hashicorp · johnsonaj · Apr 6, 2022 · Jul 18, 2020 · Jul 18, 2020 · Jul 19, 2020
@@ -0,0 +1,3 @@
+```release-note:new-resource
+aws_rds_cluster_activity_stream
+```
@@ -1703,6 +1703,7 @@ func Provider() *schema.Provider {
 			"aws_db_snapshot":                               rds.ResourceSnapshot(),
 			"aws_db_subnet_group":                           rds.ResourceSubnetGroup(),
 			"aws_rds_cluster":                               rds.ResourceCluster(),
+			"aws_rds_cluster_activity_stream":               rds.ResourceClusterActivityStream(),
 			"aws_rds_cluster_endpoint":                      rds.ResourceClusterEndpoint(),
 			"aws_rds_cluster_instance":                      rds.ResourceClusterInstance(),
 			"aws_rds_cluster_parameter_group":               rds.ResourceClusterParameterGroup(),

@@ -0,0 +1,138 @@
+package rds
+
+import (
+	"context"
+	"fmt"
+	"log"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/rds"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
+	"github.com/hashicorp/terraform-provider-aws/internal/verify"
+)
+
+func ResourceClusterActivityStream() *schema.Resource {
+	return &schema.Resource{
+		CreateContext: resourceAwsRDSClusterActivityStreamCreate,
+		ReadContext:   resourceAwsRDSClusterActivityStreamRead,
+		DeleteContext: resourceAwsRDSClusterActivityStreamDelete,
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"resource_arn": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: verify.ValidARN,
+			},
+			"kms_key_id": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"mode": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validation.StringInSlice(rds.ActivityStreamMode_Values(), false),
+			},
+			"kinesis_stream_name": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"engine_native_audit_fields_included": {
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  false,
+				ForceNew: true,
+			},
+		},
+	}
+}
+
+func resourceAwsRDSClusterActivityStreamCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	conn := meta.(*conns.AWSClient).RDSConn
+
+	resourceArn := d.Get("resource_arn").(string)
+
+	startActivityStreamInput := &rds.StartActivityStreamInput{
+		ResourceArn:                     aws.String(resourceArn),
+		ApplyImmediately:                aws.Bool(true),
+		KmsKeyId:                        aws.String(d.Get("kms_key_id").(string)),
+		Mode:                            aws.String(d.Get("mode").(string)),
+		EngineNativeAuditFieldsIncluded: aws.Bool(d.Get("engine_native_audit_fields_included").(bool)),
+	}
+
+	log.Printf("[DEBUG] RDS Cluster start activity stream input: %s", startActivityStreamInput)
+
+	resp, err := conn.StartActivityStream(startActivityStreamInput)
+	if err != nil {
+		return diag.FromErr(fmt.Errorf("error creating RDS Cluster Activity Stream: %s", err))
+	}
+
+	log.Printf("[DEBUG]: RDS Cluster start activity stream response: %s", resp)
+
+	d.SetId(resourceArn)
+
+	err = waitActivityStreamStarted(ctx, conn, d.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return resourceAwsRDSClusterActivityStreamRead(ctx, d, meta)
+}
+
+func resourceAwsRDSClusterActivityStreamRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	conn := meta.(*conns.AWSClient).RDSConn
+
+	log.Printf("[DEBUG] Finding DB Cluster (%s)", d.Id())
+	resp, err := FindDBClusterWithActivityStream(conn, d.Id())
+
+	if tfresource.NotFound(err) {
+		log.Printf("[WARN] RDS Cluster (%s) not found, removing from state", d.Id())
+		d.SetId("")
+		return nil
+	}
+
+	if err != nil {
+		return diag.FromErr(fmt.Errorf("error describing RDS Cluster (%s): %s", d.Id(), err))
+	}
+
+	d.Set("resource_arn", resp.DBClusterArn)
+	d.Set("kms_key_id", resp.ActivityStreamKmsKeyId)
+	d.Set("kinesis_stream_name", resp.ActivityStreamKinesisStreamName)
+	d.Set("mode", resp.ActivityStreamMode)
+
+	return nil
