 files changed, 123 insertions(+), 117 deletions(-) diff --git a/internal/service/cloudtrail/cloudtrail.go b/internal/service/cloudtrail/cloudtrail.go index e025d76be48d..5106a5a533fc 100644 --- a/internal/service/cloudtrail/cloudtrail.go +++ b/internal/service/cloudtrail/cloudtrail.go @@ -8,16 +8,19 @@ import ( "fmt" "log" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/arn" - "github.com/aws/aws-sdk-go/service/cloudtrail" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/aws/arn" + "github.com/aws/aws-sdk-go-v2/service/cloudtrail" + "github.com/aws/aws-sdk-go-v2/service/cloudtrail/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/enum" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" "github.com/hashicorp/terraform-provider-aws/internal/flex" + tfslices "github.com/hashicorp/terraform-provider-aws/internal/slices" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" "github.com/hashicorp/terraform-provider-aws/internal/verify" @@ -26,12 +29,12 @@ import ( // @SDKResource("aws_cloudtrail", name="Trail") // @Tags(identifierAttribute="arn") -func ResourceCloudTrail() *schema.Resource { // nosemgrep:ci.cloudtrail-in-func-name +func resourceTrail() *schema.Resource { return &schema.Resource{ - CreateWithoutTimeout: resourceCloudTrailCreate, - ReadWithoutTimeout: resourceCloudTrailRead, - UpdateWithoutTimeout: resourceCloudTrailUpdate, - DeleteWithoutTimeout: resourceCloudTrailDelete, + CreateWithoutTimeout: resourceTrailCreate, + ReadWithoutTimeout: resourceTrailRead, + UpdateWithoutTimeout: resourceTrailUpdate, + DeleteWithoutTimeout: resourceTrailDelete, Importer: &schema.ResourceImporter{ StateContext: schema.ImportStatePassthroughContext, @@ -40,8 +43,8 @@ func ResourceCloudTrail() *schema.Resource { // nosemgrep:ci.cloudtrail-in-func- SchemaVersion: 1, StateUpgraders: []schema.StateUpgrader{ { - Type: resourceCloudTrailV0().CoreConfigSchema().ImpliedType(), - Upgrade: cloudTrailUpgradeV0, + Type: resourceTrailV0().CoreConfigSchema().ImpliedType(), + Upgrade: trailUpgradeV0, Version: 0, }, }, @@ -190,10 +193,10 @@ func ResourceCloudTrail() *schema.Resource { // nosemgrep:ci.cloudtrail-in-func- Default: true, }, "read_write_type": { - Type: schema.TypeString, - Optional: true, - Default: cloudtrail.ReadWriteTypeAll, - ValidateFunc: validation.StringInSlice(cloudtrail.ReadWriteType_Values(), false), + Type: schema.TypeString, + Optional: true, + Default: types.ReadWriteTypeAll, + ValidateDiagFunc: enum.Validate[types.ReadWriteType](), }, }, }, @@ -213,9 +216,9 @@ func ResourceCloudTrail() *schema.Resource { // nosemgrep:ci.cloudtrail-in-func- Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "insight_type": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validation.StringInSlice(cloudtrail.InsightType_Values(), false), + Type: schema.TypeString, + Required: true, + ValidateDiagFunc: enum.Validate[types.InsightType](), }, }, }, @@ -262,9 +265,9 @@ func ResourceCloudTrail() *schema.Resource { // nosemgrep:ci.cloudtrail-in-func- } } -func resourceCloudTrailCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { // nosemgrep:ci.cloudtrail-in-func-name +func resourceTrailCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).CloudTrailConn(ctx) + conn := meta.(*conns.AWSClient).CloudTrailClient(ctx) name := d.Get("name").(string) input := &cloudtrail.CreateTrailInput{ @@ -308,14 +311,14 @@ func resourceCloudTrailCreate(ctx context.Context, d *schema.ResourceData, meta outputRaw, err := tfresource.RetryWhen(ctx, propagationTimeout, func() (interface{}, error) { - return conn.CreateTrailWithContext(ctx, input) + return conn.CreateTrail(ctx, input) }, func(err error) (bool, error) { - if tfawserr.ErrMessageContains(err, cloudtrail.ErrCodeInvalidCloudWatchLogsRoleArnException, "Access denied.") { + if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsRoleArnException](err, "Access denied.") { return true, err } - if tfawserr.ErrMessageContains(err, cloudtrail.ErrCodeInvalidCloudWatchLogsLogGroupArnException, "Access denied.") { + if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsLogGroupArnException](err, "Access denied.") { return true, err } @@ -327,7 +330,7 @@ func resourceCloudTrailCreate(ctx context.Context, d *schema.ResourceData, meta return sdkdiag.AppendErrorf(diags, "creating CloudTrail Trail (%s): %s", name, err) } - d.SetId(aws.StringValue(outputRaw.(*cloudtrail.CreateTrailOutput).TrailARN)) + d.SetId(aws.ToString(outputRaw.(*cloudtrail.CreateTrailOutput).TrailARN)) // AWS CloudTrail sets newly-created trails to false. if d.Get("enable_logging").(bool) { @@ -354,12 +357,12 @@ func resourceCloudTrailCreate(ctx context.Context, d *schema.ResourceData, meta } } - return append(diags, resourceCloudTrailRead(ctx, d, meta)...) + return append(diags, resourceTrailRead(ctx, d, meta)...) } -func resourceCloudTrailRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { // nosemgrep:ci.cloudtrail-in-func-name +func resourceTrailRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).CloudTrailConn(ctx) + conn := meta.(*conns.AWSClient).CloudTrailClient(ctx) outputRaw, err := tfresource.RetryWhenNewResourceNotFound(ctx, propagationTimeout, func() (interface{}, error) { return findTrailByARN(ctx, conn, d.Id()) @@ -375,8 +378,8 @@ func resourceCloudTrailRead(ctx context.Context, d *schema.ResourceData, meta in return sdkdiag.AppendErrorf(diags, "reading CloudTrail Trail (%s): %s", d.Id(), err) } - trail := outputRaw.(*cloudtrail.Trail) - arn := aws.StringValue(trail.TrailARN) + trail := outputRaw.(*types.Trail) + arn := aws.ToString(trail.TrailARN) d.Set("arn", arn) d.Set("cloud_watch_logs_group_arn", trail.CloudWatchLogsLogGroupArn) d.Set("cloud_watch_logs_role_arn", trail.CloudWatchLogsRoleArn) @@ -391,7 +394,7 @@ func resourceCloudTrailRead(ctx context.Context, d *schema.ResourceData, meta in d.Set("s3_key_prefix", trail.S3KeyPrefix) d.Set("sns_topic_name", trail.SnsTopicName) - if output, err := conn.GetTrailStatusWithContext(ctx, &cloudtrail.GetTrailStatusInput{ + if output, err := conn.GetTrailStatus(ctx, &cloudtrail.GetTrailStatusInput{ Name: aws.String(d.Id()), }); err != nil { return sdkdiag.AppendErrorf(diags, "reading CloudTrail Trail (%s) status: %s", d.Id(), err) @@ -399,12 +402,12 @@ func resourceCloudTrailRead(ctx context.Context, d *schema.ResourceData, meta in d.Set("enable_logging", output.IsLogging) } - if aws.BoolValue(trail.HasCustomEventSelectors) { + if aws.ToBool(trail.HasCustomEventSelectors) { input := &cloudtrail.GetEventSelectorsInput{ TrailName: aws.String(d.Id()), } - output, err := conn.GetEventSelectorsWithContext(ctx, input) + output, err := conn.GetEventSelectors(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "reading CloudTrail Trail (%s) event selectors: %s", d.Id(), err) @@ -419,15 +422,15 @@ func resourceCloudTrailRead(ctx context.Context, d *schema.ResourceData, meta in } } - if aws.BoolValue(trail.HasInsightSelectors) { + if aws.ToBool(trail.HasInsightSelectors) { input := &cloudtrail.GetInsightSelectorsInput{ TrailName: aws.String(d.Id()), } - output, err := conn.GetInsightSelectorsWithContext(ctx, input) + output, err := conn.GetInsightSelectors(ctx, input) if err != nil { - if !tfawserr.ErrCodeEquals(err, cloudtrail.ErrCodeInsightNotEnabledException) { + if !errs.IsA[*types.InsightNotEnabledException](err) { return sdkdiag.AppendErrorf(diags, "reading CloudTrail Trail (%s) insight selectors: %s", d.Id(), err) } } else if err := d.Set("insight_selector", flattenInsightSelector(output.InsightSelectors)); err != nil { @@ -438,9 +441,9 @@ func resourceCloudTrailRead(ctx context.Context, d *schema.ResourceData, meta in return diags } -func resourceCloudTrailUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { // nosemgrep:ci.cloudtrail-in-func-name +func resourceTrailUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).CloudTrailConn(ctx) + conn := meta.