Adding initial files

hashicorp · Apr 20, 2022 · 19a63f1 · 19a63f1
1 parent 0fbc9cd
commit 19a63f1
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 0 deletions.
diff --git a/.changelog/24315.txt b/.changelog/24315.txt
@@ -0,0 +1,4 @@
+```release-note:note:enhancement
+resource/aws_lakeformation_permissions: Add LF-tag support
+datasource/aws_lakeformation_permissions: Add LF-tag support
+```
diff --git a/internal/service/lakeformation/filter.go b/internal/service/lakeformation/filter.go
@@ -31,6 +31,14 @@ func FilterPermissions(input *lakeformation.ListPermissionsInput, tableType stri
 		return FilterDatabasePermissions(input.Principal.DataLakePrincipalIdentifier, allPermissions)
 	}
 
+	if input.Resource.LFTag != nil {
+		return FilterLFTagPermissions(input.Principal.DataLakePrincipalIdentifier, allPermissions)
+	}
+
+	if input.Resource.LFTagPolicy != nil {
+		return FilterLFTagPolicyPermissions(input.Principal.DataLakePrincipalIdentifier, allPermissions)
+	}
+
 	if tableType == TableTypeTableWithColumns {
 		return FilterTableWithColumnsPermissions(input.Principal.DataLakePrincipalIdentifier, input.Resource.Table, columnNames, excludedColumnNames, columnWildcard, allPermissions)
 	}
@@ -176,3 +184,35 @@ func FilterDatabasePermissions(principal *string, allPermissions []*lakeformatio
 
 	return cleanPermissions
 }
+
+func FilterLFTagPermissions(principal *string, allPermissions []*lakeformation.PrincipalResourcePermissions) []*lakeformation.PrincipalResourcePermissions {
+	var cleanPermissions []*lakeformation.PrincipalResourcePermissions
+
+	for _, perm := range allPermissions {
+		if aws.StringValue(principal) != aws.StringValue(perm.Principal.DataLakePrincipalIdentifier) {
+			continue
+		}
+
+		if perm.Resource.LFTag != nil {
+			cleanPermissions = append(cleanPermissions, perm)
+		}
+	}
+
+	return cleanPermissions
+}
+
+func FilterLFTagPolicyPermissions(principal *string, allPermissions []*lakeformation.PrincipalResourcePermissions) []*lakeformation.PrincipalResourcePermissions {
+	var cleanPermissions []*lakeformation.PrincipalResourcePermissions
+
+	for _, perm := range allPermissions {
+		if aws.StringValue(principal) != aws.StringValue(perm.Principal.DataLakePrincipalIdentifier) {
+			continue
+		}
+
+		if perm.Resource.LFTagPolicy != nil {
+			cleanPermissions = append(cleanPermissions, perm)
+		}
+	}
+
+	return cleanPermissions
+}
diff --git a/internal/service/lakeformation/lakeformation_test.go b/internal/service/lakeformation/lakeformation_test.go
@@ -19,11 +19,15 @@ func TestAccLakeFormation_serial(t *testing.T) {
 			"databaseMultiple":   testAccPermissions_databaseMultiple,
 			"dataLocation":       testAccPermissions_dataLocation,
 			"disappears":         testAccPermissions_disappears,
+			"lfTag":              testAccAWSLakeFormationPermissions_lf_tag,
+			"lfTagPolicy":        testAccAWSLakeFormationPermissions_lf_tag_policy,
 		},
 		"PermissionsDataSource": {
 			"basic":            testAccPermissionsDataSource_basic,
 			"database":         testAccPermissionsDataSource_database,
 			"dataLocation":     testAccPermissionsDataSource_dataLocation,
+			"lfTag":            testAccPermissionsDataSource_lf_tag,
+			"lfTagPolicy":      testAccPermissionsDataSource_lf_tag_policy,
 			"table":            testAccPermissionsDataSource_table,
 			"tableWithColumns": testAccPermissionsDataSource_tableWithColumns,
 		},