hashicorp · johnsonaj · Jun 30, 2023 · Jun 30, 2023 · Jun 30, 2023 · Jun 30, 2023
@@ -0,0 +1,3 @@
+```release-note:new-data-source
+aws_opensearchserverless_security_config
+```
@@ -0,0 +1,121 @@
+package opensearchserverless
+
+import (
+	"context"
+	"time"
+
+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/hashicorp/terraform-plugin-framework/datasource"
+	"github.com/hashicorp/terraform-plugin-framework/datasource/schema"
+	"github.com/hashicorp/terraform-plugin-framework/types"
+	"github.com/hashicorp/terraform-provider-aws/internal/create"
+	"github.com/hashicorp/terraform-provider-aws/internal/framework"
+	"github.com/hashicorp/terraform-provider-aws/internal/framework/flex"
+	"github.com/hashicorp/terraform-provider-aws/names"
+)
+
+// @FrameworkDataSource(name="Security Config")
+func newDataSourceSecurityConfig(context.Context) (datasource.DataSourceWithConfigure, error) {
+	return &dataSourceSecurityConfig{}, nil
+}
+
+const (
+	DSNameSecurityConfig = "Security Config Data Source"
+)
+
+type dataSourceSecurityConfig struct {
+	framework.DataSourceWithConfigure
+}
+
+func (d *dataSourceSecurityConfig) Metadata(_ context.Context, req datasource.MetadataRequest, resp *datasource.MetadataResponse) { // nosemgrep:ci.meta-in-func-name
+	resp.TypeName = "aws_opensearchserverless_security_config"
+}
+
+func (d *dataSourceSecurityConfig) Schema(ctx context.Context, req datasource.SchemaRequest, resp *datasource.SchemaResponse) {
+	resp.Schema = schema.Schema{
+		Attributes: map[string]schema.Attribute{
+			"config_version": schema.StringAttribute{
+				Computed: true,
+			},
+			"created_date": schema.StringAttribute{
+				Computed: true,
+			},
+			"description": schema.StringAttribute{
+				Computed: true,
+			},
+			"id": schema.StringAttribute{
+				Required: true,
+			},
+			"last_modified_date": schema.StringAttribute{
+				Computed: true,
+			},
+			"type": schema.StringAttribute{
+				Computed: true,
+			},
+		},
+		Blocks: map[string]schema.Block{
+			"saml_options": schema.SingleNestedBlock{
+				Attributes: map[string]schema.Attribute{
+					"group_attribute": schema.StringAttribute{
+						Computed: true,
+					},
+					"metadata": schema.StringAttribute{
+						Computed: true,
+					},
+					"session_timeout": schema.Int64Attribute{
+						Computed: true,
+					},
+					"user_attribute": schema.StringAttribute{
+						Computed: true,
+					},
+				},
+			},
+		},
+	}
+}
+
+func (d *dataSourceSecurityConfig) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
+	conn := d.Meta().OpenSearchServerlessClient(ctx)
+
+	var data dataSourceSecurityConfigData
+	resp.Diagnostics.Append(req.Config.Get(ctx, &data)...)
+	if resp.Diagnostics.HasError() {
+		return
+	}
+
+	out, err := FindSecurityConfigByID(ctx, conn, data.ID.ValueString())
+	if err != nil {
+		resp.Diagnostics.AddError(
+			create.ProblemStandardMessage(names.OpenSearchServerless, create.ErrActionReading, DSNameSecurityConfig, data.ID.String(), err),
+			err.Error(),
+		)
+		return
+	}
+
+	createdDate := time.UnixMilli(aws.ToInt64(out.CreatedDate))
+	data.CreatedDate = flex.StringValueToFramework(ctx, createdDate.Format(time.RFC3339))
+
+	data.ConfigVersion = flex.StringToFramework(ctx, out.ConfigVersion)
+	data.Description = flex.StringToFramework(ctx, out.Description)
+	data.ID = flex.StringToFramework(ctx, out.Id)
+
+	lastModifiedDate := time.UnixMilli(aws.ToInt64(out.LastModifiedDate))
+	data.LastModifiedDate = flex.StringValueToFramework(ctx, lastModifiedDate.Format(time.RFC3339))
+
+	data.Type = flex.StringValueToFramework(ctx, out.Type)
+
+	samlOptions := flattenSAMLOptions(ctx, out.SamlOptions)
+	data.SamlOptions = samlOptions
+
+	resp.Diagnostics.Append(resp.State.Set(ctx, &data)...)