(*conns.AWSClient).CloudTrailClient(ctx) if d.HasChangesExcept("tags", "tags_all", "insight_selector", "advanced_event_selector", "event_selector", "enable_logging") { input := &cloudtrail.UpdateTrailInput{ @@ -487,14 +490,14 @@ func resourceCloudTrailUpdate(ctx context.Context, d *schema.ResourceData, meta _, err := tfresource.RetryWhen(ctx, propagationTimeout, func() (interface{}, error) { - return conn.UpdateTrailWithContext(ctx, input) + return conn.UpdateTrail(ctx, input) }, func(err error) (bool, error) { - if tfawserr.ErrMessageContains(err, cloudtrail.ErrCodeInvalidCloudWatchLogsRoleArnException, "Access denied.") { + if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsRoleArnException](err, "Access denied.") { return true, err } - if tfawserr.ErrMessageContains(err, cloudtrail.ErrCodeInvalidCloudWatchLogsLogGroupArnException, "Access denied.") { + if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsLogGroupArnException](err, "Access denied.") { return true, err } @@ -531,19 +534,19 @@ func resourceCloudTrailUpdate(ctx context.Context, d *schema.ResourceData, meta } } - return append(diags, resourceCloudTrailRead(ctx, d, meta)...) + return append(diags, resourceTrailRead(ctx, d, meta)...) } -func resourceCloudTrailDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { // nosemgrep:ci.cloudtrail-in-func-name +func resourceTrailDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - conn := meta.(*conns.AWSClient).CloudTrailConn(ctx) + conn := meta.(*conns.AWSClient).CloudTrailClient(ctx) log.Printf("[DEBUG] Deleting CloudTrail Trail: %s", d.Id()) - _, err := conn.DeleteTrailWithContext(ctx, &cloudtrail.DeleteTrailInput{ + _, err := conn.DeleteTrail(ctx, &cloudtrail.DeleteTrailInput{ Name: aws.String(d.Id()), }) - if tfawserr.ErrCodeEquals(err, cloudtrail.ErrCodeTrailNotFoundException) { + if errs.IsA[*types.TrailNotFoundException](err) { return diags } @@ -554,26 +557,26 @@ func resourceCloudTrailDelete(ctx context.Context, d *schema.ResourceData, meta return diags } -func findTrailByARN(ctx context.Context, conn *cloudtrail.CloudTrail, arn string) (*cloudtrail.Trail, error) { +func findTrailByARN(ctx context.Context, conn *cloudtrail.Client, arn string) (*types.Trail, error) { input := &cloudtrail.DescribeTrailsInput{ - TrailNameList: aws.StringSlice([]string{arn}), + TrailNameList: tfslices.Of(arn), } return findTrail(ctx, conn, input) } -func findTrail(ctx context.Context, conn *cloudtrail.CloudTrail, input *cloudtrail.DescribeTrailsInput) (*cloudtrail.Trail, error) { +func findTrail(ctx context.Context, conn *cloudtrail.Client, input *cloudtrail.DescribeTrailsInput) (*types.Trail, error) { output, err := findTrails(ctx, conn, input) if err != nil { return nil, err } - return tfresource.AssertSinglePtrResult(output) + return tfresource.AssertSingleValueResult(output) } -func findTrails(ctx context.Context, conn *cloudtrail.CloudTrail, input *cloudtrail.DescribeTrailsInput) ([]*cloudtrail.Trail, error) { - output, err := conn.DescribeTrailsWithContext(ctx, input) +func findTrails(ctx context.Context, conn *cloudtrail.Client, input *cloudtrail.DescribeTrailsInput) ([]types.Trail, error) { + output, err := conn.DescribeTrails(ctx, input) if err != nil { return nil, err @@ -586,13 +589,13 @@ func findTrails(ctx context.Context, conn *cloudtrail.CloudTrail, input *cloudtr return output.TrailList, nil } -func setLogging(ctx context.Context, conn *cloudtrail.CloudTrail, name string, enabled bool) error { +func setLogging(ctx context.Context, conn *cloudtrail.Client, name string, enabled bool) error { if enabled { input := &cloudtrail.StartLoggingInput{ Name: aws.String(name), } - if _, err := conn.StartLoggingWithContext(ctx, input); err != nil { + if _, err := conn.StartLogging(ctx, input); err != nil { return fmt.Errorf("starting CloudTrail Trail (%s) logging: %w", name, err) } } else { @@ -600,7 +603,7 @@ func setLogging(ctx context.Context, conn *cloudtrail.CloudTrail, name string, e Name: aws.String(name), } - if _, err := conn.StopLoggingWithContext(ctx, input); err != nil { + if _, err := conn.StopLogging(ctx, input); err != nil { return fmt.Errorf("stopping CloudTrail Trail (%s) logging: %w", name, err) } } @@ -608,7 +611,7 @@ func setLogging(ctx context.Context, conn *cloudtrail.CloudTrail, name string, e return nil } -func setEventSelectors(ctx context.Context, conn *cloudtrail.CloudTrail, d *schema.ResourceData) error { +func setEventSelectors(ctx context.Context, conn *cloudtrail.Client, d *schema.ResourceData) error { input := &cloudtrail.PutEventSelectorsInput{ TrailName: aws.String(d.Id()), } @@ -616,37 +619,37 @@ func setEventSelectors(ctx context.Context, conn *cloudtrail.CloudTrail, d *sche eventSelectors := expandEventSelector(d.Get("event_selector").([]interface{})) // If no defined selectors revert to the single default selector. if len(eventSelectors) == 0 { - eventSelector := &cloudtrail.EventSelector{ + eventSelector := types.EventSelector{ IncludeManagementEvents: aws.Bool(true), - ReadWriteType: aws.String(cloudtrail.ReadWriteTypeAll), - DataResources: make([]*cloudtrail.DataResource, 0), + ReadWriteType: types.ReadWriteTypeAll, + DataResources: make([]types.DataResource, 0), } eventSelectors = append(eventSelectors, eventSelector) } input.EventSelectors = eventSelectors - if _, err := conn.PutEventSelectorsWithContext(ctx, input); err != nil { + if _, err := conn.PutEventSelectors(ctx, input); err != nil { return fmt.Errorf("setting CloudTrail Trail (%s) event selectors: %s", d.Id(), err) } return nil } -func expandEventSelector(configured []interface{}) []*cloudtrail.EventSelector { - eventSelectors := make([]*cloudtrail.EventSelector, 0, len(configured)) +func expandEventSelector(configured []interface{}) []types.EventSelector { + eventSelectors := make([]types.EventSelector, 0, len(configured)) for _, raw := range configured { data := raw.(map[string]interface{}) dataResources := expandEventSelectorDataResource(data["data_resource"].([]interface{})) - es := &cloudtrail.EventSelector{ + es := types.EventSelector{ IncludeManagementEvents: aws.Bool(data["include_management_events"].(bool)), - ReadWriteType: aws.String(data["read_write_type"].(string)), + ReadWriteType: types.ReadWriteType(data["read_write_type"].(string)), DataResources: dataResources, } if v, ok := data["exclude_management_event_sources"].(*schema.Set); ok && v.Len() > 0 { - es.ExcludeManagementEventSources = flex.ExpandStringSet(v) + es.ExcludeManagementEventSources = flex.ExpandStringValueSet(v) } eventSelectors = append(eventSelectors, es) @@ -655,15 +658,15 @@ func expandEventSelector(configured []interface{}) []*cloudtrail.EventSelector { return eventSelectors } -func expandEventSelectorDataResource(configured []interface{}) []*cloudtrail.DataResource { - dataResources := make([]*cloudtrail.DataResource, 0, len(configured)) +func expandEventSelectorDataResource(configured []interface{}) []types.DataResource { + dataResources := make([]types.DataResource, 0, len(configured)) for _, raw := range configured { data := raw.(map[string]interface{}) - dataResource := &cloudtrail.DataResource{ + dataResource := types.DataResource{ Type: aws.String(data["type"].(string)), - Values: flex.ExpandStringList(data["values"].([]interface{})), + Values: flex.ExpandStringValueList(data["values"].