+}
+
+func resourceAwsRDSClusterActivityStreamDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	conn := meta.(*conns.AWSClient).RDSConn
+
+	stopActivityStreamInput := &rds.StopActivityStreamInput{
+		ApplyImmediately: aws.Bool(true),
+		ResourceArn:      aws.String(d.Id()),
+	}
+
+	log.Printf("[DEBUG] RDS Cluster stop activity stream input: %s", stopActivityStreamInput)
+
+	resp, err := conn.StopActivityStream(stopActivityStreamInput)
+	if err != nil {
+		return diag.FromErr(fmt.Errorf("error stopping RDS Cluster Activity Stream: %w", err))
+	}
+
+	log.Printf("[DEBUG] RDS Cluster stop activity stream response: %s", resp)
+
+	err = waitActivityStreamStopped(ctx, conn, d.Id())
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}
@@ -0,0 +1,207 @@
+package rds_test
+
+import (
+	"fmt"
+	"regexp"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/rds"
+	sdkacctest "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	tfrds "github.com/hashicorp/terraform-provider-aws/internal/service/rds"
+	"github.com/hashicorp/terraform-provider-aws/internal/tfresource"
+)
+
+func TestAccAWSRDSClusterActivityStream_basic(t *testing.T) {
+	var dbCluster rds.DBCluster
+	clusterName := sdkacctest.RandomWithPrefix("tf-testacc-aurora-cluster")
+	instanceName := sdkacctest.RandomWithPrefix("tf-testacc-aurora-instance")
+	resourceName := "aws_rds_cluster_activity_stream.test"
+	rdsClusterResourceName := "aws_rds_cluster.test"
+	kmsKeyResourceName := "aws_kms_key.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acctest.PreCheck(t) },
+		ErrorCheck:   acctest.ErrorCheck(t, rds.EndpointsID),
+		Providers:    acctest.Providers,
+		CheckDestroy: testAccCheckAWSClusterActivityStreamDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSClusterActivityStreamConfig(clusterName, instanceName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSRDSClusterActivityStreamExists(resourceName, &dbCluster),
+					testAccCheckAWSRDSClusterActivityStreamAttributes(&dbCluster),
+					acctest.MatchResourceAttrRegionalARN(resourceName, "resource_arn", "rds", regexp.MustCompile("cluster:"+clusterName)),
+					resource.TestCheckResourceAttrPair(resourceName, "resource_arn", rdsClusterResourceName, "arn"),
+					resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsKeyResourceName, "key_id"),
+					resource.TestCheckResourceAttrSet(resourceName, "kinesis_stream_name"),
+					resource.TestCheckResourceAttr(resourceName, "mode", rds.ActivityStreamModeAsync),
+				),
+			},
+			{
+				ResourceName:            resourceName,
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"engine_native_audit_fields_included"},
+			},
+		},
+	})
+}
+
+func TestAccAWSRDSClusterActivityStream_disappears(t *testing.T) {
+	var dbCluster rds.DBCluster
+	clusterName := sdkacctest.RandomWithPrefix("tf-testacc-aurora-cluster")
+	instanceName := sdkacctest.RandomWithPrefix("tf-testacc-aurora-instance")
+	resourceName := "aws_rds_cluster_activity_stream.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acctest.PreCheck(t) },
+		ErrorCheck:   acctest.ErrorCheck(t, rds.EndpointsID),
+		Providers:    acctest.Providers,
+		CheckDestroy: testAccCheckAWSClusterActivityStreamDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSClusterActivityStreamConfig(clusterName, instanceName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSRDSClusterActivityStreamExists(resourceName, &dbCluster),
+					acctest.CheckResourceDisappears(acctest.Provider, tfrds.ResourceClusterActivityStream(), resourceName),
+				),
+				ExpectNonEmptyPlan: true,
+			},
+		},
+	})
+}
+
+func testAccCheckAWSRDSClusterActivityStreamExists(resourceName string, dbCluster *rds.DBCluster) resource.TestCheckFunc {
+	return testAccCheckAWSRDSClusterActivityStreamExistsWithProvider(resourceName, dbCluster, acctest.Provider)
