[IdC] schema and handler update (#52)

Mark CreateOnly identifiers are required [Custom Plug] Update schema and handler Support Index Type [IndexType] Update resource json and handler Add sso:UpdateApplication for Create/UpdateWebExperience Update regex for DocumentMetadataConfigurationName [IndexType] Update resource json and handler Upgrade aws-sdk version Co-authored-by: Sean Chen <[email protected]>
aws-cloudformation · May 3, 2024 · d972d4d · d972d4d
1 parent c9026c4
commit d972d4d
Show file tree

Hide file tree

Showing 37 changed files with 893 additions and 352 deletions.
diff --git a/aws-qbusiness-application/aws-qbusiness-application.json b/aws-qbusiness-application/aws-qbusiness-application.json
@@ -98,6 +98,18 @@
     "EncryptionConfiguration": {
       "$ref": "#/definitions/EncryptionConfiguration"
     },
+    "IdentityCenterApplicationArn": {
+      "type": "string",
+      "maxLength": 1224,
+      "minLength": 10,
+      "pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso::\\d{12}:application/(sso)?ins-[a-zA-Z0-9-.]{16}/apl-[a-zA-Z0-9]{16}$"
+    },
+    "IdentityCenterInstanceArn": {
+      "type": "string",
+      "maxLength": 1224,
+      "minLength": 10,
+      "pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$"
+    },
     "RoleArn": {
       "type": "string",
       "maxLength": 1284,
@@ -128,9 +140,13 @@
     "/properties/ApplicationArn",
     "/properties/ApplicationId",
     "/properties/CreatedAt",
+    "/properties/IdentityCenterApplicationArn",
     "/properties/Status",
     "/properties/UpdatedAt"
   ],
+  "writeOnlyProperties": [
+    "/properties/IdentityCenterInstanceArn"
+  ],
   "createOnlyProperties": [
     "/properties/EncryptionConfiguration"
   ],
@@ -146,7 +162,12 @@
         "qbusiness:CreateApplication",
         "qbusiness:GetApplication",
         "qbusiness:ListTagsForResource",
-        "qbusiness:TagResource"
+        "qbusiness:TagResource",
+        "sso:CreateApplication",
+        "sso:DeleteApplication",
+        "sso:PutApplicationAccessScope",
+        "sso:PutApplicationAuthenticationMethod",
+        "sso:PutApplicationGrant"
       ]
     },
     "read": {
@@ -162,14 +183,20 @@
         "qbusiness:ListTagsForResource",
         "qbusiness:TagResource",
         "qbusiness:UntagResource",
-        "qbusiness:UpdateApplication"
+        "qbusiness:UpdateApplication",
+        "sso:CreateApplication",
+        "sso:DeleteApplication",
+        "sso:PutApplicationAccessScope",
+        "sso:PutApplicationAuthenticationMethod",
+        "sso:PutApplicationGrant"
       ]
     },
     "delete": {
       "permissions": [
         "kms:RetireGrant",
         "qbusiness:DeleteApplication",
-        "qbusiness:GetApplication"
+        "qbusiness:GetApplication",
+        "sso:DeleteApplication"
       ]
     },
     "list": {

diff --git a/aws-qbusiness-application/pom.xml b/aws-qbusiness-application/pom.xml
@@ -55,19 +55,19 @@
         <dependency>
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>qbusiness</artifactId>
-            <version>2.23.12</version>
+            <version>2.25.42</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/software.amazon.awssdk/aws-core -->
         <dependency>
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>aws-core</artifactId>
-            <version>2.23.12</version>
+            <version>2.25.42</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/software.amazon.awssdk/sdk-core -->
         <dependency>
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>sdk-core</artifactId>
-            <version>2.23.12</version>
+            <version>2.25.42</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/org.assertj/assertj-core -->
         <dependency>

diff --git a/...qbusiness-application/src/main/java/software/amazon/qbusiness/application/Translator.java b/...qbusiness-application/src/main/java/software/amazon/qbusiness/application/Translator.java
@@ -18,6 +18,7 @@
 import software.amazon.awssdk.services.qbusiness.model.TagResourceRequest;
 import software.amazon.awssdk.services.qbusiness.model.UntagResourceRequest;
 import software.amazon.awssdk.services.qbusiness.model.UpdateApplicationRequest;
+import software.amazon.cloudformation.exceptions.CfnInvalidRequestException;
 import software.amazon.cloudformation.proxy.ResourceHandlerRequest;
 
