feat(rms): add new data_source aggregator_policy_states (#5441)

huaweicloud · Aug 23, 2024 · 3a17733 · 3a17733
1 parent 8e5d668
commit 3a17733
Show file tree

Hide file tree

Showing 5 changed files with 448 additions and 1 deletion.
diff --git a/docs/data-sources/rms_resource_aggregator_policy_states.md b/docs/data-sources/rms_resource_aggregator_policy_states.md
@@ -0,0 +1,75 @@
+---
+subcategory: "Config"
+layout: "huaweicloud"
+page_title: "HuaweiCloud: huaweicloud_rms_resource_aggregator_policy_states"
+description: |-
+  Use this data source to get the list of RMS resource aggregator policy states.
+---
+
+# huaweicloud_rms_resource_aggregator_policy_states
+
+Use this data source to get the list of RMS resource aggregator policy states.
+
+## Example Usage
+
+```hcl
+variable "aggregator_id" {}
+
+data "huaweicloud_rms_resource_aggregator_policy_states" "test" {
+  aggregator_id = var.aggregator_id
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `aggregator_id` - (Required, String) Specifies the aggregator ID.
+
+* `account_id` - (Optional, String) Specifies the ID of account to which the resource belongs.
+
+* `policy_assignment_name` - (Optional, String) Specifies the policy assignment name.
+
+* `compliance_state` - (Optional, String) Specifies the compliance state.
+  The value can be: **Compliant** and **NonCompliant**.
+
+* `resource_name` - (Optional, String) Specifies the resource name.
+
+* `resource_id` - (Optional, String) Specifies the resource ID.
+
+## Attribute Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - The data source ID.
+
+* `states` - The policy states list.
+
+  The [states](#states) structure is documented below.
+
+<a name="states"></a>
+The `states` block supports:
+
+* `domain_id` - The domain ID.
+
+* `region_id` - The ID of the region the resource belongs to.
+
+* `resource_id` - The resource ID.
+
+* `resource_name` - The resource name.
+
+* `resource_provider` - The cloud service name.
+
+* `resource_type` - The resource type.
+
+* `trigger_type` - The trigger type. The value can be **resource** or **period**.
+
+* `compliance_state` - The compliance status.
+
+* `policy_assignment_id` - The policy assignment ID.
+
+* `policy_assignment_name` - The policy assignment name.
+
+* `policy_definition_id` - The ID of the policy definition.
+
+* `evaluation_time` - The evaluation time of compliance status.
diff --git a/huaweicloud/provider.go b/huaweicloud/provider.go
@@ -904,6 +904,7 @@ func Provider() *schema.Provider {
 			"huaweicloud_rms_assignment_package_scores":                rms.DataSourceRmsAssignmentPackageScores(),
 			"huaweicloud_rms_assignment_package_results":               rms.DataSourceRmsAssignmentPackageResults(),
 			"huaweicloud_rms_resource_aggregator_discovered_resources": rms.DataSourceAggregatorDiscoveredResources(),
+			"huaweicloud_rms_resource_aggregator_policy_states":        rms.DataSourceAggregatorPolicyStates(),
 
