From 111513847e20a7c10adfef81609144a84d516a39 Mon Sep 17 00:00:00 2001 From: Yaron Yarimi Date: Tue, 19 Dec 2023 16:39:58 +0200 Subject: [PATCH 01/11] Add support for filesystem protection in aws_efs_file_system Signed-off-by: Yaron Yarimi --- internal/service/efs/file_system.go | 63 +++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/internal/service/efs/file_system.go b/internal/service/efs/file_system.go index 62e21b2db6e5..b9f0b70009aa 100644 --- a/internal/service/efs/file_system.go +++ b/internal/service/efs/file_system.go @@ -120,6 +120,21 @@ func ResourceFileSystem() *schema.Resource { ForceNew: true, ValidateFunc: validation.StringInSlice(efs.PerformanceMode_Values(), false), }, + "protection": { + Type: schema.TypeMap, + Optional: true, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "replication_overwrite": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validation.StringInSlice(efs.ReplicationOverwriteProtection_Values(), false), + }, + }, + }, + }, "provisioned_throughput_in_mibps": { Type: schema.TypeFloat, Optional: true, @@ -224,6 +239,14 @@ func resourceFileSystemCreate(ctx context.Context, d *schema.ResourceData, meta } } + if v, ok := d.GetOk("protection"); ok { + _, err := conn.UpdateFileSystemProtectionWithContext(ctx, expandFileSystemProtection(d.Id(), v.(map[string]interface{}))) + + if err != nil { + return sdkdiag.AppendErrorf(diags, "updating EFS file system (%s) protection: %s", d.Id(), err) + } + } + return append(diags, resourceFileSystemRead(ctx, d, meta)...) } @@ -261,6 +284,10 @@ func resourceFileSystemRead(ctx context.Context, d *schema.ResourceData, meta in } d.Set("throughput_mode", fs.ThroughputMode) + if err := d.Set("protection", flattenFileSystemProtection(fs.FileSystemProtection)); err != nil { + return sdkdiag.AppendErrorf(diags, "setting protection: %s", err) + } + setTagsOut(ctx, fs.Tags) output, err := conn.DescribeLifecycleConfigurationWithContext(ctx, &efs.DescribeLifecycleConfigurationInput{ @@ -325,6 +352,16 @@ func resourceFileSystemUpdate(ctx context.Context, d *schema.ResourceData, meta } } + if d.HasChanges("protection") { + input := expandFileSystemProtection(d.Id(), d.Get("protection").(map[string]interface{})) + + _, err := conn.UpdateFileSystemProtectionWithContext(ctx, input) + + if err != nil { + return sdkdiag.AppendErrorf(diags, "updating EFS file system (%s) protection: %s", d.Id(), err) + } + } + return append(diags, resourceFileSystemRead(ctx, d, meta)...) } @@ -534,3 +571,29 @@ func flattenFileSystemSizeInBytes(sizeInBytes *efs.FileSystemSize) []interface{} return []interface{}{m} } + +func expandFileSystemProtection(id string, tfMap map[string]interface{}) *efs.UpdateFileSystemProtectionInput { + var apiObject *efs.UpdateFileSystemProtectionInput + + apiObject.SetFileSystemId(id) + + if v, ok := tfMap["replication_overwrite"].(string); ok && v != "" { + apiObject.SetReplicationOverwriteProtection(v) + } + + return apiObject +} + +func flattenFileSystemProtection(protection *efs.FileSystemProtectionDescription) map[string]interface{} { + var m map[string]interface{} + + if protection == nil { + return map[string]interface{}{} + } + + if protection.ReplicationOverwriteProtection != nil { + m["replication_overwrite"] = protection.ReplicationOverwriteProtection + } + + return m +} From 09a3018fcd6765d9b88ddba5d22786fc5a409d27 Mon Sep 17 00:00:00 2001 From: Yaron Yarimi Date: Tue, 19 Dec 2023 16:50:26 +0200 Subject: [PATCH 02/11] Add docs for EFS protection Signed-off-by: Yaron Yarimi --- website/docs/r/efs_file_system.html.markdown | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/website/docs/r/efs_file_system.html.markdown b/website/docs/r/efs_file_system.html.markdown index 58fb7fe21dd7..ca37f458c70f 100644 --- a/website/docs/r/efs_file_system.html.markdown +++ b/website/docs/r/efs_file_system.html.markdown @@ -48,6 +48,7 @@ user guide for more information. * `encrypted` - (Optional) If true, the disk will be encrypted. * `kms_key_id` - (Optional) The ARN for the KMS encryption key. When specifying kms_key_id, encrypted needs to be set to true. * `lifecycle_policy` - (Optional) A file system [lifecycle policy](https://docs.aws.amazon.com/efs/latest/ug/API_LifecyclePolicy.html) object (documented below). +* `protection` - (Optional) A file system [protection](https://docs.aws.amazon.com/efs/latest/ug/API_FileSystemProtectionDescription.html) object (documented below). * `performance_mode` - (Optional) The file system performance mode. Can be either `"generalPurpose"` or `"maxIO"` (Default: `"generalPurpose"`). * `provisioned_throughput_in_mibps` - (Optional) The throughput, measured in MiB/s, that you want to provision for the file system. Only applicable with `throughput_mode` set to `provisioned`. * `tags` - (Optional) A map of tags to assign to the file system. If configured with a provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block) present, tags with matching keys will overwrite those defined at the provider-level. @@ -60,6 +61,12 @@ user guide for more information. * `transition_to_ia` - (Optional) Indicates how long it takes to transition files to the IA storage class. Valid values: `AFTER_1_DAY`, `AFTER_7_DAYS`, `AFTER_14_DAYS`, `AFTER_30_DAYS`, `AFTER_60_DAYS`, or `AFTER_90_DAYS`. * `transition_to_primary_storage_class` - (Optional) Describes the policy used to transition a file from infequent access storage to primary storage. Valid values: `AFTER_1_ACCESS`. +### Protection Arguments + +`protection` supports the following arguments: + +* `replication_overwrite` - (Optional) Indicates whether replication overwrite protection is enabled. Valid values: `ENABLED` or `DISABLED`. + ## Attribute Reference This resource exports the following attributes in addition to the arguments above: From 00a70eecd6fdceb34b9e0de2450b10ad66321fff Mon Sep 17 00:00:00 2001 From: Yaron Yarimi Date: Tue, 19 Dec 2023 18:19:35 +0200 Subject: [PATCH 03/11] add protection attr to efs data resource Signed-off-by: Yaron Yarimi --- internal/service/efs/file_system_data_source.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/internal/service/efs/file_system_data_source.go b/internal/service/efs/file_system_data_source.go index 397629a6edd6..e1aa6f4e437a 100644 --- a/internal/service/efs/file_system_data_source.go +++ b/internal/service/efs/file_system_data_source.go @@ -84,6 +84,19 @@ func DataSourceFileSystem() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "protection": { + Type: schema.TypeMap, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "replication_overwrite": { + Type: schema.TypeString, + Computed: true, + ValidateFunc: validation.StringInSlice(efs.ReplicationOverwriteProtection_Values(), false), + }, + }, + }, + }, "provisioned_throughput_in_mibps": { Type: schema.TypeFloat, Computed: true, @@ -163,5 +176,9 @@ func dataSourceFileSystemRead(ctx context.Context, d *schema.ResourceData, meta return sdkdiag.AppendErrorf(diags, "setting lifecycle_policy: %s", err) } + if err := d.Set("protection", flattenFileSystemProtection(fs.FileSystemProtection)); err != nil { + return sdkdiag.AppendErrorf(diags, "setting protection: %s", err) + } + return diags } From 21d967e95faf44c98aa49d8f45cc30bae1d754cb Mon Sep 17 00:00:00 2001 From: Yaron Yarimi Date: Tue, 19 Dec 2023 20:53:13 +0200 Subject: [PATCH 04/11] use TypeList instead of TypeMap Signed-off-by: Yaron Yarimi --- internal/service/efs/file_system.go | 28 +++++++++++-------- .../service/efs/file_system_data_source.go | 7 ++--- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/internal/service/efs/file_system.go