([]interface{})), } dataResources = append(dataResources, dataResource) @@ -672,19 +675,19 @@ func expandEventSelectorDataResource(configured []interface{}) []*cloudtrail.Dat return dataResources } -func flattenEventSelector(configured []*cloudtrail.EventSelector) []map[string]interface{} { +func flattenEventSelector(configured []types.EventSelector) []map[string]interface{} { eventSelectors := make([]map[string]interface{}, 0, len(configured)) // Prevent default configurations shows differences - if len(configured) == 1 && len(configured[0].DataResources) == 0 && aws.StringValue(configured[0].ReadWriteType) == cloudtrail.ReadWriteTypeAll && len(configured[0].ExcludeManagementEventSources) == 0 { + if len(configured) == 1 && len(configured[0].DataResources) == 0 && configured[0].ReadWriteType == types.ReadWriteTypeAll && len(configured[0].ExcludeManagementEventSources) == 0 { return eventSelectors } for _, raw := range configured { item := make(map[string]interface{}) - item["read_write_type"] = aws.StringValue(raw.ReadWriteType) - item["exclude_management_event_sources"] = flex.FlattenStringSet(raw.ExcludeManagementEventSources) - item["include_management_events"] = aws.BoolValue(raw.IncludeManagementEvents) + item["read_write_type"] = raw.ReadWriteType + item["exclude_management_event_sources"] = raw.ExcludeManagementEventSources + item["include_management_events"] = aws.ToBool(raw.IncludeManagementEvents) item["data_resource"] = flattenEventSelectorDataResource(raw.DataResources) eventSelectors = append(eventSelectors, item) @@ -693,13 +696,13 @@ func flattenEventSelector(configured []*cloudtrail.EventSelector) []map[string]i return eventSelectors } -func flattenEventSelectorDataResource(configured []*cloudtrail.DataResource) []map[string]interface{} { +func flattenEventSelectorDataResource(configured []types.DataResource) []map[string]interface{} { dataResources := make([]map[string]interface{}, 0, len(configured)) for _, raw := range configured { item := make(map[string]interface{}) - item["type"] = aws.StringValue(raw.Type) - item["values"] = flex.FlattenStringList(raw.Values) + item["type"] = aws.ToString(raw.Type) + item["values"] = raw.Values dataResources = append(dataResources, item) } @@ -707,27 +710,27 @@ func flattenEventSelectorDataResource(configured []*cloudtrail.DataResource) []m return dataResources } -func setAdvancedEventSelectors(ctx context.Context, conn *cloudtrail.CloudTrail, d *schema.ResourceData) error { +func setAdvancedEventSelectors(ctx context.Context, conn *cloudtrail.Client, d *schema.ResourceData) error { input := &cloudtrail.PutEventSelectorsInput{ AdvancedEventSelectors: expandAdvancedEventSelector(d.Get("advanced_event_selector").([]interface{})), TrailName: aws.String(d.Id()), } - if _, err := conn.PutEventSelectorsWithContext(ctx, input); err != nil { - return fmt.Errorf("setting CloudTrail Trail (%s) advanced selectors: %w", d.Id(), err) + if _, err := conn.PutEventSelectors(ctx, input); err != nil { + return fmt.Errorf("setting CloudTrail Trail (%s) advanced event selectors: %w", d.Id(), err) } return nil } -func expandAdvancedEventSelector(configured []interface{}) []*cloudtrail.AdvancedEventSelector { - advancedEventSelectors := make([]*cloudtrail.AdvancedEventSelector, 0, len(configured)) +func expandAdvancedEventSelector(configured []interface{}) []types.AdvancedEventSelector { + advancedEventSelectors := make([]types.AdvancedEventSelector, 0, len(configured)) for _, raw := range configured { data := raw.(map[string]interface{}) fieldSelectors := expandAdvancedEventSelectorFieldSelector(data["field_selector"].(*schema.Set)) - aes := &cloudtrail.AdvancedEventSelector{ + aes := types.AdvancedEventSelector{ Name: aws.String(data["name"].(string)), FieldSelectors: fieldSelectors, } @@ -738,37 +741,37 @@ func expandAdvancedEventSelector(configured []interface{}) []*cloudtrail.Advance return advancedEventSelectors } -func expandAdvancedEventSelectorFieldSelector(configured *schema.Set) []*cloudtrail.AdvancedFieldSelector { - fieldSelectors := make([]*cloudtrail.AdvancedFieldSelector, 0, configured.Len()) +func expandAdvancedEventSelectorFieldSelector(configured *schema.Set) []types.AdvancedFieldSelector { + fieldSelectors := make([]types.AdvancedFieldSelector, 0, configured.Len()) for _, raw := range configured.List() { data := raw.(map[string]interface{}) - fieldSelector := &cloudtrail.AdvancedFieldSelector{ + fieldSelector := types.AdvancedFieldSelector{ Field: aws.String(data["field"].(string)), } if v, ok := data["equals"].([]interface{}); ok && len(v) > 0 { - fieldSelector.Equals = flex.ExpandStringList(v) + fieldSelector.Equals = flex.ExpandStringValueList(v) } if v, ok := data["not_equals"].([]interface{}); ok && len(v) > 0 { - fieldSelector.NotEquals = flex.ExpandStringList(v) + fieldSelector.NotEquals = flex.ExpandStringValueList(v) } if v, ok := data["starts_with"].([]interface{}); ok && len(v) > 0 { - fieldSelector.StartsWith = flex.ExpandStringList(v) + fieldSelector.StartsWith = flex.ExpandStringValueList(v) } if v, ok := data["not_starts_with"].([]interface{}); ok && len(v) > 0 { - fieldSelector.NotStartsWith = flex.ExpandStringList(v) + fieldSelector.NotStartsWith = flex.ExpandStringValueList(v) } if v, ok := data["ends_with"].([]interface{}); ok && len(v) > 0 { - fieldSelector.EndsWith = flex.ExpandStringList(v) + fieldSelector.EndsWith = flex.ExpandStringValueList(v) } if v, ok := data["not_ends_with"].([]interface{}); ok && len(v) > 0 { - fieldSelector.NotEndsWith = flex.ExpandStringList(v) + fieldSelector.NotEndsWith = flex.ExpandStringValueList(v) } fieldSelectors = append(fieldSelectors, fieldSelector) @@ -777,12 +780,12 @@ func expandAdvancedEventSelectorFieldSelector(configured *schema.Set) []*cloudtr return fieldSelectors } -func flattenAdvancedEventSelector(configured []*cloudtrail.AdvancedEventSelector) []map[string]interface{} { +func flattenAdvancedEventSelector(configured []types.AdvancedEventSelector) []map[string]interface{} { advancedEventSelectors := make([]map[string]interface{}, 0, len(configured)) for _, raw := range configured { item := make(map[string]interface{}) - item["name"] = aws.StringValue(raw.Name) + item["name"] = aws.ToString(raw.Name) item["field_selector"] = flattenAdvancedEventSelectorFieldSelector(raw.FieldSelectors) advancedEventSelectors = append(advancedEventSelectors, item) @@ -791,29 +794,29 @@ func flattenAdvancedEventSelector(configured []*cloudtrail.AdvancedEventSelector return advancedEventSelectors } -func flattenAdvancedEventSelectorFieldSelector(configured []*cloudtrail.AdvancedFieldSelector) []map[string]interface{} { +func flattenAdvancedEventSelectorFieldSelector(configured []types.AdvancedFieldSelector) []map[string]interface{} { fieldSelectors := make([]map[string]interface{}, 0, len(configured)) for _, raw := range configured { item := make(map[string]interface{}) - item["field"] = aws.StringValue(raw.Field) + item["field"] = aws.ToString(raw.Field) if raw.Equals != nil { - item["equals"] = flex.FlattenStringList(raw.Equals) + item["equals"] = raw.Equals } if raw.NotEquals != nil { - item["not_equals"] = flex.FlattenStringList(raw.NotEquals) + item["not_equals"] = raw.NotEquals } if raw.StartsWith != nil { - item["starts_with"] = flex.FlattenStringList(raw.StartsWith) + item["starts_with"] = raw.StartsWith } if raw.NotStartsWith != nil { - item["not_starts_with"] = flex.FlattenStringList(raw.NotStartsWith) + item["not_starts_with"] = raw.NotStartsWith } if raw.EndsWith != nil { - item["ends_with"] = flex.FlattenStringList(raw.EndsWith) + item["ends_with"] = raw.EndsWith } if raw.NotEndsWith != nil { - item["not_ends_with"] = flex.FlattenStringList(raw.NotEndsWith) + item["not_ends_with"] = raw.NotEndsWith } fieldSelectors = append(fieldSelectors, item) @@ -822,27 +825,27 @@ func flattenAdvancedEventSelectorFieldSelector(configured []*cloudtrail.Advanced return fieldSelectors } -func setInsightSelectors(ctx context.Context, conn *cloudtrail.CloudTrail, d *schema.ResourceData) error { +func setInsightSelectors(ctx context.Context, conn *cloudtrail.Client, d *schema.ResourceData) error { input := &cloudtrail.PutInsightSelectorsInput{ InsightSelectors: expandInsightSelector(d.Get("insight_selector").