 			"huaweicloud_sdrs_domain": sdrs.DataSourceSDRSDomain(),
 

diff --git a/...ices/acceptance/rms/data_source_huaweicloud_rms_resource_aggregator_policy_states_test.go b/...ices/acceptance/rms/data_source_huaweicloud_rms_resource_aggregator_policy_states_test.go
@@ -0,0 +1,144 @@
+package rms
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/acceptance"
+)
+
+func TestAccDataSourceAggregatorPolicyStates_basic(t *testing.T) {
+	dataSource1 := "data.huaweicloud_rms_resource_aggregator_policy_states.basic"
+	dataSource2 := "data.huaweicloud_rms_resource_aggregator_policy_states.filter_by_compliance_state"
+	dataSource3 := "data.huaweicloud_rms_resource_aggregator_policy_states.filter_by_policy_assignment_name"
+	dataSource4 := "data.huaweicloud_rms_resource_aggregator_policy_states.filter_by_resource_id"
+	rName := acceptance.RandomAccResourceName()
+	password := acceptance.RandomPassword()
+	dc1 := acceptance.InitDataSourceCheck(dataSource1)
+	dc2 := acceptance.InitDataSourceCheck(dataSource2)
+	dc3 := acceptance.InitDataSourceCheck(dataSource3)
+	dc4 := acceptance.InitDataSourceCheck(dataSource4)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acceptance.TestAccPreCheck(t)
+			acceptance.TestAccPrecheckDomainId(t)
+		},
+		ProviderFactories: acceptance.TestAccProviderFactories,
+		ExternalProviders: map[string]resource.ExternalProvider{
+			"null": {
+				Source:            "hashicorp/null",
+				VersionConstraint: "3.2.1",
+			},
+		},
+		Steps: []resource.TestStep{
+			{
+				Config: testDataSourceAggregatorPolicyStates_basic(rName, password),
+				Check: resource.ComposeTestCheckFunc(
+					dc1.CheckResourceExists(),
+					dc2.CheckResourceExists(),
+					dc3.CheckResourceExists(),
+					dc4.CheckResourceExists(),
+					resource.TestCheckOutput("is_results_not_empty", "true"),
+					resource.TestCheckOutput("is_compliance_state_filter_useful", "true"),
+					resource.TestCheckOutput("is_policy_assignment_name_filter_useful", "true"),
+					resource.TestCheckOutput("is_resource_id_filter_useful", "true"),
+				),
+			},
+		},
+	})
+}
+
+func testDataSourceAggregatorPolicyStates_base(name, password string) string {
+	return fmt.Sprintf(`
+resource "huaweicloud_identity_user" "test" {
+  name     = "%[1]s"
+  password = "%[2]s"
+  enabled  = true
+  email    = "%[1][email protected]"
+}
+
+resource "huaweicloud_rms_resource_aggregator" "test" {
+  name        = "%[1]s"
+  type        = "ACCOUNT"
+  account_ids = ["%[3]s"]
+
+  depends_on = [huaweicloud_identity_user.test]
+}
+
+# wait 30 seconds to let the policies evaluate
+resource "null_resource" "test" {
+  provisioner "local-exec" {
+    command = "sleep 30"
+  }
+
+  depends_on = [ huaweicloud_rms_resource_aggregator.test ]
+}
+`, name, password, acceptance.HW_DOMAIN_ID)
+}
+
+func testDataSourceAggregatorPolicyStates_basic(name, password string) string {
+	return fmt.Sprintf(`
+%[1]s
+
+data "huaweicloud_rms_resource_aggregator_policy_states" "basic" {
+  aggregator_id = huaweicloud_rms_resource_aggregator.test.id
+
+  depends_on = [ null_resource.test ]
+}
+
+data "huaweicloud_rms_resource_aggregator_policy_states" "filter_by_compliance_state" {
+  aggregator_id     = huaweicloud_rms_resource_aggregator.test.id
+  compliance_state  = "Compliant"
+
+  depends_on = [ null_resource.test ]
+}
+
+data "huaweicloud_rms_resource_aggregator_policy_states" "filter_by_policy_assignment_name" {
+  aggregator_id          = huaweicloud_rms_resource_aggregator.test.id
+  policy_assignment_name = "iam-password-policy"
+
+  depends_on = [ null_resource.test ]
+}
+
+data "huaweicloud_rms_resource_aggregator_policy_states" "filter_by_resource_id" {
+  aggregator_id = huaweicloud_rms_resource_aggregator.test.id
+  resource_id   = huaweicloud_identity_user.test.id
+
+  depends_on = [ null_resource.test ]
+}
+
+locals {
+  compliance_state_filter_result = [
+    for v in data.huaweicloud_rms_resource_aggregator_policy_states.filter_by_compliance_state.states[*].compliance_state :
+    v == "Compliant"
+  ]
+  policy_assignment_name_filter_result = [
+    for v in data.huaweicloud_rms_resource_aggregator_policy_states.filter_by_policy_assignment_name.states[*].policy_assignment_name :
+    v == "iam-password-policy"
+  ]
+  resource_id_filter_result = [
+    for v in data.huaweicloud_rms_resource_aggregator_policy_states.filter_by_resource_id.states[*].resource_id :
+    v == huaweicloud_identity_user.test.id
+  ]
+}
+
+output "is_results_not_empty" {
+  value = length(data.huaweicloud_rms_resource_aggregator_policy_states.basic.states) > 0
+}
+
+output "is_compliance_state_filter_useful" {
+  value = alltrue(local.compliance_state_filter_result) && length(local.compliance_state_filter_result) > 0
+}
+
+output "is_policy_assignment_name_filter_useful" {
+  value = alltrue(local.policy_assignment_name_filter_result) && length(local.policy_assignment_name_filter_result) > 0
+}
+
+output "is_resource_id_filter_useful" {
+  value = alltrue(local.resource_id_filter_result) && length(local.resource_id_filter_result) > 0
+}
+`, testDataSourceAggregatorPolicyStates_base(name, password), name)
+}
diff --git a/...loud/services/rms/data_source_huaweicloud_rms_resource_aggregator_discovered_resources.go b/...loud/services/rms/data_source_huaweicloud_rms_resource_aggregator_discovered_resources.go
@@ -152,7 +152,7 @@ func getAggregatorDiscoveredResources(client *golangsdk.ServiceClient, d *schema
 		requestPath := getAggregatorDiscoveredResourcesPath + buildAggregatorDiscoveredResourcesQueryParams(marker)
 		resp, err := client.Request("POST", requestPath, &getAggregatorDiscoveredResourcesOpt)
 		if err != nil {
-			return nil, fmt.Errorf("error retrieving RMS tracked resources: %s", err)
+			return nil, fmt.Errorf("error retrieving aggregator discovered resources: %s", err)
 		}
 
 		getTrackedAggregatorDiscoveredResourcesRespBody, err := utils.FlattenResponse(resp)