+}
+
+type dataSourceSecurityConfigData struct {
+	ConfigVersion    types.String `tfsdk:"config_version"`
+	CreatedDate      types.String `tfsdk:"created_date"`
+	Description      types.String `tfsdk:"description"`
+	ID               types.String `tfsdk:"id"`
+	LastModifiedDate types.String `tfsdk:"last_modified_date"`
+	SamlOptions      types.Object `tfsdk:"saml_options"`
+	Type             types.String `tfsdk:"type"`
+}
@@ -0,0 +1,65 @@
+package opensearchserverless_test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/aws/aws-sdk-go-v2/service/opensearchserverless/types"
+	sdkacctest "github.com/hashicorp/terraform-plugin-testing/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+	"github.com/hashicorp/terraform-provider-aws/names"
+)
+
+func TestAccOpenSearchServerlessSecurityConfigDataSource_basic(t *testing.T) {
+	ctx := acctest.Context(t)
+
+	var securityconfig types.SecurityConfigDetail
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+	resourceName := "aws_opensearchserverless_security_config.test"
+	dataSourceName := "data.aws_opensearchserverless_security_config.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acctest.PreCheck(ctx, t)
+			acctest.PreCheckPartitionHasService(t, names.OpenSearchServerlessEndpointID)
+			testAccPreCheck(ctx, t)
+		},
+		ErrorCheck:               acctest.ErrorCheck(t, names.OpenSearchServerlessEndpointID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckSecurityConfigDestroy(ctx),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccSecurityConfigDataSourceConfig_basic(rName, "description", "test-fixtures/idp-metadata.xml"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckSecurityConfigExists(ctx, dataSourceName, &securityconfig),
+					resource.TestCheckResourceAttrSet(dataSourceName, "created_date"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "config_version", resourceName, "config_version"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "description", resourceName, "description"),
+					resource.TestCheckResourceAttrSet(dataSourceName, "last_modified_date"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "type", resourceName, "type"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "saml_options.metadata", resourceName, "saml_options.metadata"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "saml_options.session_timeout", resourceName, "saml_options.session_timeout"),
+				),
+			},
+		},
+	})
+}
+
+func testAccSecurityConfigDataSourceConfig_basic(rName, description, samlOptions string) string {
+	return fmt.Sprintf(`
+resource "aws_opensearchserverless_security_config" "test" {
+  name        = %[1]q
+  description = %[2]q
+  type        = "saml"
+
+  saml_options {
+    metadata = file("%[3]s")
+  }
+}
+
+data "aws_opensearchserverless_security_config" "test" {
+  id = aws_opensearchserverless_security_config.test.id
+}
+`, rName, description, samlOptions)
+}
@@ -0,0 +1,47 @@
+---
+subcategory: "OpenSearch Serverless"
+layout: "aws"
+page_title: "AWS: aws_opensearchserverless_security_config"
+description: |-
+  Terraform data source for managing an AWS OpenSearch Serverless Security Config.
+---
+
+# Data Source: aws_opensearchserverless_security_config
+
+Terraform data source for managing an AWS OpenSearch Serverless Security Config.
+
+## Example Usage
+
+### Basic Usage
+
+```terraform
+data "aws_opensearchserverless_security_config" "example" {
+  id = "saml/12345678912/example"
+}
+```
+
+## Argument Reference
+
+The following arguments are required:
+
+* `id` - (Required) The unique identifier of the security configuration.
+
+## Attributes Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `config_version` - The version of the security configuration.
+* `created_date` - The date the configuration was created.
+* `description` - The description of the security configuration.
+* `last_modified_date` - The date the configuration was last modified.
+* `saml_options` - SAML options for the security configuration.
+* `type` - The type of security configuration.
+
+### saml_options
+
+SAML options for the security configuration.
+
+* `group_attribute` - Group attribute for this SAML integration.
+* `metadata` - The XML IdP metadata file generated from your identity provider.
+* `session_timeout` - Session timeout, in minutes. Minimum is 5 minutes and maximum is 720 minutes (12 hours). Default is 60 minutes.
+* `user_attribute` - User attribute for this SAML integration.