From 1aa483111bdd0c95bcd1e4429a7ad7747cd62dd0 Mon Sep 17 00:00:00 2001 From: Eleanor Nicholson Date: Fri, 15 Apr 2022 14:45:30 +0100 Subject: [PATCH 01/10] Issue-20146 Add username parameter to RDS proxy auth --- internal/service/rds/proxy.go | 9 ++++++++ internal/service/rds/proxy_data_source.go | 4 ++++ internal/service/rds/proxy_test.go | 26 +++++++++++++++++++++++ 3 files changed, 39 insertions(+) diff --git a/internal/service/rds/proxy.go b/internal/service/rds/proxy.go index 372d66d40956..118fb7d8c538 100644 --- a/internal/service/rds/proxy.go +++ b/internal/service/rds/proxy.go @@ -105,6 +105,10 @@ func ResourceProxy() *schema.Resource { Optional: true, ValidateFunc: verify.ValidARN, }, + "username": { + Type: schema.TypeString, + Optional: true, + }, }, }, }, @@ -224,6 +228,10 @@ func expandDbProxyAuth(l []interface{}) []*rds.UserAuthConfig { userAuthConfig.SecretArn = aws.String(v) } + if v, ok := m["username"].(string); ok && v != "" { + userAuthConfig.UserName = aws.String(v) + } + userAuthConfigs = append(userAuthConfigs, userAuthConfig) } @@ -237,6 +245,7 @@ func flattenDbProxyAuth(userAuthConfig *rds.UserAuthConfigInfo) map[string]inter m["description"] = aws.StringValue(userAuthConfig.Description) m["iam_auth"] = aws.StringValue(userAuthConfig.IAMAuth) m["secret_arn"] = aws.StringValue(userAuthConfig.SecretArn) + m["username"] = aws.StringValue(userAuthConfig.UserName) return m } diff --git a/internal/service/rds/proxy_data_source.go b/internal/service/rds/proxy_data_source.go index 8c5ef7dd9611..61e7728d9199 100644 --- a/internal/service/rds/proxy_data_source.go +++ b/internal/service/rds/proxy_data_source.go @@ -37,6 +37,10 @@ func DataSourceProxy() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "username": { + Type: schema.TypeString, + Computed: true, + }, }, }, }, diff --git a/internal/service/rds/proxy_test.go b/internal/service/rds/proxy_test.go index a82436edc390..b2207c899c4e 100644 --- a/internal/service/rds/proxy_test.go +++ b/internal/service/rds/proxy_test.go @@ -412,6 +412,32 @@ func TestAccRDSProxy_authSecretARN(t *testing.T) { }) } +func TestAccRDSProxy_authUsername(t *testing.T) { + if testing.Short() { + t.Skip("skipping long-running test in short mode") + } + + var dbProxy rds.DBProxy + resourceName := "aws_db_proxy.test" + rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix) + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(t); testAccDBProxyPreCheck(t) }, + ErrorCheck: acctest.ErrorCheck(t, rds.EndpointsID), + Providers: acctest.Providers, + CheckDestroy: testAccCheckProxyDestroy, + Steps: []resource.TestStep{ + { + Config: testAccProxyNameConfig(rName, rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckProxyExists(resourceName, &dbProxy), + resource.TestCheckResourceAttr(resourceName, "auth.0.username", ""), + ), + }, + }, + }) +} + func TestAccRDSProxy_tags(t *testing.T) { if testing.Short() { t.Skip("skipping long-running test in short mode") From a67c2b3587d7efdfb8146fe447714de59c3ce53f Mon Sep 17 00:00:00 2001 From: Eleanor Nicholson Date: Fri, 15 Apr 2022 16:16:26 +0100 Subject: [PATCH 02/10] Add changelog --- .changelog/24264.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changelog/24264.txt diff --git a/.changelog/24264.txt b/.changelog/24264.txt new file mode 100644 index 000000000000..1e7c60f356e7 --- /dev/null +++ b/.changelog/24264.txt @@ -0,0 +1,3 @@ +```release-note:note +resource/aws_db_proxy: The `username` attribute is now available in the auth config. +``` From 7105f928b858e6ce730a6d38e743ff773a32ec9f Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 18 Apr 2022 08:22:31 -0400 Subject: [PATCH 03/10] Tweak CHANGELOG entry. --- .changelog/24264.