b/internal/service/efs/file_system.go index b9f0b70009aa..25004ad09aa0 100644 --- a/internal/service/efs/file_system.go +++ b/internal/service/efs/file_system.go @@ -121,7 +121,8 @@ func ResourceFileSystem() *schema.Resource { ValidateFunc: validation.StringInSlice(efs.PerformanceMode_Values(), false), }, "protection": { - Type: schema.TypeMap, + Type: schema.TypeList, + MaxItems: 1, Optional: true, Computed: true, Elem: &schema.Resource{ @@ -240,7 +241,7 @@ func resourceFileSystemCreate(ctx context.Context, d *schema.ResourceData, meta } if v, ok := d.GetOk("protection"); ok { - _, err := conn.UpdateFileSystemProtectionWithContext(ctx, expandFileSystemProtection(d.Id(), v.(map[string]interface{}))) + _, err := conn.UpdateFileSystemProtectionWithContext(ctx, expandFileSystemProtection(d.Id(), v.([]interface{}))) if err != nil { return sdkdiag.AppendErrorf(diags, "updating EFS file system (%s) protection: %s", d.Id(), err) @@ -353,9 +354,7 @@ func resourceFileSystemUpdate(ctx context.Context, d *schema.ResourceData, meta } if d.HasChanges("protection") { - input := expandFileSystemProtection(d.Id(), d.Get("protection").(map[string]interface{})) - - _, err := conn.UpdateFileSystemProtectionWithContext(ctx, input) + _, err := conn.UpdateFileSystemProtectionWithContext(ctx, expandFileSystemProtection(d.Id(), d.Get("protection").([]interface{}))) if err != nil { return sdkdiag.AppendErrorf(diags, "updating EFS file system (%s) protection: %s", d.Id(), err) @@ -572,8 +571,13 @@ func flattenFileSystemSizeInBytes(sizeInBytes *efs.FileSystemSize) []interface{} return []interface{}{m} } -func expandFileSystemProtection(id string, tfMap map[string]interface{}) *efs.UpdateFileSystemProtectionInput { +func expandFileSystemProtection(id string, tfList []interface{}) *efs.UpdateFileSystemProtectionInput { + if len(tfList) == 0 { + return nil + } + var apiObject *efs.UpdateFileSystemProtectionInput + tfMap := tfList[0].(map[string]interface{}) apiObject.SetFileSystemId(id) @@ -584,16 +588,16 @@ func expandFileSystemProtection(id string, tfMap map[string]interface{}) *efs.Up return apiObject } -func flattenFileSystemProtection(protection *efs.FileSystemProtectionDescription) map[string]interface{} { - var m map[string]interface{} - +func flattenFileSystemProtection(protection *efs.FileSystemProtectionDescription) []interface{} { if protection == nil { - return map[string]interface{}{} + return []interface{}{} } + tfMap := map[string]interface{}{} + if protection.ReplicationOverwriteProtection != nil { - m["replication_overwrite"] = protection.ReplicationOverwriteProtection + tfMap["replication_overwrite"] = protection.ReplicationOverwriteProtection } - return m + return []interface{}{tfMap} } diff --git a/internal/service/efs/file_system_data_source.go b/internal/service/efs/file_system_data_source.go index e1aa6f4e437a..97195ff4adef 100644 --- a/internal/service/efs/file_system_data_source.go +++ b/internal/service/efs/file_system_data_source.go @@ -85,14 +85,13 @@ func DataSourceFileSystem() *schema.Resource { Computed: true, }, "protection": { - Type: schema.TypeMap, + Type: schema.TypeList, Computed: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "replication_overwrite": { - Type: schema.TypeString, - Computed: true, - ValidateFunc: validation.StringInSlice(efs.ReplicationOverwriteProtection_Values(), false), + Type: schema.TypeString, + Computed: true, }, }, }, From c6ac6439f2bb8855ab0246cb67f5c7515c8d566f Mon Sep 17 00:00:00 2001 From: Yaron Yarimi Date: Tue, 19 Dec 2023 20:53:32 +0200 Subject: [PATCH 05/11] Add tests for efs file system data resource Signed-off-by: Yaron Yarimi --- internal/service/efs/file_system_data_source_test.