([]interface{})), TrailName: aws.String(d.Id()), } - if _, err := conn.PutInsightSelectorsWithContext(ctx, input); err != nil { + if _, err := conn.PutInsightSelectors(ctx, input); err != nil { return fmt.Errorf("setting CloudTrail Trail (%s) insight selectors: %w", d.Id(), err) } return nil } -func expandInsightSelector(configured []interface{}) []*cloudtrail.InsightSelector { - insightSelectors := make([]*cloudtrail.InsightSelector, 0, len(configured)) +func expandInsightSelector(configured []interface{}) []types.InsightSelector { + insightSelectors := make([]types.InsightSelector, 0, len(configured)) for _, raw := range configured { data := raw.(map[string]interface{}) - is := &cloudtrail.InsightSelector{ - InsightType: aws.String(data["insight_type"].(string)), + is := types.InsightSelector{ + InsightType: types.InsightType(data["insight_type"].(string)), } insightSelectors = append(insightSelectors, is) } @@ -850,12 +853,12 @@ func expandInsightSelector(configured []interface{}) []*cloudtrail.InsightSelect return insightSelectors } -func flattenInsightSelector(configured []*cloudtrail.InsightSelector) []map[string]interface{} { +func flattenInsightSelector(configured []types.InsightSelector) []map[string]interface{} { insightSelectors := make([]map[string]interface{}, 0, len(configured)) for _, raw := range configured { item := make(map[string]interface{}) - item["insight_type"] = aws.StringValue(raw.InsightType) + item["insight_type"] = raw.InsightType insightSelectors = append(insightSelectors, item) } @@ -864,7 +867,7 @@ func flattenInsightSelector(configured []*cloudtrail.InsightSelector) []map[stri } // aws_cloudtrail's Schema @v5.24.0 minus validators. -func resourceCloudTrailV0() *schema.Resource { // nosemgrep:ci.cloudtrail-in-func-name +func resourceTrailV0() *schema.Resource { return &schema.Resource{ Schema: map[string]*schema.Schema{ "advanced_event_selector": { @@ -1001,7 +1004,7 @@ func resourceCloudTrailV0() *schema.Resource { // nosemgrep:ci.cloudtrail-in-fun "read_write_type": { Type: schema.TypeString, Optional: true, - Default: cloudtrail.ReadWriteTypeAll, + Default: types.ReadWriteTypeAll, }, }, }, @@ -1064,7 +1067,7 @@ func resourceCloudTrailV0() *schema.Resource { // nosemgrep:ci.cloudtrail-in-fun } } -func cloudTrailUpgradeV0(_ context.Context, rawState map[string]interface{}, meta interface{}) (map[string]interface{}, error) { // nosemgrep:ci.cloudtrail-in-func-name +func trailUpgradeV0(_ context.Context, rawState map[string]interface{}, meta interface{}) (map[string]interface{}, error) { if rawState == nil { rawState = map[string]interface{}{} } diff --git a/internal/service/cloudtrail/cloudtrail_test.go b/internal/service/cloudtrail/cloudtrail_test.go index fe838775c86f..255149916fa7 100644 --- a/internal/service/cloudtrail/cloudtrail_test.go +++ b/internal/service/cloudtrail/cloudtrail_test.go @@ -749,8 +749,8 @@ func testAccTrail_disappears(t *testing.T) { Config: testAccCloudTrailConfig_basic(rName), Check: resource.ComposeTestCheckFunc( testAccCheckTrailExists(ctx, resourceName, &trail), - acctest.CheckResourceDisappears(ctx, acctest.Provider, tfcloudtrail.ResourceCloudTrail(), resourceName), - acctest.CheckResourceDisappears(ctx, acctest.Provider, tfcloudtrail.ResourceCloudTrail(), resourceName), + acctest.CheckResourceDisappears(ctx, acctest.Provider, tfcloudtrail.ResourceTrail(), resourceName), + acctest.CheckResourceDisappears(ctx, acctest.Provider, tfcloudtrail.ResourceTrail(), resourceName), ), ExpectNonEmptyPlan: true, }, diff --git a/internal/service/cloudtrail/exports_test.go b/internal/service/cloudtrail/exports_test.go index b3bcf034ba2e..e7e6112e2af5 100644 --- a/internal/service/cloudtrail/exports_test.go +++ b/internal/service/cloudtrail/exports_test.go @@ -5,7 +5,10 @@ package cloudtrail // Exports for use in tests only. var ( - FindTrailByARN = findTrailByARN + ResourceEventDataStore = resourceEventDataStore + ResourceTrail = resourceTrail + FindEventDataStoreByARN = findEventDataStoreByARN + FindTrailByARN = findTrailByARN ServiceAccountPerRegionMap = serviceAccountPerRegionMap ) diff --git a/internal/service/cloudtrail/service_package_gen.go b/internal/service/cloudtrail/service_package_gen.go index bc2628bbfc17..0ec9acee7bcf 100644 --- a/internal/service/cloudtrail/service_package_gen.go +++ b/internal/service/cloudtrail/service_package_gen.go @@ -35,7 +35,7 @@ func (p *servicePackage) SDKDataSources(ctx context.Context) []*types.ServicePac func (p *servicePackage) SDKResources(ctx context.Context) []*types.ServicePackageSDKResource { return []*types.ServicePackageSDKResource{ { - Factory: ResourceCloudTrail, + Factory: resourceTrail, TypeName: "aws_cloudtrail", Name: "Trail", Tags: &types.ServicePackageResourceTags{ @@ -43,7 +43,7 @@ func (p *servicePackage) SDKResources(ctx context.Context) []*types.ServicePacka }, }, { - Factory: ResourceEventDataStore, + Factory: resourceEventDataStore, TypeName: "aws_cloudtrail_event_data_store", Name: "Event Data Store", Tags: &types.ServicePackageResourceTags{ From 423db233c42fe6d15dad848eb29959d22036e038 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 31 Jan 2024 17:16:20 -0500 Subject: [PATCH 08/14] r/aws_cloudtrail_event_data_store: Migrate to AWS SDK for Go v2. --- .../service/cloudtrail/event_data_store.go | 110 ++++++++++-------- 1 file changed, 60 insertions(+), 50 deletions(-) diff --git a/internal/service/cloudtrail/event_data_store.go b/internal/service/cloudtrail/event_data_store.go index b8942cecd78c..2d03e269247e 100644 --- a/internal/service/cloudtrail/event_data_store.go +++ b/internal/service/cloudtrail/event_data_store.go @@ -8,14 +8,16 @@ import ( "log" "time" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/cloudtrail" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/cloudtrail" + "github.com/aws/aws-sdk-go-v2/service/cloudtrail/types" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/enum" + "github.com/hashicorp/terraform-provider-aws/internal/errs" "github.com/hashicorp/terraform-provider-aws/internal/errs/sdkdiag" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" @@ -25,7 +27,7 @@ import ( // @SDKResource("aws_cloudtrail_event_data_store", name="Event Data Store") // @Tags(identifierAttribute="id") -func ResourceEventDataStore() *schema.Resource { +func resourceEventDataStore() *schema.Resource { return &schema.Resource{ CreateWithoutTimeout: resourceEventDataStoreCreate, ReadWithoutTimeout: resourceEventDataStoreRead, @@ -182,17 +184,16 @@ func ResourceEventDataStore() *schema.Resource { func resourceEventDataStoreCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - - conn := meta.(*conns.AWSClient).CloudTrailConn(ctx) + conn := meta.(*conns.AWSClient).CloudTrailClient(ctx) name := d.Get("name").(string) input := &cloudtrail.CreateEventDataStoreInput{ + MultiRegionEnabled: aws.Bool(d.Get("multi_region_enabled").(bool)), Name: aws.String(name), OrganizationEnabled: aws.Bool(d.Get("organization_enabled").(bool)), - MultiRegionEnabled: aws.Bool(d.Get("multi_region_enabled").(bool)), - TerminationProtectionEnabled: aws.Bool(d.Get("termination_protection_enabled").(bool)), - RetentionPeriod: aws.Int64(int64(d.Get("retention_period").(int))), + RetentionPeriod: aws.Int32(int32(d.Get("retention_period").(int))), TagsList: getTagsIn(ctx), + TerminationProtectionEnabled: aws.Bool(d.Get("termination_protection_enabled").(bool)), } if _, ok := d.GetOk("advanced_event_selector"); ok { @@ -203,15 +204,15 @@ func resourceEventDataStoreCreate(ctx context.Context, d *schema.ResourceData, m input.KmsKeyId = aws.String(v.