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.changelog/24264.txt b/.changelog/24264.txt index 1e7c60f356e7..2772e5fbe0e7 100644 --- a/.changelog/24264.txt +++ b/.changelog/24264.txt @@ -1,3 +1,3 @@ ```release-note:note -resource/aws_db_proxy: The `username` attribute is now available in the auth config. +resource/aws_db_proxy: Add `auth.username` argument ``` From b45098fab25f6affd97f97d21061bb651d8f0203 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 18 Apr 2022 08:23:58 -0400 Subject: [PATCH 04/10] r/aws_db_proxy: Alphabetize attributes. --- internal/service/rds/proxy.go | 82 +++++++++++++++++------------------ 1 file changed, 41 insertions(+), 41 deletions(-) diff --git a/internal/service/rds/proxy.go b/internal/service/rds/proxy.go index 118fb7d8c538..6bd6c1c94369 100644 --- a/internal/service/rds/proxy.go +++ b/internal/service/rds/proxy.go @@ -38,15 +38,45 @@ func ResourceProxy() *schema.Resource { Type: schema.TypeString, Computed: true, }, - "name": { - Type: schema.TypeString, - Required: true, - ValidateFunc: validIdentifier, + "auth": { + Type: schema.TypeSet, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "auth_scheme": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringInSlice(rds.AuthScheme_Values(), false), + }, + "description": { + Type: schema.TypeString, + Optional: true, + }, + "iam_auth": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.StringInSlice(rds.IAMAuthMode_Values(), false), + }, + "secret_arn": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: verify.ValidARN, + }, + "username": { + Type: schema.TypeString, + Optional: true, + }, + }, + }, }, "debug_logging": { Type: schema.TypeBool, Optional: true, }, + "endpoint": { + Type: schema.TypeString, + Computed: true, + }, "engine_family": { Type: schema.TypeString, Required: true, @@ -58,6 +88,11 @@ func ResourceProxy() *schema.Resource { Optional: true, Computed: true, }, + "name": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validIdentifier, + }, "require_tls": { Type: schema.TypeBool, Optional: true, @@ -67,6 +102,8 @@ func ResourceProxy() *schema.Resource { Required: true, ValidateFunc: verify.ValidARN, }, + "tags": tftags.TagsSchema(), + "tags_all": tftags.TagsSchemaComputed(), "vpc_security_group_ids": { Type: schema.TypeSet, Optional: true, @@ -81,43 +118,6 @@ func ResourceProxy() *schema.Resource { Elem: &schema.Schema{Type: schema.TypeString}, Set: schema.HashString, }, - "auth": { - Type: schema.TypeSet, - Required: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "auth_scheme": { - Type: schema.TypeString, - Optional: true, - ValidateFunc: validation.StringInSlice(rds.AuthScheme_Values(), false), - }, - "description": { - Type: schema.TypeString, - Optional: true, - }, - "iam_auth": { - Type: schema.TypeString, - Optional: true, - ValidateFunc: validation.StringInSlice(rds.IAMAuthMode_Values(), false), - }, - "secret_arn": { - Type: schema.TypeString, - Optional: true, - ValidateFunc: verify.ValidARN, - }, - "username": { - Type: schema.TypeString, - Optional: true, - }, - }, - }, - }, - "endpoint": { - Type: schema.TypeString, - Computed: true, - }, - "tags": tftags.TagsSchema(), - "tags_all": tftags.TagsSchemaComputed(), }, CustomizeDiff: verify.SetTagsDiff, From ff2fbc890d7ee7c80bf1ec08b23786b8d34b698a Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 18 Apr 2022 08:29:53 -0400 Subject: [PATCH 05/10] r/aws_db_proxy: Order CRUD handler functions. --- internal/service/rds/proxy.go | 160 +++++++++++++++++----------------- 1 file changed, 80 insertions(+), 80 deletions(-) diff --git a/internal/service/rds/proxy.go b/internal/service/rds/proxy.go index 6bd6c1c94369..8ae700912283 100644 --- a/internal/service/rds/proxy.go +++ b/internal/service/rds/proxy.go @@ -178,86 +178,6 @@ func resourceProxyCreate(d *schema.ResourceData, meta interface{}) error { return resourceProxyRead(d, meta) } -func resourceProxyRefreshFunc(conn *rds.RDS, proxyName string) resource.StateRefreshFunc { - return func() (interface{}, string, error) { - resp, err := conn.DescribeDBProxies(&rds.DescribeDBProxiesInput{ - DBProxyName: aws.String(proxyName), - }) - - if err != nil { - if tfawserr.ErrCodeEquals(err, rds.ErrCodeDBProxyNotFoundFault) { - return 42, "", nil - } - return 42, "", err - } - - dbProxy := resp.DBProxies[0] - return dbProxy, *dbProxy.Status, nil - } -} - -func expandDbProxyAuth(l []interface{}) []*rds.UserAuthConfig { - if len(l) == 0 { - return nil - } - - userAuthConfigs := make([]*rds.UserAuthConfig, 0, len(l)) - - for _, mRaw := range l { - m, ok := mRaw.(map[string]interface{}) - - if !ok { - continue - } - - userAuthConfig := &rds.UserAuthConfig{} - - if v, ok := m["auth_scheme"].(string); ok && v != "" { - userAuthConfig.AuthScheme = aws.String(v) - } - - if v, ok := m["description"].(string); ok && v != "" { - userAuthConfig.Description = aws.String(v) - } - - if v, ok := m["iam_auth"].(string); ok && v != "" { - userAuthConfig.IAMAuth = aws.String(v) - } - - if v, ok := m["secret_arn"].(string); ok && v != "" { - userAuthConfig.SecretArn = aws.String(v) - } - - if v, ok := m["username"].(string); ok && v != "" { - userAuthConfig.UserName = aws.String(v) - } - - userAuthConfigs = append(userAuthConfigs, userAuthConfig) - } - - return userAuthConfigs -} - -func flattenDbProxyAuth(userAuthConfig *rds.UserAuthConfigInfo) map[string]interface{} { - m := make(map[string]interface{}) - - m["auth_scheme"] = aws.StringValue(userAuthConfig.AuthScheme) - m["description"] = aws.StringValue(userAuthConfig.Description) - m["iam_auth"] = aws.StringValue(userAuthConfig.IAMAuth) - m["secret_arn"] = aws.StringValue(userAuthConfig.SecretArn) - m["username"] = aws.StringValue(userAuthConfig.UserName) - - return m -} - -func flattenDbProxyAuths(userAuthConfigs []*rds.UserAuthConfigInfo) []interface{} { - s := []interface{}{} - for _, v := range userAuthConfigs { - s = append(s, flattenDbProxyAuth(v)) - } - return s -} - func resourceProxyRead(d *schema.ResourceData, meta interface{}) error { conn := meta.(*conns.AWSClient).RDSConn defaultTagsConfig := meta.(*conns.AWSClient).DefaultTagsConfig @@ -417,3 +337,83 @@ func resourceProxyDelete(d *schema.ResourceData, meta interface{}) error { return nil } + +func resourceProxyRefreshFunc(conn *rds.RDS, proxyName string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + resp, err := conn.DescribeDBProxies(&rds.DescribeDBProxiesInput{ + DBProxyName: aws.String(proxyName), + }) + + if err != nil { + if tfawserr.ErrCodeEquals(err, rds.ErrCodeDBProxyNotFoundFault) { + return 42, "", nil + } + return 42, "", err + } + + dbProxy := resp.DBProxies[0] + return dbProxy, *dbProxy.Status, nil + } +} + +func expandDbProxyAuth(l []interface{}) []*rds.UserAuthConfig { + if len(l) == 0 { + return nil + } + + userAuthConfigs := make([]*rds.UserAuthConfig, 0, len(l)) + + for _, mRaw := range l { + m, ok := mRaw.(map[string]interface{}) + + if !ok { + continue + } + + userAuthConfig := &rds.UserAuthConfig{} + + if v, ok := m["auth_scheme"].(string); ok && v != "" { + userAuthConfig.AuthScheme = aws.String(v) + } + + if v, ok := m["description"].(string); ok && v != "" { + userAuthConfig.Description = aws.String(v) + } + + if v, ok := m["iam_auth"].(string); ok && v != "" { + userAuthConfig.IAMAuth = aws.String(v) + } + + if v, ok := m["secret_arn"].(string); ok && v != "" { + userAuthConfig.SecretArn = aws.String(v) + } + + if v, ok := m["username"].