 /**
@@ -36,10 +37,15 @@ public class Translator {
    * @return awsRequest the aws service request to create a resource
    */
   static CreateApplicationRequest translateToCreateRequest(final String idempotentToken, final ResourceModel model) {
+    // https://w.amazon.com/bin/view/AWS21/Design/Uluru/Onboarding_Guide/ModelingGuidelines#HRequiredWriteOnlyProperties
+    if (model.getIdentityCenterInstanceArn() == null) {
+      throw new CfnInvalidRequestException("IdentityCenterInstanceArn is required.");
+    }
     return CreateApplicationRequest.builder()
         .clientToken(idempotentToken)
         .displayName(model.getDisplayName())
         .roleArn(model.getRoleArn())
+        .identityCenterInstanceArn(model.getIdentityCenterInstanceArn())
         .description(model.getDescription())
         .encryptionConfiguration(toServiceEncryptionConfig(model.getEncryptionConfiguration()))
         .attachmentsConfiguration(toServiceAttachmentConfiguration(model.getAttachmentsConfiguration()))
@@ -79,6 +85,7 @@ static ResourceModel translateFromReadResponse(final GetApplicationResponse awsR
         .applicationId(awsResponse.applicationId())
         .applicationArn(awsResponse.applicationArn())
         .roleArn(awsResponse.roleArn())
+        .identityCenterApplicationArn(awsResponse.identityCenterApplicationArn())
         .status(awsResponse.statusAsString())
         .description(awsResponse.description())
         .createdAt(instantToString(awsResponse.createdAt()))
@@ -176,6 +183,7 @@ static UpdateApplicationRequest translateToUpdateRequest(final ResourceModel mod
         .displayName(model.getDisplayName())
         .description(model.getDescription())
         .roleArn(model.getRoleArn())
+        .identityCenterInstanceArn(model.getIdentityCenterInstanceArn())
         .attachmentsConfiguration(toServiceAttachmentConfiguration(model.getAttachmentsConfiguration()))
         .build();
   }
@@ -203,6 +211,10 @@ static List<ResourceModel> translateFromListResponse(final ListApplicationsRespo
         .stream()
         .map(application -> ResourceModel.builder()
             .applicationId(application.applicationId())
+            .displayName(application.displayName())
+            .createdAt(instantToString(application.createdAt()))
+            .updatedAt(instantToString(application.updatedAt()))
+            .status(application.statusAsString())
             .build()
         )
         .toList();

diff --git a/aws-qbusiness-application/src/main/java/software/amazon/qbusiness/application/Utils.java b/aws-qbusiness-application/src/main/java/software/amazon/qbusiness/application/Utils.java
@@ -22,7 +22,6 @@ public static String buildApplicationArn(final ResourceHandlerRequest<ResourceMo
     var applicationId = model.getApplicationId();
     return buildApplicationArn(partition, region, accountId, applicationId);
   }
-
   private static String buildApplicationArn(
       @NonNull String partition,
       @NonNull String region,

diff --git a/...ss-application/src/test/java/software/amazon/qbusiness/application/CreateHandlerTest.java b/...ss-application/src/test/java/software/amazon/qbusiness/application/CreateHandlerTest.java
@@ -90,6 +90,7 @@ public void setup() {
         .displayName("TheMeta")
         .description("A Description")
         .roleArn("such role, very arn")
+        .identityCenterInstanceArn("arn:aws:sso:::instance/ssoins")
         .build();
 
     testRequest = ResourceHandlerRequest.<ResourceModel>builder()