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/internal/service/efs/file_system_data_source_test.go b/internal/service/efs/file_system_data_source_test.go index d4913f6ef01e..40e408616342 100644 --- a/internal/service/efs/file_system_data_source_test.go +++ b/internal/service/efs/file_system_data_source_test.go @@ -39,6 +39,7 @@ func TestAccEFSFileSystemDataSource_id(t *testing.T) { resource.TestCheckResourceAttrPair(dataSourceName, "throughput_mode", resourceName, "throughput_mode"), resource.TestCheckResourceAttrPair(dataSourceName, "lifecycle_policy", resourceName, "lifecycle_policy"), resource.TestMatchResourceAttr(dataSourceName, "size_in_bytes", regexache.MustCompile(`^\d+$`)), + resource.TestCheckResourceAttrPair(dataSourceName, "protection", resourceName, "protection"), ), }, }, @@ -70,6 +71,7 @@ func TestAccEFSFileSystemDataSource_tags(t *testing.T) { resource.TestCheckResourceAttrPair(dataSourceName, "throughput_mode", resourceName, "throughput_mode"), resource.TestCheckResourceAttrPair(dataSourceName, "lifecycle_policy", resourceName, "lifecycle_policy"), resource.TestMatchResourceAttr(dataSourceName, "size_in_bytes", regexache.MustCompile(`^\d+$`)), + resource.TestCheckResourceAttrPair(dataSourceName, "protection", resourceName, "protection"), ), }, }, @@ -100,6 +102,7 @@ func TestAccEFSFileSystemDataSource_name(t *testing.T) { resource.TestCheckResourceAttrPair(dataSourceName, "throughput_mode", resourceName, "throughput_mode"), resource.TestCheckResourceAttrPair(dataSourceName, "lifecycle_policy", resourceName, "lifecycle_policy"), resource.TestMatchResourceAttr(dataSourceName, "size_in_bytes", regexache.MustCompile(`^\d+$`)), + resource.TestCheckResourceAttrPair(dataSourceName, "protection", resourceName, "protection"), ), }, }, From e11de6079646d52897b44253a5dc8d49557b0b03 Mon Sep 17 00:00:00 2001 From: Yaron Yarimi Date: Tue, 19 Dec 2023 23:01:58 +0200 Subject: [PATCH 06/11] Fix expandFileSystemProtection func Signed-off-by: Yaron Yarimi --- internal/service/efs/file_system.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/internal/service/efs/file_system.go b/internal/service/efs/file_system.go index 25004ad09aa0..1fe5e398c271 100644 --- a/internal/service/efs/file_system.go +++ b/internal/service/efs/file_system.go @@ -576,13 +576,13 @@ func expandFileSystemProtection(id string, tfList []interface{}) *efs.UpdateFile return nil } - var apiObject *efs.UpdateFileSystemProtectionInput tfMap := tfList[0].(map[string]interface{}) - - apiObject.SetFileSystemId(id) + apiObject := &efs.UpdateFileSystemProtectionInput{ + FileSystemId: &id, + } if v, ok := tfMap["replication_overwrite"].(string); ok && v != "" { - apiObject.SetReplicationOverwriteProtection(v) + apiObject.ReplicationOverwriteProtection = &v } return apiObject From 53d50a57c7c9341a02244a5c3a8e9cd737a0830a Mon Sep 17 00:00:00 2001 From: Yaron Yarimi Date: Tue, 19 Dec 2023 23:02:19 +0200 Subject: [PATCH 07/11] Add tests for protection attribute of EFS file system resource Signed-off-by: Yaron Yarimi --- internal/service/efs/file_system_test.go | 35 ++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/internal/service/efs/file_system_test.go b/internal/service/efs/file_system_test.go index d2c4f7d67158..41daae49ab08 100644 --- a/internal/service/efs/file_system_test.go +++ b/internal/service/efs/file_system_test.go @@ -110,6 +110,33 @@ func TestAccEFSFileSystem_performanceMode(t *testing.T) { }) } +func TestAccEFSFileSystem_protection(t *testing.T) { + ctx := acctest.Context(t) + var desc efs.FileSystemDescription + resourceName := "aws_efs_file_system.test" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(ctx, t) }, + ErrorCheck: acctest.ErrorCheck(t, efs.EndpointsID), + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories, + CheckDestroy: testAccCheckFileSystemDestroy(ctx), + Steps: []resource.TestStep{ + { + Config: testAccFileSystemConfig_protection, + Check: resource.ComposeTestCheckFunc( + testAccCheckFileSystem(ctx, resourceName, &desc), + resource.TestCheckResourceAttr(resourceName, "protection.0.replication_overwrite", "DISABLED"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccEFSFileSystem_availabilityZoneName(t *testing.T) { ctx := acctest.Context(t) var desc efs.FileSystemDescription @@ -454,6 +481,14 @@ resource "aws_efs_file_system" "test" { } ` +const testAccFileSystemConfig_protection = ` +resource "aws_efs_file_system" "test" { + protection { + replication_overwrite = "DISABLED" + } +} +` + func testAccFileSystemConfig_availabilityZoneName(rName string) string { return acctest.ConfigCompose(acctest.ConfigAvailableAZsNoOptIn(), fmt.Sprintf(` resource "aws_efs_file_system" "test" { From 6a49b749cddd42cfdcf19f833c234dfeb772784d Mon Sep 17 00:00:00 2001 From: Yaron Yarimi Date: Tue, 19 Dec 2023 23:24:36 +0200 Subject: [PATCH 08/11] Set valid values for protection.replication_overwrite Signed-off-by: Yaron Yarimi --- internal/service/efs/file_system.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/internal/service/efs/file_system.go b/internal/service/efs/file_system.go index 1fe5e398c271..c0bede99a5b6 100644 --- a/internal/service/efs/file_system.go +++ b/internal/service/efs/file_system.go @@ -128,10 +128,13 @@ func ResourceFileSystem() *schema.Resource { Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "replication_overwrite": { - Type: schema.TypeString, - Optional: true, - Computed: true, - ValidateFunc: validation.StringInSlice(efs.ReplicationOverwriteProtection_Values(), false), + Type: schema.TypeString, + Optional: true, + Computed: true, + ValidateFunc: validation.StringInSlice([]string{ + efs.ReplicationOverwriteProtectionEnabled, + efs.ReplicationOverwriteProtectionDisabled, + }, false), }, }, }, From 448a1a544d00a057940bb68690aafd8a30d151fd Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jan 2024 08:37:37 -0500 Subject: [PATCH 09/11] Add CHANGELOG entry. --- .changelog/35029.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .changelog/35029.txt diff --git a/.changelog/35029.txt b/.changelog/35029.txt new file mode 100644 index 000000000000..3123b6eb8c4d --- /dev/null +++ b/.changelog/35029.txt @@ -0,0 +1,7 @@ +```release-note:enhancement +resource/aws_efs_file_system: Add `protection` configuration block +``` + +```release-note:enhancement +data-source/aws_efs_file_system: Add `protection` attribute +``` \ No newline at end of file From 72c21b2f75b974ab09c1d40391ede522b299c06e Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jan 2024 08:52:01 -0500 Subject: [PATCH 10/11] Cosmetics. --- internal/service/efs/file_system.go | 40 +++++++++++-------- .../service/efs/file_system_data_source.go | 7 ++-- internal/service/efs/file_system_test.go | 20 ++++++++-- 3 files changed, 42 insertions(+), 25 deletions(-) diff --git a/internal/service/efs/file_system.go b/internal/service/efs/file_system.go index 1ab1d468e097..41d216f3c5ea 100644 --- a/internal/service/efs/file_system.go +++ b/internal/service/efs/file_system.go @@ -238,18 +238,22 @@ func resourceFileSystemCreate(ctx context.Context, d *schema.ResourceData, meta } if v, ok := d.GetOk("lifecycle_policy"); ok { - _, err := conn.PutLifecycleConfigurationWithContext(ctx, &efs.PutLifecycleConfigurationInput{ + input := &efs.PutLifecycleConfigurationInput{ FileSystemId: aws.String(d.Id()), LifecyclePolicies: expandFileSystemLifecyclePolicies(v.([]interface{})), - }) + } + + _, err := conn.PutLifecycleConfigurationWithContext(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "putting EFS file system (%s) lifecycle configuration: %s", d.Id(), err) } } - if v, ok := d.GetOk("protection"); ok { - _, err := conn.UpdateFileSystemProtectionWithContext(ctx, expandFileSystemProtection(d.Id(), v.