From 19a63f168305c4474637d4d3253819e576da2601 Mon Sep 17 00:00:00 2001 From: Steven Ayers Date: Wed, 20 Apr 2022 08:18:00 +0100 Subject: [PATCH] Adding initial files --- .changelog/24315.txt | 4 ++ internal/service/lakeformation/filter.go | 40 +++++++++++++++++++ .../lakeformation/lakeformation_test.go | 4 ++ 3 files changed, 48 insertions(+) create mode 100644 .changelog/24315.txt diff --git a/.changelog/24315.txt b/.changelog/24315.txt new file mode 100644 index 00000000000..6c734dd5da3 --- /dev/null +++ b/.changelog/24315.txt @@ -0,0 +1,4 @@ +```release-note:note:enhancement +resource/aws_lakeformation_permissions: Add LF-tag support +datasource/aws_lakeformation_permissions: Add LF-tag support +``` \ No newline at end of file diff --git a/internal/service/lakeformation/filter.go b/internal/service/lakeformation/filter.go index d2c60486dc8..d37dcc0dced 100644 --- a/internal/service/lakeformation/filter.go +++ b/internal/service/lakeformation/filter.go @@ -31,6 +31,14 @@ func FilterPermissions(input *lakeformation.ListPermissionsInput, tableType stri return FilterDatabasePermissions(input.Principal.DataLakePrincipalIdentifier, allPermissions) } + if input.Resource.LFTag != nil { + return FilterLFTagPermissions(input.Principal.DataLakePrincipalIdentifier, allPermissions) + } + + if input.Resource.LFTagPolicy != nil { + return FilterLFTagPolicyPermissions(input.Principal.DataLakePrincipalIdentifier, allPermissions) + } + if tableType == TableTypeTableWithColumns { return FilterTableWithColumnsPermissions(input.Principal.DataLakePrincipalIdentifier, input.Resource.Table, columnNames, excludedColumnNames, columnWildcard, allPermissions) } @@ -176,3 +184,35 @@ func FilterDatabasePermissions(principal *string, allPermissions []*lakeformatio return cleanPermissions } + +func FilterLFTagPermissions(principal *string, allPermissions []*lakeformation.PrincipalResourcePermissions) []*lakeformation.PrincipalResourcePermissions { + var cleanPermissions []*lakeformation.PrincipalResourcePermissions + + for _, perm := range allPermissions { + if aws.StringValue(principal) != aws.StringValue(perm.Principal.DataLakePrincipalIdentifier) { + continue + } + + if perm.Resource.LFTag != nil { + cleanPermissions = append(cleanPermissions, perm) + } + } + + return cleanPermissions +} + +func FilterLFTagPolicyPermissions(principal *string, allPermissions []*lakeformation.PrincipalResourcePermissions) []*lakeformation.PrincipalResourcePermissions { + var cleanPermissions []*lakeformation.PrincipalResourcePermissions + + for _, perm := range allPermissions { + if aws.StringValue(principal) != aws.StringValue(perm.Principal.DataLakePrincipalIdentifier) { + continue + } + + if perm.Resource.LFTagPolicy != nil { + cleanPermissions = append(cleanPermissions, perm) + } + } + + return cleanPermissions +} diff --git a/internal/service/lakeformation/lakeformation_test.go b/internal/service/lakeformation/lakeformation_test.go index 4f0c25fb9a4..0047ad803f6 100644 --- a/internal/service/lakeformation/lakeformation_test.go +++ b/internal/service/lakeformation/lakeformation_test.go @@ -19,11 +19,15 @@ func TestAccLakeFormation_serial(t *testing.T) { "databaseMultiple": testAccPermissions_databaseMultiple, "dataLocation": testAccPermissions_dataLocation, "disappears": testAccPermissions_disappears, + "lfTag": testAccAWSLakeFormationPermissions_lf_tag, + "lfTagPolicy": testAccAWSLakeFormationPermissions_lf_tag_policy, }, "PermissionsDataSource": { "basic": testAccPermissionsDataSource_basic, "database": testAccPermissionsDataSource_database, "dataLocation": testAccPermissionsDataSource_dataLocation, + "lfTag": testAccPermissionsDataSource_lf_tag, + "lfTagPolicy": testAccPermissionsDataSource_lf_tag_policy, "table": testAccPermissionsDataSource_table, "tableWithColumns": testAccPermissionsDataSource_tableWithColumns, },