diff --git a/...ness-application/src/test/java/software/amazon/qbusiness/application/ReadHandlerTest.java b/...ness-application/src/test/java/software/amazon/qbusiness/application/ReadHandlerTest.java
@@ -106,6 +106,7 @@ public void handleRequest_SimpleSuccess() {
             .updatedAt(Instant.ofEpochMilli(1697839335000L))
             .description("this is a description, there are many like it but this one is mine.")
             .displayName("Foobar")
+            .identityCenterApplicationArn("arn:aws:sso::123456789012:application/ssoins/apl")
             .status(ApplicationStatus.ACTIVE)
             .encryptionConfiguration(EncryptionConfiguration.builder()
                 .kmsKeyId("keyblade")
@@ -141,6 +142,7 @@ proxy, testRequest, new CallbackContext(), proxyClient, logger
     assertThat(resultModel.getApplicationId()).isEqualTo(APP_ID);
     assertThat(resultModel.getApplicationArn()).isEqualTo("this-is-an-arn-there-are-many-like-it-but-this-one-is-mine");
     assertThat(resultModel.getRoleArn()).isEqualTo("role1");
+    assertThat(resultModel.getIdentityCenterApplicationArn()).isEqualTo("arn:aws:sso::123456789012:application/ssoins/apl");
     assertThat(resultModel.getCreatedAt()).isEqualTo("2023-10-20T18:02:15Z");
     assertThat(resultModel.getUpdatedAt()).isEqualTo("2023-10-20T22:02:15Z");
     assertThat(resultModel.getDescription()).isEqualTo("this is a description, there are many like it but this one is mine.");

diff --git a/...ss-application/src/test/java/software/amazon/qbusiness/application/UpdateHandlerTest.java b/...ss-application/src/test/java/software/amazon/qbusiness/application/UpdateHandlerTest.java
@@ -92,6 +92,7 @@ public void setup() {
             .attachmentsControlMode(AttachmentsControlMode.DISABLED.toString())
             .build()
         )
+        .identityCenterInstanceArn("arn:aws:sso:::instance/before")
         .tags(List.of(
             Tag.builder().key("remain").value("thesame").build(),
             Tag.builder().key("toremove").value("nolongerthere").build(),
@@ -108,6 +109,7 @@ public void setup() {
             .attachmentsControlMode(AttachmentsControlMode.ENABLED.toString())
             .build()
         )
+        .identityCenterInstanceArn("arn:aws:sso:::instance/after")
         .tags(List.of(
             Tag.builder().key("remain").value("thesame").build(),
             Tag.builder().key("iwillchange").value("nowanewvalue").build(),
@@ -179,6 +181,7 @@ proxy, testRequest, new CallbackContext(), proxyClient, logger
     assertThat(updateAppRequest.displayName()).isEqualTo("New Phone Who dis");
     assertThat(updateAppRequest.description()).isEqualTo("It's a new description");
     assertThat(updateAppRequest.roleArn()).isEqualTo("now-better-role");
+    assertThat(updateAppRequest.identityCenterInstanceArn()).isEqualTo("arn:aws:sso:::instance/after");
     assertThat(updateAppRequest.attachmentsConfiguration()).isEqualTo(software.amazon.awssdk.services.qbusiness.model.AttachmentsConfiguration.builder()
         .attachmentsControlMode(AttachmentsControlMode.ENABLED)
         .build());

diff --git a/aws-qbusiness-datasource/aws-qbusiness-datasource.json b/aws-qbusiness-datasource/aws-qbusiness-datasource.json
@@ -346,6 +346,8 @@
     }
   },
   "required": [
+    "ApplicationId",
+    "IndexId",
     "Configuration",
     "DisplayName"
   ],

diff --git a/aws-qbusiness-datasource/pom.xml b/aws-qbusiness-datasource/pom.xml
@@ -30,13 +30,13 @@
         <dependency>
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>qbusiness</artifactId>
-            <version>2.23.12</version>
+            <version>2.25.42</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/software.amazon.awssdk/sdk-core -->
         <dependency>
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>sdk-core</artifactId>
-            <version>2.23.12</version>
+            <version>2.25.42</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/org.projectlombok/lombok -->
         <dependency>