(string); ok && v != "" { + userAuthConfig.UserName = aws.String(v) + } + + userAuthConfigs = append(userAuthConfigs, userAuthConfig) + } + + return userAuthConfigs +} + +func flattenDbProxyAuth(userAuthConfig *rds.UserAuthConfigInfo) map[string]interface{} { + m := make(map[string]interface{}) + + m["auth_scheme"] = aws.StringValue(userAuthConfig.AuthScheme) + m["description"] = aws.StringValue(userAuthConfig.Description) + m["iam_auth"] = aws.StringValue(userAuthConfig.IAMAuth) + m["secret_arn"] = aws.StringValue(userAuthConfig.SecretArn) + m["username"] = aws.StringValue(userAuthConfig.UserName) + + return m +} + +func flattenDbProxyAuths(userAuthConfigs []*rds.UserAuthConfigInfo) []interface{} { + s := []interface{}{} + for _, v := range userAuthConfigs { + s = append(s, flattenDbProxyAuth(v)) + } + return s +} From 24a6400949607b58d3174a712679b65d79b0afb3 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 18 Apr 2022 08:38:07 -0400 Subject: [PATCH 06/10] r/aws_db_proxy: Use 'FindDBProxyByName'. --- internal/service/rds/find.go | 11 ++++++++- internal/service/rds/proxy.go | 34 +++++++--------------------- internal/service/rds/proxy_test.go | 36 ++++++++++-------------------- 3 files changed, 30 insertions(+), 51 deletions(-) diff --git a/internal/service/rds/find.go b/internal/service/rds/find.go index 04e9d5c9b19a..810f39e51a82 100644 --- a/internal/service/rds/find.go +++ b/internal/service/rds/find.go @@ -166,7 +166,16 @@ func FindDBProxyByName(conn *rds.RDS, name string) (*rds.DBProxy, error) { return nil, tfresource.NewEmptyResultError(input) } - return output.DBProxies[0], nil + dbProxy := output.DBProxies[0] + + // Eventual consistency check. + if aws.StringValue(dbProxy.DBProxyName) != name { + return nil, &resource.NotFoundError{ + LastRequest: input, + } + } + + return dbProxy, nil } func FindEventSubscriptionByID(conn *rds.RDS, id string) (*rds.EventSubscription, error) { diff --git a/internal/service/rds/proxy.go b/internal/service/rds/proxy.go index 8ae700912283..4c8e3002a4ed 100644 --- a/internal/service/rds/proxy.go +++ b/internal/service/rds/proxy.go @@ -14,6 +14,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/conns" "github.com/hashicorp/terraform-provider-aws/internal/flex" tftags "github.com/hashicorp/terraform-provider-aws/internal/tags" + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" "github.com/hashicorp/terraform-provider-aws/internal/verify" ) @@ -183,37 +184,18 @@ func resourceProxyRead(d *schema.ResourceData, meta interface{}) error { defaultTagsConfig := meta.(*conns.AWSClient).DefaultTagsConfig ignoreTagsConfig := meta.(*conns.AWSClient).IgnoreTagsConfig - params := rds.DescribeDBProxiesInput{ - DBProxyName: aws.String(d.Id()), - } - - resp, err := conn.DescribeDBProxies(¶ms) - if err != nil { - if tfawserr.ErrCodeEquals(err, rds.ErrCodeDBProxyNotFoundFault) { - log.Printf("[WARN] DB Proxy (%s) not found, removing from state", d.Id()) - d.SetId("") - return nil - } - return fmt.Errorf("Error reading RDS DB Proxy (%s): %w", d.Id(), err) - } - - var dbProxy *rds.DBProxy - for _, proxy := range resp.DBProxies { - if proxy == nil { - continue - } + dbProxy, err := FindDBProxyByName(conn, d.Id()) - if aws.StringValue(proxy.DBProxyName) == d.Id() { - dbProxy = proxy - break - } - } - if dbProxy == nil { - log.Printf("[WARN] DB Proxy (%s) not found, removing from state", d.Id()) + if !d.IsNewResource() && tfresource.NotFound(err) { + log.Printf("[WARN] RDS DB Proxy %s not found, removing from state", d.Id()) d.SetId("") return nil } + if err != nil { + return fmt.Errorf("error reading RDS DB Proxy (%s): %w", d.Id(), err) + } + d.Set("arn", dbProxy.DBProxyArn) d.Set("auth", flattenDbProxyAuths(dbProxy.Auth)) d.Set("name", dbProxy.DBProxyName) diff --git a/internal/service/rds/proxy_test.go b/internal/service/rds/proxy_test.go index b2207c899c4e..cc77281b9858 100644 --- a/internal/service/rds/proxy_test.go +++ b/internal/service/rds/proxy_test.go @@ -5,7 +5,6 @@ import ( "regexp" "testing" - "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/rds" "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" sdkacctest "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" @@ -14,6 +13,7 @@ import ( "github.com/hashicorp/terraform-provider-aws/internal/acctest" "github.com/hashicorp/terraform-provider-aws/internal/conns" tfrds "github.com/hashicorp/terraform-provider-aws/internal/service/rds" + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" ) func TestAccRDSProxy_basic(t *testing.T) { @@ -528,22 +528,17 @@ func testAccCheckProxyDestroy(s *terraform.State) error { continue } - // Try to find the Group - resp, err := conn.DescribeDBProxies( - &rds.DescribeDBProxiesInput{ - DBProxyName: aws.String(rs.Primary.ID), - }) - - if err == nil { - if len(resp.DBProxies) != 0 && - *resp.DBProxies[0].DBProxyName == rs.Primary.ID { - return fmt.Errorf("DB Proxy still exists") - } + _, err := tfrds.FindDBProxyByName(conn, rs.Primary.ID) + + if tfresource.NotFound(err) { + continue } - if !tfawserr.ErrCodeEquals(err, rds.ErrCodeDBProxyNotFoundFault) { + if err != nil { return err } + + return fmt.Errorf("RDS DB Proxy %s still exists", rs.Primary.ID) } return nil @@ -557,27 +552,20 @@ func testAccCheckProxyExists(n string, v *rds.DBProxy) resource.TestCheckFunc { } if rs.Primary.ID == "" { - return fmt.Errorf("No DB Proxy ID is set") + return fmt.Errorf("No RDS DB Proxy ID is set") } conn := acctest.Provider.Meta().(*conns.AWSClient).RDSConn - opts := rds.DescribeDBProxiesInput{ - DBProxyName: aws.String(rs.Primary.ID), - } - - resp, err := conn.DescribeDBProxies(&opts) + output, err := tfrds.FindDBProxyByName(conn, rs.Primary.ID) if err != nil { return err } - if len(resp.DBProxies) != 1 || - *resp.DBProxies[0].DBProxyName != rs.Primary.ID { - return fmt.Errorf("DB Proxy not found") - } + *v = *output - *v = *resp.DBProxies[0] + return nil return nil } From f30baef7aefc6f2fdf9eef44990aab61cfc31f1b Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 18 Apr 2022 08:45:13 -0400 Subject: [PATCH 07/10] r/aws_db_proxy: Tidy up resource Create. --- internal/service/rds/proxy.go | 40 ++++++++++++++-------------------- internal/service/rds/status.go | 16 ++++++++++++++ internal/service/rds/wait.go | 17 +++++++++++++++ 3 files changed, 49 insertions(+), 24 deletions(-) diff --git a/internal/service/rds/proxy.go b/internal/service/rds/proxy.go index 4c8e3002a4ed..3f7b11c0b1be 100644 --- a/internal/service/rds/proxy.go +++ b/internal/service/rds/proxy.go @@ -130,7 +130,7 @@ func resourceProxyCreate(d *schema.ResourceData, meta interface{}) error { defaultTagsConfig := meta.(*conns.AWSClient).DefaultTagsConfig tags := defaultTagsConfig.MergeTags(tftags.New(d.Get("tags").(map[string]interface{}))) - params := rds.CreateDBProxyInput{ + input := rds.CreateDBProxyInput{ Auth: expandDbProxyAuth(d.Get("auth").(*schema.Set).List()), DBProxyName: aws.String(d.Get("name").(string)), EngineFamily: aws.String(d.Get("engine_family").(string)), @@ -140,40 +140,32 @@ func resourceProxyCreate(d *schema.ResourceData, meta interface{}) error { } if v, ok := d.GetOk("debug_logging"); ok { - params.DebugLogging = aws.Bool(v.(bool)) + input.DebugLogging = aws.Bool(v.(bool)) } if v, ok := d.GetOk("idle_client_timeout"); ok { - params.IdleClientTimeout = aws.Int64(int64(v.(int))) + input.IdleClientTimeout = aws.Int64(int64(v.(int))) } if v, ok := d.GetOk("require_tls"); ok { - params.RequireTLS = aws.Bool(v.(bool)) + input.RequireTLS = aws.Bool(v.(bool)) } if v := d.Get("vpc_security_group_ids").