+}
+
+func testAccCheckAWSRDSClusterActivityStreamExistsWithProvider(resourceName string, dbCluster *rds.DBCluster, provider *schema.Provider) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[resourceName]
+		if !ok {
+			return fmt.Errorf("not found: %s", resourceName)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("DBCluster ID is not set")
+		}
+
+		conn := provider.Meta().(*conns.AWSClient).RDSConn
+
+		response, err := tfrds.FindDBClusterWithActivityStream(conn, rs.Primary.ID)
+
+		if err != nil {
+			return err
+		}
+
+		*dbCluster = *response
+		return nil
+	}
+}
+
+func testAccCheckAWSRDSClusterActivityStreamAttributes(v *rds.DBCluster) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+
+		if aws.StringValue(v.DBClusterArn) == "" {
+			return fmt.Errorf("empty RDS Cluster arn")
+		}
+
+		if aws.StringValue(v.ActivityStreamKmsKeyId) == "" {
+			return fmt.Errorf("empty RDS Cluster activity stream kms key id")
+		}
+
+		if aws.StringValue(v.ActivityStreamKinesisStreamName) == "" {
+			return fmt.Errorf("empty RDS Cluster activity stream kinesis stream name")
+		}
+
+		if aws.StringValue(v.ActivityStreamStatus) != rds.ActivityStreamStatusStarted {
+			return fmt.Errorf("incorrect activity stream status: expected: %s, got: %s", rds.ActivityStreamStatusStarted, aws.StringValue(v.ActivityStreamStatus))
+		}
+
+		if aws.StringValue(v.ActivityStreamMode) != rds.ActivityStreamModeSync && aws.StringValue(v.ActivityStreamMode) != rds.ActivityStreamModeAsync {
+			return fmt.Errorf("incorrect activity stream mode: expected: sync or async, got: %s", aws.StringValue(v.ActivityStreamMode))
+		}
+
+		return nil
+	}
+}
+
+func testAccCheckAWSClusterActivityStreamDestroy(s *terraform.State) error {
+	return testAccCheckAWSClusterActivityStreamDestroyWithProvider(s, acctest.Provider)
+}
+
+func testAccCheckAWSClusterActivityStreamDestroyWithProvider(s *terraform.State, provider *schema.Provider) error {
+	conn := provider.Meta().(*conns.AWSClient).RDSConn
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_rds_cluster_activity_stream" {
+			continue
+		}
+
+		var err error
+
+		_, err = tfrds.FindDBClusterWithActivityStream(conn, rs.Primary.ID)
+		if err != nil {
+			// Return nil if the cluster is already destroyed
+			if tfresource.NotFound(err) {
+				return nil
+			}
+			return err
+		}
+
+		return err
+	}
+
+	return nil
+}
+
+func testAccAWSClusterActivityStreamConfigBase(clusterName, instanceName string) string {
+	return fmt.Sprintf(`
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
+resource "aws_kms_key" "test" {
+  description             = "Testing for AWS RDS Cluster Activity Stream"
+  deletion_window_in_days = 7
+}
+
+resource "aws_rds_cluster" "test" {
+  cluster_identifier  = "%[1]s"
+  availability_zones  = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}", "${data.aws_availability_zones.available.names[2]}"]
+  master_username     = "foo"
+  master_password     = "mustbeeightcharaters"
+  skip_final_snapshot = true
+  deletion_protection = false
+  engine              = "aurora-postgresql"
+  engine_version      = "11.9"
+}
+
+resource "aws_rds_cluster_instance" "test" {
+  identifier         = "%[2]s"
+  cluster_identifier = aws_rds_cluster.test.id
+  engine             = aws_rds_cluster.test.engine
+  instance_class     = "db.r6g.large"
+}
+`, clusterName, instanceName)
+}
+
+func testAccAWSClusterActivityStreamConfig(clusterName, instanceName string) string {
+	return acctest.ConfigCompose(
+		testAccAWSClusterActivityStreamConfigBase(clusterName, instanceName),
+		`
+resource "aws_rds_cluster_activity_stream" "test" {
+  resource_arn = aws_rds_cluster.test.arn
+  kms_key_id   = aws_kms_key.test.key_id
+  mode         = "async"
+
+  depends_on = [aws_rds_cluster_instance.test]
+}
+		`)
+}