(string)) } - output, err := conn.CreateEventDataStoreWithContext(ctx, input) + output, err := conn.CreateEventDataStore(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "creating CloudTrail Event Data Store (%s): %s", name, err) } - d.SetId(aws.StringValue(output.EventDataStoreArn)) + d.SetId(aws.ToString(output.EventDataStoreArn)) - if err := waitEventDataStoreAvailable(ctx, conn, d.Id(), d.Timeout(schema.TimeoutCreate)); err != nil { + if _, err := waitEventDataStoreAvailable(ctx, conn, d.Id(), d.Timeout(schema.TimeoutCreate)); err != nil { return sdkdiag.AppendErrorf(diags, "waiting for CloudTrail Event Data Store (%s) create: %s", name, err) } @@ -220,10 +221,9 @@ func resourceEventDataStoreCreate(ctx context.Context, d *schema.ResourceData, m func resourceEventDataStoreRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics + conn := meta.(*conns.AWSClient).CloudTrailClient(ctx) - conn := meta.(*conns.AWSClient).CloudTrailConn(ctx) - - eventDataStore, err := FindEventDataStoreByARN(ctx, conn, d.Id()) + output, err := findEventDataStoreByARN(ctx, conn, d.Id()) if !d.IsNewResource() && tfresource.NotFound(err) { log.Printf("[WARN] CloudTrail Event Data Store (%s) not found, removing from state", d.Id()) @@ -235,24 +235,23 @@ func resourceEventDataStoreRead(ctx context.Context, d *schema.ResourceData, met return sdkdiag.AppendErrorf(diags, "reading CloudTrail Event Data Store (%s): %s", d.Id(), err) } - if err := d.Set("advanced_event_selector", flattenAdvancedEventSelector(eventDataStore.AdvancedEventSelectors)); err != nil { + if err := d.Set("advanced_event_selector", flattenAdvancedEventSelector(output.AdvancedEventSelectors)); err != nil { return sdkdiag.AppendErrorf(diags, "setting advanced_event_selector: %s", err) } - d.Set("arn", eventDataStore.EventDataStoreArn) - d.Set("kms_key_id", eventDataStore.KmsKeyId) - d.Set("multi_region_enabled", eventDataStore.MultiRegionEnabled) - d.Set("name", eventDataStore.Name) - d.Set("organization_enabled", eventDataStore.OrganizationEnabled) - d.Set("retention_period", eventDataStore.RetentionPeriod) - d.Set("termination_protection_enabled", eventDataStore.TerminationProtectionEnabled) + d.Set("arn", output.EventDataStoreArn) + d.Set("kms_key_id", output.KmsKeyId) + d.Set("multi_region_enabled", output.MultiRegionEnabled) + d.Set("name", output.Name) + d.Set("organization_enabled", output.OrganizationEnabled) + d.Set("retention_period", output.RetentionPeriod) + d.Set("termination_protection_enabled", output.TerminationProtectionEnabled) return diags } func resourceEventDataStoreUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - - conn := meta.(*conns.AWSClient).CloudTrailConn(ctx) + conn := meta.(*conns.AWSClient).CloudTrailClient(ctx) if d.HasChangesExcept("tags", "tags_all") { input := &cloudtrail.UpdateEventDataStoreInput{ @@ -276,20 +275,20 @@ func resourceEventDataStoreUpdate(ctx context.Context, d *schema.ResourceData, m } if d.HasChange("retention_period") { - input.RetentionPeriod = aws.Int64(int64(d.Get("retention_period").(int))) + input.RetentionPeriod = aws.Int32(int32(d.Get("retention_period").(int))) } if d.HasChange("termination_protection_enabled") { input.TerminationProtectionEnabled = aws.Bool(d.Get("termination_protection_enabled").(bool)) } - _, err := conn.UpdateEventDataStoreWithContext(ctx, input) + _, err := conn.UpdateEventDataStore(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "updating CloudTrail Event Data Store (%s): %s", d.Id(), err) } - if err := waitEventDataStoreAvailable(ctx, conn, d.Id(), d.Timeout(schema.TimeoutUpdate)); err != nil { + if _, err := waitEventDataStoreAvailable(ctx, conn, d.Id(), d.Timeout(schema.TimeoutUpdate)); err != nil { return sdkdiag.AppendErrorf(diags, "waiting for CloudTrail Event Data Store (%s) update: %s", d.Id(), err) } } @@ -299,15 +298,14 @@ func resourceEventDataStoreUpdate(ctx context.Context, d *schema.ResourceData, m func resourceEventDataStoreDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { var diags diag.Diagnostics - - conn := meta.(*conns.AWSClient).CloudTrailConn(ctx) + conn := meta.(*conns.AWSClient).CloudTrailClient(ctx) log.Printf("[DEBUG] Deleting CloudTrail Event Data Store: %s", d.Id()) - _, err := conn.DeleteEventDataStoreWithContext(ctx, &cloudtrail.DeleteEventDataStoreInput{ + _, err := conn.DeleteEventDataStore(ctx, &cloudtrail.DeleteEventDataStoreInput{ EventDataStore: aws.String(d.Id()), }) - if tfawserr.ErrCodeEquals(err, cloudtrail.ErrCodeEventDataStoreNotFoundException) { + if errs.IsA[*types.EventDataStoreNotFoundException](err) { return diags } @@ -315,21 +313,21 @@ func resourceEventDataStoreDelete(ctx context.Context, d *schema.ResourceData, m return sdkdiag.AppendErrorf(diags, "deleting CloudTrail Event Data Store (%s): %s", d.Id(), err) } - if err := waitEventDataStoreDeleted(ctx, conn, d.Id(), d.Timeout(schema.TimeoutDelete)); err != nil { + if _, err := waitEventDataStoreDeleted(ctx, conn, d.Id(), d.Timeout(schema.TimeoutDelete)); err != nil { return sdkdiag.AppendErrorf(diags, "waiting for CloudTrail Event Data Store (%s) delete: %s", d.Id(), err) } return diags } -func FindEventDataStoreByARN(ctx context.Context, conn *cloudtrail.CloudTrail, arn string) (*cloudtrail.GetEventDataStoreOutput, error) { +func findEventDataStoreByARN(ctx context.Context, conn *cloudtrail.Client, arn string) (*cloudtrail.GetEventDataStoreOutput, error) { input := cloudtrail.GetEventDataStoreInput{ EventDataStore: aws.String(arn), } - output, err := conn.GetEventDataStoreWithContext(ctx, &input) + output, err := conn.GetEventDataStore(ctx, &input) - if tfawserr.ErrCodeEquals(err, cloudtrail.ErrCodeEventDataStoreNotFoundException) { + if errs.IsA[*types.EventDataStoreNotFoundException](err) { return nil, &retry.NotFoundError{ LastError: err, LastRequest: input, @@ -340,9 +338,13 @@ func FindEventDataStoreByARN(ctx context.Context, conn *cloudtrail.CloudTrail, a return nil, err } - if status := aws.StringValue(output.Status); status == cloudtrail.EventDataStoreStatusPendingDeletion { + if output == nil { + return nil, tfresource.NewEmptyResultError(input) + } + + if status := output.Status; status == types.EventDataStoreStatusPendingDeletion { return nil, &retry.NotFoundError{ - Message: status, + Message: string(status), LastRequest: input, } } @@ -350,9 +352,9 @@ func FindEventDataStoreByARN(ctx context.Context, conn *cloudtrail.CloudTrail, a return output, nil } -func statusEventDataStore(ctx context.Context, conn *cloudtrail.CloudTrail, arn string) retry.StateRefreshFunc { +func statusEventDataStore(ctx context.Context, conn *cloudtrail.Client, arn string) retry.StateRefreshFunc { return func() (interface{}, string, error) { - eventDataStore, err := FindEventDataStoreByARN(ctx, conn, arn) + output, err := findEventDataStoreByARN(ctx, conn, arn) if tfresource.NotFound(err) { return nil, "", nil @@ -362,32 +364,40 @@ func statusEventDataStore(ctx context.Context, conn *cloudtrail.CloudTrail, arn return nil, "", err } - return eventDataStore, aws.StringValue(eventDataStore.Status), nil + return output, string(output.Status), nil } } -func waitEventDataStoreAvailable(ctx context.Context, conn *cloudtrail.CloudTrail, arn string, timeout time.Duration) error { +func waitEventDataStoreAvailable(ctx context.Context, conn *cloudtrail.Client, arn string, timeout time.Duration) (*cloudtrail.GetEventDataStoreOutput, error) { stateConf := &retry.StateChangeConf{ - Pending: []string{cloudtrail.EventDataStoreStatusCreated}, - Target: []string{cloudtrail.EventDataStoreStatusEnabled}, + Pending: enum.Slice(types.EventDataStoreStatusCreated), + Target: enum.Slice(types.EventDataStoreStatusEnabled), Refresh: statusEventDataStore(ctx, conn, arn), Timeout: timeout, } - _, err := stateConf.WaitForStateContext(ctx) + outputRaw, err := stateConf.WaitForStateContext(ctx) - return err + if output, ok := outputRaw.