([]interface{}))) + if v, ok := d.GetOk("protection"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil { + input := expandUpdateFileSystemProtectionInput(d.Id(), v.([]interface{})[0].(map[string]interface{})) + + _, err := conn.UpdateFileSystemProtectionWithContext(ctx, input) if err != nil { return sdkdiag.AppendErrorf(diags, "updating EFS file system (%s) protection: %s", d.Id(), err) @@ -287,16 +291,15 @@ func resourceFileSystemRead(ctx context.Context, d *schema.ResourceData, meta in d.Set("number_of_mount_targets", fs.NumberOfMountTargets) d.Set("owner_id", fs.OwnerId) d.Set("performance_mode", fs.PerformanceMode) + if err := d.Set("protection", flattenFileSystemProtection(fs.FileSystemProtection)); err != nil { + return sdkdiag.AppendErrorf(diags, "setting protection: %s", err) + } d.Set("provisioned_throughput_in_mibps", fs.ProvisionedThroughputInMibps) if err := d.Set("size_in_bytes", flattenFileSystemSizeInBytes(fs.SizeInBytes)); err != nil { return sdkdiag.AppendErrorf(diags, "setting size_in_bytes: %s", err) } d.Set("throughput_mode", fs.ThroughputMode) - if err := d.Set("protection", flattenFileSystemProtection(fs.FileSystemProtection)); err != nil { - return sdkdiag.AppendErrorf(diags, "setting protection: %s", err) - } - setTagsOut(ctx, fs.Tags) output, err := conn.DescribeLifecycleConfigurationWithContext(ctx, &efs.DescribeLifecycleConfigurationInput{ @@ -362,10 +365,14 @@ func resourceFileSystemUpdate(ctx context.Context, d *schema.ResourceData, meta } if d.HasChanges("protection") { - _, err := conn.UpdateFileSystemProtectionWithContext(ctx, expandFileSystemProtection(d.Id(), d.Get("protection").([]interface{}))) + if v, ok := d.GetOk("protection"); ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil { + input := expandUpdateFileSystemProtectionInput(d.Id(), v.([]interface{})[0].(map[string]interface{})) - if err != nil { - return sdkdiag.AppendErrorf(diags, "updating EFS file system (%s) protection: %s", d.Id(), err) + _, err := conn.UpdateFileSystemProtectionWithContext(ctx, input) + + if err != nil { + return sdkdiag.AppendErrorf(diags, "updating EFS file system (%s) protection: %s", d.Id(), err) + } } } @@ -587,18 +594,17 @@ func flattenFileSystemSizeInBytes(sizeInBytes *efs.FileSystemSize) []interface{} return []interface{}{m} } -func expandFileSystemProtection(id string, tfList []interface{}) *efs.UpdateFileSystemProtectionInput { - if len(tfList) == 0 { +func expandUpdateFileSystemProtectionInput(id string, tfMap map[string]interface{}) *efs.UpdateFileSystemProtectionInput { + if tfMap == nil { return nil } - tfMap := tfList[0].(map[string]interface{}) apiObject := &efs.UpdateFileSystemProtectionInput{ - FileSystemId: &id, + FileSystemId: aws.String(id), } if v, ok := tfMap["replication_overwrite"].(string); ok && v != "" { - apiObject.ReplicationOverwriteProtection = &v + apiObject.ReplicationOverwriteProtection = aws.String(v) } return apiObject @@ -612,7 +618,7 @@ func flattenFileSystemProtection(protection *efs.FileSystemProtectionDescription tfMap := map[string]interface{}{} if protection.ReplicationOverwriteProtection != nil { - tfMap["replication_overwrite"] = protection.ReplicationOverwriteProtection + tfMap["replication_overwrite"] = aws.StringValue(protection.ReplicationOverwriteProtection) } return []interface{}{tfMap} diff --git a/internal/service/efs/file_system_data_source.go b/internal/service/efs/file_system_data_source.go index dfcd0382d63d..f360fa3ce70c 100644 --- a/internal/service/efs/file_system_data_source.go +++ b/internal/service/efs/file_system_data_source.go @@ -157,6 +157,9 @@ func dataSourceFileSystemRead(ctx context.Context, d *schema.ResourceData, meta d.Set("kms_key_id", fs.KmsKeyId) d.Set("name", fs.Name) d.Set("performance_mode", fs.PerformanceMode) + if