(*schema.Set); v.Len() > 0 { - params.VpcSecurityGroupIds = flex.ExpandStringSet(v) + input.VpcSecurityGroupIds = flex.ExpandStringSet(v) } - log.Printf("[DEBUG] Create DB Proxy: %#v", params) - resp, err := conn.CreateDBProxy(¶ms) + log.Printf("[DEBUG] Creating RDS DB Proxy: %s", input) + output, err := conn.CreateDBProxy(&input) + if err != nil { - return fmt.Errorf("Error creating DB Proxy: %s", err) + return fmt.Errorf("creating RDS DB Proxy: %w", err) } - d.SetId(aws.StringValue(resp.DBProxy.DBProxyName)) - log.Printf("[INFO] DB Proxy ID: %s", d.Id()) + d.SetId(aws.StringValue(output.DBProxy.DBProxyName)) - stateChangeConf := &resource.StateChangeConf{ - Pending: []string{rds.DBProxyStatusCreating}, - Target: []string{rds.DBProxyStatusAvailable}, - Refresh: resourceProxyRefreshFunc(conn, d.Id()), - Timeout: d.Timeout(schema.TimeoutCreate), - } - - _, err = stateChangeConf.WaitForState() - if err != nil { - return fmt.Errorf("Error waiting for DB Proxy creation: %s", err) + if _, err := waitDBProxyCreated(conn, d.Id(), d.Timeout(schema.TimeoutCreate)); err != nil { + return fmt.Errorf("waiting for RDS DB Proxy (%s) create: %w", d.Id(), err) } return resourceProxyRead(d, meta) @@ -193,7 +185,7 @@ func resourceProxyRead(d *schema.ResourceData, meta interface{}) error { } if err != nil { - return fmt.Errorf("error reading RDS DB Proxy (%s): %w", d.Id(), err) + return fmt.Errorf("reading RDS DB Proxy (%s): %w", d.Id(), err) } d.Set("arn", dbProxy.DBProxyArn) @@ -211,18 +203,18 @@ func resourceProxyRead(d *schema.ResourceData, meta interface{}) error { tags, err := ListTags(conn, d.Get("arn").(string)) if err != nil { - return fmt.Errorf("Error listing tags for RDS DB Proxy (%s): %s", d.Get("arn").(string), err) + return fmt.Errorf("listing tags for RDS DB Proxy (%s): %w", d.Get("arn").(string), err) } tags = tags.IgnoreAWS().IgnoreConfig(ignoreTagsConfig) //lintignore:AWSR002 if err := d.Set("tags", tags.RemoveDefaultConfig(defaultTagsConfig).Map()); err != nil { - return fmt.Errorf("error setting tags: %w", err) + return fmt.Errorf("setting tags: %w", err) } if err := d.Set("tags_all", tags.Map()); err != nil { - return fmt.Errorf("error setting tags_all: %w", err) + return fmt.Errorf("setting tags_all: %w", err) } return nil diff --git a/internal/service/rds/status.go b/internal/service/rds/status.go index 3277b8a16dc0..98c62aa2de27 100644 --- a/internal/service/rds/status.go +++ b/internal/service/rds/status.go @@ -121,3 +121,19 @@ func statusDBInstanceHasAutomatedBackup(conn *rds.RDS, dbInstanceID, dbInstanceA return output, strconv.FormatBool(false), nil } } + +func statusDBProxy(conn *rds.RDS, name string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + output, err := FindDBProxyByName(conn, name) + + if tfresource.NotFound(err) { + return nil, "", nil + } + + if err != nil { + return nil, "", err + } + + return output, aws.StringValue(output.Status), nil + } +} diff --git a/internal/service/rds/wait.go b/internal/service/rds/wait.go index 91f162cb6a50..288a6e70eba8 100644 --- a/internal/service/rds/wait.go +++ b/internal/service/rds/wait.go @@ -236,3 +236,20 @@ func waitDBInstanceAutomatedBackupDeleted(conn *rds.RDS, dbInstanceID, dbInstanc return nil, err } + +func waitDBProxyCreated(conn *rds.RDS, name string, timeout time.Duration) (*rds.DBProxy, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{rds.DBProxyStatusCreating}, + Target: []string{rds.DBProxyStatusAvailable}, + Refresh: statusDBProxy(conn, name), + Timeout: timeout, + } + + outputRaw, err := stateConf.WaitForState() + + if output, ok := outputRaw.