(*cloudtrail.GetEventDataStoreOutput); ok { + return output, err + } + + return nil, err } -func waitEventDataStoreDeleted(ctx context.Context, conn *cloudtrail.CloudTrail, arn string, timeout time.Duration) error { +func waitEventDataStoreDeleted(ctx context.Context, conn *cloudtrail.Client, arn string, timeout time.Duration) (*cloudtrail.GetEventDataStoreOutput, error) { stateConf := &retry.StateChangeConf{ - Pending: []string{cloudtrail.EventDataStoreStatusCreated, cloudtrail.EventDataStoreStatusEnabled}, + Pending: enum.Slice(types.EventDataStoreStatusCreated, types.EventDataStoreStatusEnabled), Target: []string{}, Refresh: statusEventDataStore(ctx, conn, arn), Timeout: timeout, } - _, err := stateConf.WaitForStateContext(ctx) + outputRaw, err := stateConf.WaitForStateContext(ctx) + + if output, ok := outputRaw.(*cloudtrail.GetEventDataStoreOutput); ok { + return output, err + } - return err + return nil, err } From 089896649534f57d1b09cad4ea7663dac936ad00 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 31 Jan 2024 17:30:57 -0500 Subject: [PATCH 09/14] cloudtrail: Migrate sweepers to AWS SDK for Go v2. --- internal/service/cloudtrail/sweep.go | 90 +++++++++++++--------------- 1 file changed, 41 insertions(+), 49 deletions(-) diff --git a/internal/service/cloudtrail/sweep.go b/internal/service/cloudtrail/sweep.go index 9ed0b3a751df..4d5acd464ac7 100644 --- a/internal/service/cloudtrail/sweep.go +++ b/internal/service/cloudtrail/sweep.go @@ -7,88 +7,80 @@ import ( "fmt" "log" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/cloudtrail" - "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" - "github.com/hashicorp/go-multierror" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/cloudtrail" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-provider-aws/internal/sweep" - "github.com/hashicorp/terraform-provider-aws/internal/sweep/awsv1" + "github.com/hashicorp/terraform-provider-aws/internal/sweep/awsv2" + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" ) func RegisterSweepers() { resource.AddTestSweepers("aws_cloudtrail", &resource.Sweeper{ Name: "aws_cloudtrail", - F: sweeps, + F: sweepTrails, }) } -func sweeps(region string) error { +func sweepTrails(region string) error { ctx := sweep.Context(region) client, err := sweep.SharedRegionalSweepClient(ctx, region) if err != nil { return fmt.Errorf("error getting client: %w", err) } - conn := client.CloudTrailConn(ctx) - var sweeperErrs *multierror.Error + conn := client.CloudTrailClient(ctx) + input := &cloudtrail.ListTrailsInput{} + sweepResources := make([]sweep.Sweepable, 0) - err = conn.ListTrailsPagesWithContext(ctx, &cloudtrail.ListTrailsInput{}, func(page *cloudtrail.ListTrailsOutput, lastPage bool) bool { - if page == nil { - return !lastPage + pages := cloudtrail.NewListTrailsPaginator(conn, input) + for pages.HasMorePages() { + page, err := pages.NextPage(ctx) + + if awsv2.SkipSweepError(err) { + log.Printf("[WARN] Skipping CloudTrail Trail sweep for %s: %s", region, err) + return nil } - for _, trail := range page.Trails { - name := aws.StringValue(trail.Name) + if err != nil { + return fmt.Errorf("error listing CloudTrail Trails (%s): %w", region, err) + } - if name == "AWSMacieTrail-DO-NOT-EDIT" { - log.Printf("[INFO] Skipping AWSMacieTrail-DO-NOT-EDIT for Macie Classic, which is not automatically recreated by the service") - continue - } + for _, v := range page.Trails { + arn := aws.ToString(v.TrailARN) - output, err := conn.DescribeTrailsWithContext(ctx, &cloudtrail.DescribeTrailsInput{ - TrailNameList: aws.StringSlice([]string{name}), - }) - if err != nil { - sweeperErr := fmt.Errorf("error describing CloudTrail (%s): %w", name, err) - log.Printf("[ERROR] %s", sweeperErr) - sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + if name := aws.ToString(v.Name); name == "AWSMacieTrail-DO-NOT-EDIT" { + log.Printf("[INFO] Skipping CloudTrail Trail %s", arn) continue } - if len(output.TrailList) == 0 { - log.Printf("[INFO] CloudTrail (%s) not found, skipping", name) - continue - } + trail, err := findTrailByARN(ctx, conn, arn) - if aws.BoolValue(output.TrailList[0].IsOrganizationTrail) { - log.Printf("[INFO] CloudTrail (%s) is an organization trail, skipping", name) + if tfresource.NotFound(err) { continue } - log.Printf("[INFO] Deleting CloudTrail: %s", name) - _, err = conn.DeleteTrailWithContext(ctx, &cloudtrail.DeleteTrailInput{ - Name: aws.String(name), - }) - if tfawserr.ErrCodeEquals(err, cloudtrail.ErrCodeTrailNotFoundException) { - continue - } if err != nil { - sweeperErr := fmt.Errorf("error deleting CloudTrail (%s): %w", name, err) - log.Printf("[ERROR] %s", sweeperErr) - sweeperErrs = multierror.Append(sweeperErrs, sweeperErr) + return fmt.Errorf("error reading CloudTrail Trail (%s): %w", arn, err) + } + + if aws.ToBool(trail.IsOrganizationTrail) { + log.Printf("[INFO] Skipping CloudTrail Trail %s: IsOrganizationTrail", arn) continue } - } - return !lastPage - }) - if awsv1.SkipSweepError(err) { - log.Printf("[WARN] Skipping CloudTrail sweep for %s: %s", region, err) - return sweeperErrs.ErrorOrNil() // In case we have completed some pages, but had errors + r := resourceTrail() + d := r.Data(nil) + d.SetId(arn) + + sweepResources = append(sweepResources, sweep.NewSweepResource(r, d, client)) + } } + + err = sweep.SweepOrchestrator(ctx, sweepResources) + if err != nil { - sweeperErrs = multierror.Append(sweeperErrs, fmt.Errorf("error retrieving CloudTrails: %w", err)) + return fmt.Errorf("error sweeping CloudTrail Trails (%s): %w", region, err) } - return sweeperErrs.ErrorOrNil() + return nil } From c07c013d11e9ff255f246c7a3ad22fd7d26154f3 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 31 Jan 2024 17:36:48 -0500 Subject: [PATCH 10/14] cloudtrail: Migrate acceptance tests to AWS SDK for Go v2. --- .../service/cloudtrail/cloudtrail_test.go | 89 ++++++++++--------- .../cloudtrail/event_data_store_test.go | 22 ++--- names/names.go | 1 + 3 files changed, 55 insertions(+), 57 deletions(-) diff --git a/internal/service/cloudtrail/cloudtrail_test.go b/internal/service/cloudtrail/cloudtrail_test.go index 255149916fa7..a9e52ad88b87 100644 --- a/internal/service/cloudtrail/cloudtrail_test.go +++ b/internal/service/cloudtrail/cloudtrail_test.go @@ -9,8 +9,9 @@ import ( "testing" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/cloudtrail" + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/aws/aws-sdk-go-v2/service/cloudtrail" + "github.com/aws/aws-sdk-go-v2/service/cloudtrail/types" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" @@ -18,10 +19,11 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" tfcloudtrail "github.com/hashicorp/terraform-provider-aws/internal/service/cloudtrail" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func init() { - acctest.RegisterServiceErrorCheckFunc(cloudtrail.EndpointsID, testAccErrorCheckSkip) + acctest.RegisterServiceErrorCheckFunc(names.CloudTrailEndpointID, testAccErrorCheckSkip) } // testAccErrorCheckSkip skips CloudTrail tests that have error messages indicating unsupported features @@ -60,13 +62,13 @@ func TestAccCloudTrail_serial(t *testing.T) { func testAccTrail_basic(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -107,13 +109,13 @@ func testAccTrail_basic(t *testing.T) { func testAccTrail_cloudWatch(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -149,13 +151,13 @@ func testAccTrail_cloudWatch(t *testing.T) { func testAccTrail_enableLogging(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -204,13 +206,13 @@ func testAccTrail_enableLogging(t *testing.T) { func testAccTrail_multiRegion(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -252,13 +254,13 @@ func testAccTrail_multiRegion(t *testing.T) { func testAccTrail_organization(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckOrganizationManagementAccount(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -291,13 +293,13 @@ func testAccTrail_organization(t *testing.T) { func testAccTrail_logValidation(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -332,7 +334,7 @@ func testAccTrail_logValidation(t *testing.T) { func