err := d.Set("protection", flattenFileSystemProtection(fs.FileSystemProtection)); err != nil { + return sdkdiag.AppendErrorf(diags, "setting protection: %s", err) + } d.Set("provisioned_throughput_in_mibps", fs.ProvisionedThroughputInMibps) if fs.SizeInBytes != nil { d.Set("size_in_bytes", fs.SizeInBytes.Value) @@ -179,9 +182,5 @@ func dataSourceFileSystemRead(ctx context.Context, d *schema.ResourceData, meta return sdkdiag.AppendErrorf(diags, "setting lifecycle_policy: %s", err) } - if err := d.Set("protection", flattenFileSystemProtection(fs.FileSystemProtection)); err != nil { - return sdkdiag.AppendErrorf(diags, "setting protection: %s", err) - } - return diags } diff --git a/internal/service/efs/file_system_test.go b/internal/service/efs/file_system_test.go index 0411e60802f5..ed4a7cafd35b 100644 --- a/internal/service/efs/file_system_test.go +++ b/internal/service/efs/file_system_test.go @@ -43,6 +43,8 @@ func TestAccEFSFileSystem_basic(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "number_of_mount_targets", "0"), acctest.MatchResourceAttrAccountID(resourceName, "owner_id"), resource.TestCheckResourceAttr(resourceName, "performance_mode", "generalPurpose"), + resource.TestCheckResourceAttr(resourceName, "protection.#", "1"), + resource.TestCheckResourceAttr(resourceName, "protection.0.replication_overwrite", "ENABLED"), resource.TestCheckResourceAttr(resourceName, "size_in_bytes.#", "1"), resource.TestCheckResourceAttrSet(resourceName, "size_in_bytes.0.value"), resource.TestCheckResourceAttrSet(resourceName, "size_in_bytes.0.value_in_ia"), @@ -122,9 +124,10 @@ func TestAccEFSFileSystem_protection(t *testing.T) { CheckDestroy: testAccCheckFileSystemDestroy(ctx), Steps: []resource.TestStep{ { - Config: testAccFileSystemConfig_protection, + Config: testAccFileSystemConfig_protection("DISABLED"), Check: resource.ComposeTestCheckFunc( testAccCheckFileSystem(ctx, resourceName, &desc), + resource.TestCheckResourceAttr(resourceName, "protection.#", "1"), resource.TestCheckResourceAttr(resourceName, "protection.0.replication_overwrite", "DISABLED"), ), }, @@ -133,6 +136,13 @@ func TestAccEFSFileSystem_protection(t *testing.T) { ImportState: true, ImportStateVerify: true, }, + { + Config: testAccFileSystemConfig_protection("ENABLED"), + Check: resource.ComposeTestCheckFunc( + testAccCheckFileSystem(ctx, resourceName, &desc), + resource.TestCheckResourceAttr(resourceName, "protection.0.replication_overwrite", "ENABLED"), + ), + }, }, }) } @@ -504,13 +514,15 @@ resource "aws_efs_file_system" "test" { } ` -const testAccFileSystemConfig_protection = ` +func testAccFileSystemConfig_protection(replicationOverwwrite string) string { + return fmt.Sprintf(` resource "aws_efs_file_system" "test" { protection { - replication_overwrite = "DISABLED" + replication_overwrite = %[1]q } } -` +`, replicationOverwwrite) +} func testAccFileSystemConfig_availabilityZoneName(rName string) string { return acctest.ConfigCompose(acctest.ConfigAvailableAZsNoOptIn(), fmt.Sprintf(` From 2ca2b509415756299bec0a293e17861ddd84e6c9 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Wed, 3 Jan 2024 09:01:45 -0500 Subject: [PATCH 11/11] Fix terrafmt error. --- internal/service/efs/file_system_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/service/efs/file_system_test.go b/internal/service/efs/file_system_test.go index ed4a7cafd35b..2f65f69183a9 100644 --- a/internal/service/efs/file_system_test.go +++ b/internal/service/efs/file_system_test.go @@ -517,7 +517,7 @@ resource "aws_efs_file_system" "test" { func testAccFileSystemConfig_protection(replicationOverwwrite string) string { return fmt.Sprintf(` resource "aws_efs_file_system" "test" { - protection { + protection { replication_overwrite = %[1]q } }