diff --git a/aws-qbusiness-index/aws-qbusiness-index.json b/aws-qbusiness-index/aws-qbusiness-index.json
@@ -1,7 +1,6 @@
 {
   "typeName": "AWS::QBusiness::Index",
   "description": "Definition of AWS::QBusiness::Index Resource Type",
-  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
   "definitions": {
     "AttributeType": {
       "type": "string",
@@ -17,8 +16,9 @@
       "properties": {
         "Name": {
           "type": "string",
-          "maxLength": 2048,
-          "minLength": 1
+          "maxLength": 30,
+          "minLength": 1,
+          "pattern": "^[a-zA-Z0-9_][a-zA-Z0-9_-]*$"
         },
         "Type": {
           "$ref": "#/definitions/AttributeType"
@@ -58,6 +58,13 @@
         "UPDATING"
       ]
     },
+    "IndexType": {
+      "type": "string",
+      "enum": [
+        "ENTERPRISE",
+        "STARTER"
+      ]
+    },
     "Status": {
       "type": "string",
       "enum": [
@@ -98,10 +105,6 @@
         }
       },
       "additionalProperties": false
-    },
-    "Unit": {
-      "type": "object",
-      "additionalProperties": false
     }
   },
   "properties": {
@@ -154,6 +157,9 @@
     "IndexStatistics": {
       "$ref": "#/definitions/IndexStatistics"
     },
+    "Type": {
+      "$ref": "#/definitions/IndexType"
+    },
     "Status": {
       "$ref": "#/definitions/IndexStatus"
     },
@@ -172,6 +178,7 @@
     }
   },
   "required": [
+    "ApplicationId",
     "DisplayName"
   ],
   "readOnlyProperties": [
@@ -183,7 +190,8 @@
     "/properties/UpdatedAt"
   ],
   "createOnlyProperties": [
-    "/properties/ApplicationId"
+    "/properties/ApplicationId",
+    "/properties/Type"
   ],
   "primaryIdentifier": [
     "/properties/ApplicationId",
@@ -235,5 +243,9 @@
       }
     }
   },
+  "tagging": {
+    "taggable": true
+  },
+  "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
   "additionalProperties": false
 }
diff --git a/aws-qbusiness-index/pom.xml b/aws-qbusiness-index/pom.xml
@@ -37,13 +37,13 @@
         <dependency>
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>qbusiness</artifactId>
-            <version>2.23.12</version>
+            <version>2.25.42</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/software.amazon.awssdk/sdk-core -->
         <dependency>
             <groupId>software.amazon.awssdk</groupId>
             <artifactId>sdk-core</artifactId>
-            <version>2.23.12</version>
+            <version>2.25.42</version>
         </dependency>
         <!-- https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-api -->
         <dependency>

diff --git a/aws-qbusiness-index/src/main/java/software/amazon/qbusiness/index/Translator.java b/aws-qbusiness-index/src/main/java/software/amazon/qbusiness/index/Translator.java
@@ -43,6 +43,7 @@ static CreateIndexRequest translateToCreateRequest(final String idempotentToken,
         .displayName(model.getDisplayName())
         .applicationId(model.getApplicationId())
         .description(model.getDescription())
+        .type(model.getType())
         .capacityConfiguration(toServiceCapacityConfiguration(model.getCapacityConfiguration()))
         .tags(TagHelper.serviceTagsFromCfnTags(model.getTags()))
         .build();
@@ -90,6 +91,7 @@ static ResourceModel translateFromReadResponse(final GetIndexResponse awsRespons
         .indexStatistics(fromServiceIndexStatistics(awsResponse.indexStatistics()))
         .status(awsResponse.statusAsString())
         .description(awsResponse.description())
+        .type(awsResponse.typeAsString())
         .documentAttributeConfigurations(fromServiceDocumentAttributeConfigurations(awsResponse.documentAttributeConfigurations()))
         .createdAt(instantToString(awsResponse.createdAt()))
         .updatedAt(instantToString(awsResponse.updatedAt()))