testAccTrail_kmsKey(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" @@ -340,7 +342,7 @@ func testAccTrail_kmsKey(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -365,13 +367,13 @@ func testAccTrail_kmsKey(t *testing.T) { func testAccTrail_tags(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -411,13 +413,13 @@ func testAccTrail_tags(t *testing.T) { func testAccTrail_globalServiceEvents(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -444,7 +446,7 @@ func testAccTrail_eventSelector(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -516,7 +518,7 @@ func testAccTrail_eventSelectorDynamoDB(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -543,7 +545,7 @@ func testAccTrail_eventSelectorExclude(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -593,7 +595,7 @@ func testAccTrail_insightSelector(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -641,7 +643,7 @@ func testAccTrail_advancedEventSelector(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -735,13 +737,13 @@ func testAccTrail_advancedEventSelector(t *testing.T) { func testAccTrail_disappears(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ @@ -760,13 +762,13 @@ func testAccTrail_disappears(t *testing.T) { func testAccTrail_migrateV0(t *testing.T) { ctx := acctest.Context(t) - var trail cloudtrail.Trail + var trail types.Trail rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) resourceName := "aws_cloudtrail.test" resource.Test(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), CheckDestroy: testAccCheckTrailDestroy(ctx), Steps: []resource.TestStep{ { @@ -798,14 +800,14 @@ func testAccTrail_migrateV0(t *testing.T) { }) } -func testAccCheckTrailExists(ctx context.Context, n string, v *cloudtrail.Trail) resource.TestCheckFunc { +func testAccCheckTrailExists(ctx context.Context, n string, v *types.Trail) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] if !ok { return fmt.Errorf("Not found: %s", n) } - conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailClient(ctx) output, err := tfcloudtrail.FindTrailByARN(ctx, conn, rs.Primary.ID) @@ -819,33 +821,32 @@ func testAccCheckTrailExists(ctx context.Context, n string, v *cloudtrail.Trail) } } -func testAccCheckLoggingEnabled(ctx context.Context, n string, desired bool) resource.TestCheckFunc { +func testAccCheckLoggingEnabled(ctx context.Context, n string, want bool) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] if !ok { return fmt.Errorf("Not found: %s", n) } - conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailConn(ctx) - params := cloudtrail.GetTrailStatusInput{ + conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailClient(ctx) + + output, err := conn.GetTrailStatus(ctx, &cloudtrail.GetTrailStatusInput{ Name: aws.String(rs.Primary.ID), - } - resp, err := conn.GetTrailStatusWithContext(ctx, ¶ms) + }) if err != nil { return err } - isLog := aws.BoolValue(resp.IsLogging) - if isLog != desired { - return fmt.Errorf("Expected logging status %t, given %t", desired, isLog) + if got := aws.ToBool(output.IsLogging); got != want { + return fmt.Errorf("Expected logging status %t, given %t", want, got) } return nil } } -func testAccCheckLogValidationEnabled(n string, desired bool, trail *cloudtrail.Trail) resource.TestCheckFunc { +func testAccCheckLogValidationEnabled(n string, desired bool, trail *types.Trail) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.RootModule().Resources[n] if !ok { @@ -853,10 +854,10 @@ func testAccCheckLogValidationEnabled(n string, desired bool, trail *cloudtrail. } if trail.LogFileValidationEnabled == nil { - return fmt.Errorf("No LogFileValidationEnabled attribute present in trail: %s", trail) + return fmt.Errorf("No LogFileValidationEnabled attribute present") } - logValid := aws.BoolValue(trail.LogFileValidationEnabled) + logValid := aws.ToBool(trail.LogFileValidationEnabled) if logValid != desired { return fmt.Errorf("Expected log validation status %t, given %t", desired, logValid) } @@ -878,7 +879,7 @@ func testAccCheckLogValidationEnabled(n string, desired bool, trail *cloudtrail. func testAccCheckTrailDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_cloudtrail" { diff --git a/internal/service/cloudtrail/event_data_store_test.go b/internal/service/cloudtrail/event_data_store_test.go index f9f01c92db6c..c77b31206474 100644 --- a/internal/service/cloudtrail/event_data_store_test.go +++ b/internal/service/cloudtrail/event_data_store_test.go @@ -9,7 +9,6 @@ import ( "testing" "github.com/YakDriver/regexache" - "github.com/aws/aws-sdk-go/service/cloudtrail" sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" @@ -17,6 +16,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" tfcloudtrail "github.com/hashicorp/terraform-provider-aws/internal/service/cloudtrail" "github.com/hashicorp/terraform-provider-aws/internal/tfresource" + "github.com/hashicorp/terraform-provider-aws/names" ) func TestAccCloudTrailEventDataStore_basic(t *testing.T) { @@ -26,7 +26,7 @@ func TestAccCloudTrailEventDataStore_basic(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckEventDataStoreDestroy(ctx), Steps: []resource.TestStep{ @@ -68,7 +68,7 @@ func TestAccCloudTrailEventDataStore_kmsKeyId(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckEventDataStoreDestroy(ctx), Steps: []resource.TestStep{ @@ -99,7 +99,7 @@ func TestAccCloudTrailEventDataStore_disappears(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckEventDataStoreDestroy(ctx), Steps: []resource.TestStep{ @@ -122,7 +122,7 @@ func TestAccCloudTrailEventDataStore_tags(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckEventDataStoreDestroy(ctx), Steps: []resource.TestStep{ @@ -167,7 +167,7 @@ func TestAccCloudTrailEventDataStore_options(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t); acctest.PreCheckOrganizationManagementAccount(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckEventDataStoreDestroy(ctx), Steps: []resource.TestStep{ @@ -207,7 +207,7 @@ func TestAccCloudTrailEventDataStore_advancedEventSelector(t *testing.T) { resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { acctest.PreCheck(ctx, t) }, - ErrorCheck: acctest.ErrorCheck(t, cloudtrail.EndpointsID), + ErrorCheck: acctest.ErrorCheck(t, names.CloudTrailEndpointID), ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, CheckDestroy: testAccCheckEventDataStoreDestroy(ctx), Steps: []resource.TestStep{ @@ -302,11 +302,7 @@ func testAccCheckEventDataStoreExists(ctx context.Context, n string) resource.Te return fmt.Errorf("Not found: %s", n) } - if rs.Primary.ID == "" { - return fmt.Errorf("No CloudTrail Event Data Store ID is set") - } - - conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailClient(ctx) _, err := tfcloudtrail.FindEventDataStoreByARN(ctx, conn, rs.Primary.ID) @@ -316,7 +312,7 @@ func testAccCheckEventDataStoreExists(ctx context.Context, n string) resource.Te func testAccCheckEventDataStoreDestroy(ctx context.Context) resource.TestCheckFunc { return func(s *terraform.State) error { - conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailConn(ctx) + conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailClient(ctx) for _, rs := range s.RootModule().Resources { if rs.Type != "aws_cloudtrail_event_data_store" { diff --git a/names/names.go b/names/names.go index 867e0626176e..bfd5213da244 100644 --- a/names/names.go +++ b/names/names.go @@ -38,6 +38,7 @@ const ( ChimeSDKVoiceEndpointID = "voice-chime" ChimeSDKMediaPipelinesEndpointID = "media-pipelines-chime" CleanRoomsEndpointID = "cleanrooms" + CloudTrailEndpointID = "cloudtrail" CloudWatchLogsEndpointID = "logs" CodeArtifactEndpointID = "codeartifact" CodeBuildEndpointID = "codebuild" From a0ac77a1227e723537a9fbc0bc88f520c3ee65fa Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 1 Feb 2024 07:53:17 -0500 Subject: [PATCH 11/14] Add 'cloudtrail.FindTrailInfoByName'. --- internal/service/cloudtrail/cloudtrail.go | 34 +++++++++++++++++ internal/service/cloudtrail/exports.go | 9 +++++ .../controltower/controls_data_source_test.go | 38 ++++--------------- 3 files changed, 51 insertions(+), 30 deletions(-) create mode 100644 internal/service/cloudtrail/exports.go diff --git a/internal/service/cloudtrail/cloudtrail.go b/internal/service/cloudtrail/cloudtrail.go index 5106a5a533fc..884c93be4772 100644 --- a/internal/service/cloudtrail/cloudtrail.go +++ b/internal/service/cloudtrail/cloudtrail.go @@ -589,6 +589,40 @@ func findTrails(ctx context.Context, conn *cloudtrail.Client, input *cloudtrail. return output.TrailList, nil } +func findTrailInfoByName(ctx context.Context, conn *cloudtrail.Client, name string) (*types.TrailInfo, error) { + output, err := findTrailInfos(ctx, conn, func(v *types.TrailInfo) bool { + return aws.ToString(v.Name) == name + }) + + if err != nil { + return nil, err + } + + return tfresource.AssertSingleValueResult(output) +} + +func findTrailInfos(ctx context.Context, conn *cloudtrail.Client, filter tfslices.Predicate[*types.TrailInfo]) ([]types.TrailInfo, error) { + input := &cloudtrail.ListTrailsInput{} + var output []types.TrailInfo + + pages := cloudtrail.NewListTrailsPaginator(conn, input) + for pages.HasMorePages() { + page, err := pages.NextPage(ctx) + + if err != nil { + return nil, err + } + + for _, v := range page.Trails { + if filter(&v) { + output = append(output, v) + } + } + } + + return output, nil +} + func setLogging(ctx context.Context, conn *cloudtrail.Client, name string, enabled bool) error { if enabled { input := &cloudtrail.StartLoggingInput{ diff --git a/internal/service/cloudtrail/exports.go b/internal/service/cloudtrail/exports.go new file mode 100644 index 000000000000..ec558caf5dfe --- /dev/null +++ b/internal/service/cloudtrail/exports.go @@ -0,0 +1,9 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package cloudtrail + +// Exports for use in other packages. +var ( + FindTrailInfoByName = findTrailInfoByName +) diff --git a/internal/service/controltower/controls_data_source_test.go b/internal/service/controltower/controls_data_source_test.go index 127f8431f083..0aab2d815c15 100644 --- a/internal/service/controltower/controls_data_source_test.go +++ b/internal/service/controltower/controls_data_source_test.go @@ -8,10 +8,11 @@ import ( "fmt" "testing" - "github.com/aws/aws-sdk-go/service/cloudtrail" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-provider-aws/internal/acctest" "github.com/hashicorp/terraform-provider-aws/internal/conns" + tfcloudtrail "github.com/hashicorp/terraform-provider-aws/internal/service/cloudtrail" + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" "github.com/hashicorp/terraform-provider-aws/names" ) @@ -40,40 +41,17 @@ func TestAccControlTowerControlsDataSource_basic(t *testing.T) { } func testAccPreCheck(ctx context.Context, t *testing.T) { - // leverage the control tower created "aws-controltower-BaselineCloudTrail" to confirm control tower is deployed - var trails []string - conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailConn(ctx) + // Leverage the Control Tower created "aws-controltower-BaselineCloudTrail" to confirm Control Tower is deployed. + conn := acctest.Provider.Meta().(*conns.AWSClient).CloudTrailClient(ctx) + _, err := tfcloudtrail.FindTrailInfoByName(ctx, conn, "aws-controltower-BaselineCloudTrail") - input := &cloudtrail.ListTrailsInput{} - err := conn.ListTrailsPagesWithContext(ctx, input, func(page *cloudtrail.ListTrailsOutput, lastPage bool) bool { - if page == nil { - return !lastPage - } - - for _, trail := range page.Trails { - if trail == nil { - continue - } - trails = append(trails, *trail.Name) - } - - return !lastPage - }) + if tfresource.NotFound(err) { + t.Skip("skipping since Control Tower not found") + } if err != nil { t.Fatalf("unexpected PreCheck error: %s", err) } - - // Ensure there is a Control Tower trail - ctTrail := false - for _, t := range trails { - if t == "aws-controltower-BaselineCloudTrail" { - ctTrail = true - } - } - if !ctTrail { - t.Skip("skipping since Control Tower not found") - } } func testAccControlsDataSourceConfig_id(ouName string) string { From 0929b5dc947e17d68323b95401f83fb93165b4e1 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 1 Feb 2024 08:19:10 -0500 Subject: [PATCH 12/14] Fix semgrep 'dgryski.semgrep-go.oddifsequence.odd-sequence-ifs'. --- internal/service/cloudtrail/cloudtrail.go | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/internal/service/cloudtrail/cloudtrail.go b/internal/service/cloudtrail/cloudtrail.go index 884c93be4772..5a52f6d9511a 100644 --- a/internal/service/cloudtrail/cloudtrail.go +++ b/internal/service/cloudtrail/cloudtrail.go @@ -314,11 +314,8 @@ func resourceTrailCreate(ctx context.Context, d *schema.ResourceData, meta inter return conn.CreateTrail(ctx, input) }, func(err error) (bool, error) { - if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsRoleArnException](err, "Access denied.") { - return true, err - } - - if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsLogGroupArnException](err, "Access denied.") { + if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsRoleArnException](err, "Access denied.") || + errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsLogGroupArnException](err, "Access denied.") { return true, err } @@ -493,11 +490,8 @@ func resourceTrailUpdate(ctx context.Context, d *schema.ResourceData, meta inter return conn.UpdateTrail(ctx, input) }, func(err error) (bool, error) { - if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsRoleArnException](err, "Access denied.") { - return true, err - } - - if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsLogGroupArnException](err, "Access denied.") { + if errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsRoleArnException](err, "Access denied.") || + errs.IsAErrorMessageContains[*types.InvalidCloudWatchLogsLogGroupArnException](err, "Access denied.") { return true, err } From 076305bd09d6f23225ef66c23bbb30298abea519 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 1 Feb 2024 11:23:27 -0500 Subject: [PATCH 13/14] Fix golangci-lint 'unparam'. --- internal/service/cloudtrail/event_data_store.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/service/cloudtrail/event_data_store.go b/internal/service/cloudtrail/event_data_store.go index 2d03e269247e..35f52a923d21 100644 --- a/internal/service/cloudtrail/event_data_store.go +++ b/internal/service/cloudtrail/event_data_store.go @@ -368,7 +368,7 @@ func statusEventDataStore(ctx context.Context, conn *cloudtrail.Client, arn stri } } -func waitEventDataStoreAvailable(ctx context.Context, conn *cloudtrail.Client, arn string, timeout time.Duration) (*cloudtrail.GetEventDataStoreOutput, error) { +func waitEventDataStoreAvailable(ctx context.Context, conn *cloudtrail.Client, arn string, timeout time.Duration) (*cloudtrail.GetEventDataStoreOutput, error) { //nolint:unparam stateConf := &retry.StateChangeConf{ Pending: enum.Slice(types.EventDataStoreStatusCreated), Target: enum.Slice(types.EventDataStoreStatusEnabled), From 759ae30ab536eead1e4e55b0a2b31f65da72b357 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Thu, 1 Feb 2024 11:26:28 -0500 Subject: [PATCH 14/14] Suppress staticcheck 'SA1019: trail.SnsTopicName is deprecated: This member has been deprecated'. --- .ci/.golangci2.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/.golangci2.yml b/.ci/.golangci2.yml index fb7cb755ea43..98120b320df2 100644 --- a/.ci/.golangci2.yml +++ b/.ci/.golangci2.yml @@ -49,7 +49,7 @@ issues: - linters: - staticcheck path: "internal/service/cloudtrail" - text: "SA1019: \\w+.(\\w+) is deprecated: (\\w+) has been deprecated" + text: "SA1019: \\w+.(\\w+) is deprecated: This member has been deprecated" - linters: - staticcheck path: internal/service/detective/