(*rds.DBProxy); ok { + return output, err + } + + return nil, err +} From b43e1766ae51c23ae9c87de6605fe2db93e2f001 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 18 Apr 2022 08:48:38 -0400 Subject: [PATCH 08/10] r/aws_db_proxy: Tidy up resource Delete. --- internal/service/rds/proxy.go | 21 +++++++++------------ internal/service/rds/wait.go | 17 +++++++++++++++++ 2 files changed, 26 insertions(+), 12 deletions(-) diff --git a/internal/service/rds/proxy.go b/internal/service/rds/proxy.go index 3f7b11c0b1be..11e3fa46be2c 100644 --- a/internal/service/rds/proxy.go +++ b/internal/service/rds/proxy.go @@ -289,24 +289,21 @@ func resourceProxyUpdate(d *schema.ResourceData, meta interface{}) error { func resourceProxyDelete(d *schema.ResourceData, meta interface{}) error { conn := meta.(*conns.AWSClient).RDSConn - params := rds.DeleteDBProxyInput{ + log.Printf("[DEBUG] Creating RDS DB Proxy: %s", d.Id()) + _, err := conn.DeleteDBProxy(&rds.DeleteDBProxyInput{ DBProxyName: aws.String(d.Id()), - } - _, err := conn.DeleteDBProxy(¶ms) + }) + if err != nil { - return fmt.Errorf("Error deleting DB Proxy: %s", err) + return fmt.Errorf("deleting RDS DB Proxy (%s): %w", d.Id(), err) } - stateChangeConf := &resource.StateChangeConf{ - Pending: []string{rds.DBProxyStatusDeleting}, - Target: []string{""}, - Refresh: resourceProxyRefreshFunc(conn, d.Id()), - Timeout: d.Timeout(schema.TimeoutDelete), + if tfawserr.ErrCodeEquals(err, rds.ErrCodeDBProxyNotFoundFault) { + return nil } - _, err = stateChangeConf.WaitForState() - if err != nil { - return fmt.Errorf("Error waiting for DB Proxy deletion: %s", err) + if _, err := waitDBProxyDeleted(conn, d.Id(), d.Timeout(schema.TimeoutDelete)); err != nil { + return fmt.Errorf("waiting for RDS DB Proxy (%s) delete: %w", d.Id(), err) } return nil diff --git a/internal/service/rds/wait.go b/internal/service/rds/wait.go index 288a6e70eba8..269ec612e204 100644 --- a/internal/service/rds/wait.go +++ b/internal/service/rds/wait.go @@ -253,3 +253,20 @@ func waitDBProxyCreated(conn *rds.RDS, name string, timeout time.Duration) (*rds return nil, err } + +func waitDBProxyDeleted(conn *rds.RDS, name string, timeout time.Duration) (*rds.DBProxy, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{rds.DBProxyStatusDeleting}, + Target: []string{}, + Refresh: statusDBProxy(conn, name), + Timeout: timeout, + } + + outputRaw, err := stateConf.WaitForState() + + if output, ok := outputRaw.(*rds.DBProxy); ok { + return output, err + } + + return nil, err +} From df74866620acc9b7eab6a3459882e576a9a61e1a Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 18 Apr 2022 08:54:07 -0400 Subject: [PATCH 09/10] r/aws_db_proxy: Tidy up resource Update. --- internal/service/rds/proxy.go | 60 +++++++---------------------------- internal/service/rds/wait.go | 17 ++++++++++ 2 files changed, 29 insertions(+), 48 deletions(-) diff --git a/internal/service/rds/proxy.go b/internal/service/rds/proxy.go index 11e3fa46be2c..634b0fabffe3 100644 --- a/internal/service/rds/proxy.go +++ b/internal/service/rds/proxy.go @@ -8,7 +8,6 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/rds" "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" "github.com/hashicorp/terraform-provider-aws/internal/conns" @@ -223,55 +222,38 @@ func resourceProxyRead(d *schema.ResourceData, meta interface{}) error { func resourceProxyUpdate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*conns.AWSClient).RDSConn - if d.HasChanges( - "auth", - "debug_logging", - "idle_client_timeout", - "name", - "require_tls", - "role_arn", - "vpc_security_group_ids") { - + if d.HasChangesExcept("tags", "tags_all") { oName, nName := d.GetChange("name") - - params := rds.ModifyDBProxyInput{ + input := &rds.ModifyDBProxyInput{ Auth: expandDbProxyAuth(d.Get("auth").(*schema.Set).List()), DBProxyName: aws.String(oName.(string)), - NewDBProxyName: aws.String(nName.(string)), DebugLogging: aws.Bool(d.Get("debug_logging").(bool)), + NewDBProxyName: aws.String(nName.(string)), RequireTLS: aws.Bool(d.Get("require_tls").(bool)), RoleArn: aws.String(d.Get("role_arn").(string)), } if v, ok := d.GetOk("idle_client_timeout"); ok { - params.IdleClientTimeout = aws.Int64(int64(v.(int))) + input.IdleClientTimeout = aws.Int64(int64(v.(int))) } if v := d.Get("vpc_security_group_ids").(*schema.Set); v.Len() > 0 { - params.SecurityGroups = flex.ExpandStringSet(v) + input.SecurityGroups = flex.ExpandStringSet(v) } - log.Printf("[DEBUG] Update DB Proxy: %#v", params) - _, err := conn.ModifyDBProxy(¶ms) + log.Printf("[DEBUG] Updating RDS DB Proxy: %s", input) + _, err := conn.ModifyDBProxy(input) + if err != nil { - return fmt.Errorf("Error updating DB Proxy: %s", err) + return fmt.Errorf("updating RDS DB Proxy (%s): %w", d.Id(), err) } // DB Proxy Name is used as an ID as the API doesn't provide a way to read/ // update/delete DB proxies using the ARN d.SetId(nName.(string)) - log.Printf("[INFO] Updated DB Proxy ID: %s", d.Id()) - - stateChangeConf := &resource.StateChangeConf{ - Pending: []string{rds.DBProxyStatusModifying}, - Target: []string{rds.DBProxyStatusAvailable}, - Refresh: resourceProxyRefreshFunc(conn, d.Id()), - Timeout: d.Timeout(schema.TimeoutUpdate), - } - _, err = stateChangeConf.WaitForState() - if err != nil { - return fmt.Errorf("Error waiting for DB Proxy update: %s", err) + if _, err := waitDBProxyUpdated(conn, d.Id(), d.Timeout(schema.TimeoutUpdate)); err != nil { + return fmt.Errorf("waiting for RDS DB Proxy (%s) update: %w", d.Id(), err) } } @@ -279,7 +261,7 @@ func resourceProxyUpdate(d *schema.ResourceData, meta interface{}) error { o, n := d.GetChange("tags_all") if err := UpdateTags(conn, d.Get("arn").(string), o, n); err != nil { - return fmt.Errorf("Error updating RDS DB Proxy (%s) tags: %s", d.Get("arn").(string), err) + return fmt.Errorf("updating RDS DB Proxy (%s) tags: %w", d.Get("arn").(string), err) } } @@ -309,24 +291,6 @@ func resourceProxyDelete(d *schema.ResourceData, meta interface{}) error { return nil } -func resourceProxyRefreshFunc(conn *rds.RDS, proxyName string) resource.StateRefreshFunc { - return func() (interface{}, string, error) { - resp, err := conn.DescribeDBProxies(&rds.DescribeDBProxiesInput{ - DBProxyName: aws.String(proxyName), - }) - - if err != nil { - if tfawserr.ErrCodeEquals(err, rds.ErrCodeDBProxyNotFoundFault) { - return 42, "", nil - } - return 42, "", err - } - - dbProxy := resp.DBProxies[0] - return dbProxy, *dbProxy.Status, nil - } -} - func expandDbProxyAuth(l []interface{}) []*rds.UserAuthConfig { if len(l) == 0 { return nil diff --git a/internal/service/rds/wait.go b/internal/service/rds/wait.go index 269ec612e204..0363f2930d83 100644 --- a/internal/service/rds/wait.go +++ b/internal/service/rds/wait.go @@ -270,3 +270,20 @@ func waitDBProxyDeleted(conn *rds.RDS, name string, timeout time.Duration) (*rds return nil, err } + +func waitDBProxyUpdated(conn *rds.RDS, name string, timeout time.Duration) (*rds.DBProxy, error) { + stateConf := &resource.StateChangeConf{ + Pending: []string{rds.DBProxyStatusModifying}, + Target: []string{rds.DBProxyStatusAvailable}, + Refresh: statusDBProxy(conn, name), + Timeout: timeout, + } + + outputRaw, err := stateConf.WaitForState() + + if output, ok := outputRaw.(*rds.DBProxy); ok { + return output, err + } + + return nil, err +} From d46e7258e9fe2b3250159cbca83cc4a9c156d680 Mon Sep 17 00:00:00 2001 From: Kit Ewbank Date: Mon, 18 Apr 2022 09:00:22 -0400 Subject: [PATCH 10/10] Update proxy_test.go --- internal/service/rds/proxy_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/internal/service/rds/proxy_test.go b/internal/service/rds/proxy_test.go index cc77281b9858..be49a85bf415 100644 --- a/internal/service/rds/proxy_test.go +++ b/internal/service/rds/proxy_test.go @@ -566,8 +566,6 @@ func testAccCheckProxyExists(n string, v *rds.DBProxy) resource.TestCheckFunc { *v = *output return nil - - return nil } }