Skip to content

Commit

Permalink
fix: Convert SingleNestedBlocks to ListNestedBlocks and fix arg requi…
Browse files Browse the repository at this point in the history 
…red states for aws_paymentcryptography_key (#41379)
  • Loading branch information
@acwwat
acwwat authored Feb 14, 2025
1 parent 03dcb0c commit 44e7b1b
Show file tree
Hide file tree
Showing 3 changed files with 125 additions and 100 deletions.
3 changes: 3 additions & 0 deletions .changelog/41379.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_paymentcryptography_key: Set `key_attributes` and `key_attributes.*.key_modes_of_use` arguments to required
```
212 changes: 112 additions & 100 deletions internal/service/paymentcryptography/key.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
awstypes "github.com/aws/aws-sdk-go-v2/service/paymentcryptography/types"
"github.com/hashicorp/terraform-plugin-framework-timeouts/resource/timeouts"
"github.com/hashicorp/terraform-plugin-framework-validators/int64validator"
"github.com/hashicorp/terraform-plugin-framework-validators/listvalidator"
"github.com/hashicorp/terraform-plugin-framework/path"
"github.com/hashicorp/terraform-plugin-framework/resource"
"github.com/hashicorp/terraform-plugin-framework/resource/schema"
Expand All @@ -34,7 +35,6 @@ import (
"github.com/hashicorp/terraform-provider-aws/names"
)

// Function annotations are used for resource registration to the Provider. DO NOT EDIT.
// @FrameworkResource("aws_paymentcryptography_key", name="Key")
// @Tags(identifierAttribute="arn")
func newResourceKey(_ context.Context) (resource.ResourceWithConfigure, error) {
Expand Down Expand Up @@ -120,105 +120,117 @@ func (r *resourceKey) Schema(ctx context.Context, request resource.SchemaRequest
names.AttrTagsAll: tftags.TagsAttributeComputedOnly(),
},
Blocks: map[string]schema.Block{
"key_attributes": schema.SingleNestedBlock{
CustomType: fwtypes.NewObjectTypeOf[keyAttributesModel](ctx),
Attributes: map[string]schema.Attribute{
"key_algorithm": schema.StringAttribute{
Required: true,
CustomType: fwtypes.StringEnumType[awstypes.KeyAlgorithm](),
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
},
"key_class": schema.StringAttribute{
Required: true,
CustomType: fwtypes.StringEnumType[awstypes.KeyClass](),
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
},
"key_usage": schema.StringAttribute{
Required: true,
CustomType: fwtypes.StringEnumType[awstypes.KeyUsage](),
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
},
"key_attributes": schema.ListNestedBlock{
CustomType: fwtypes.NewListNestedObjectTypeOf[keyAttributesModel](ctx),
Validators: []validator.List{
listvalidator.IsRequired(),
listvalidator.SizeBetween(1, 1),
},
Blocks: map[string]schema.Block{
"key_modes_of_use": schema.SingleNestedBlock{
CustomType: fwtypes.NewObjectTypeOf[keyModesOfUseModel](ctx),
Attributes: map[string]schema.Attribute{
"decrypt": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"derive_key": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"encrypt": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
NestedObject: schema.NestedBlockObject{
Attributes: map[string]schema.Attribute{
"key_algorithm": schema.StringAttribute{
Required: true,
CustomType: fwtypes.StringEnumType[awstypes.KeyAlgorithm](),
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
"generate": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"no_restrictions": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"sign": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"key_class": schema.StringAttribute{
Required: true,
CustomType: fwtypes.StringEnumType[awstypes.KeyClass](),
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
"unwrap": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"key_usage": schema.StringAttribute{
Required: true,
CustomType: fwtypes.StringEnumType[awstypes.KeyUsage](),
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
},
"verify": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
},
Blocks: map[string]schema.Block{
"key_modes_of_use": schema.ListNestedBlock{
CustomType: fwtypes.NewListNestedObjectTypeOf[keyModesOfUseModel](ctx),
Validators: []validator.List{
listvalidator.IsRequired(),
listvalidator.SizeBetween(1, 1),
},
"wrap": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
NestedObject: schema.NestedBlockObject{
Attributes: map[string]schema.Attribute{
"decrypt": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"derive_key": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"encrypt": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"generate": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"no_restrictions": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"sign": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"unwrap": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"verify": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
"wrap": schema.BoolAttribute{
Optional: true,
Computed: true,
PlanModifiers: []planmodifier.Bool{
boolplanmodifier.RequiresReplace(),
boolplanmodifier.UseStateForUnknown(),
},
},
},
},
},
Expand Down Expand Up @@ -509,7 +521,7 @@ type resourceKeyModel struct {
Enabled types.Bool `tfsdk:"enabled"`
Exportable types.Bool `tfsdk:"exportable"`
ID types.String `tfsdk:"id"`
KeyAttributes fwtypes.ObjectValueOf[keyAttributesModel] `tfsdk:"key_attributes"`
KeyAttributes fwtypes.ListNestedObjectValueOf[keyAttributesModel] `tfsdk:"key_attributes"`
KeyCheckValue types.String `tfsdk:"key_check_value"`
KeyCheckValueAlgorithm fwtypes.StringEnum[awstypes.KeyCheckValueAlgorithm] `tfsdk:"key_check_value_algorithm"`
KeyOrigin fwtypes.StringEnum[awstypes.KeyOrigin] `tfsdk:"key_origin"`
Expand All @@ -524,10 +536,10 @@ func (k *resourceKeyModel) setId() {
}

type keyAttributesModel struct {
KeyAlgorithm fwtypes.StringEnum[awstypes.KeyAlgorithm] `tfsdk:"key_algorithm"`
KeyClass fwtypes.StringEnum[awstypes.KeyClass] `tfsdk:"key_class"`
KeyModesOfUse fwtypes.ObjectValueOf[keyModesOfUseModel] `tfsdk:"key_modes_of_use"`
KeyUsage fwtypes.StringEnum[awstypes.KeyUsage] `tfsdk:"key_usage"`
KeyAlgorithm fwtypes.StringEnum[awstypes.KeyAlgorithm] `tfsdk:"key_algorithm"`
KeyClass fwtypes.StringEnum[awstypes.KeyClass] `tfsdk:"key_class"`
KeyModesOfUse fwtypes.ListNestedObjectValueOf[keyModesOfUseModel] `tfsdk:"key_modes_of_use"`
KeyUsage fwtypes.StringEnum[awstypes.KeyUsage] `tfsdk:"key_usage"`
}

type keyModesOfUseModel struct {
Expand Down
10 changes: 10 additions & 0 deletions internal/service/paymentcryptography/key_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,16 @@ func TestAccPaymentCryptographyKey_basic(t *testing.T) {
Check: resource.ComposeTestCheckFunc(
testAccCheckKeyExists(ctx, resourceName, &key),
resource.TestCheckResourceAttr(resourceName, names.AttrEnabled, acctest.CtTrue),
resource.TestCheckResourceAttr(resourceName, "exportable", acctest.CtTrue),
resource.TestCheckResourceAttr(resourceName, "key_attributes.#", "1"),
resource.TestCheckResourceAttr(resourceName, "key_attributes.0.key_algorithm", "TDES_3KEY"),
resource.TestCheckResourceAttr(resourceName, "key_attributes.0.key_class", "SYMMETRIC_KEY"),
resource.TestCheckResourceAttr(resourceName, "key_attributes.0.key_usage", "TR31_P0_PIN_ENCRYPTION_KEY"),
resource.TestCheckResourceAttr(resourceName, "key_attributes.0.key_modes_of_use.#", "1"),
resource.TestCheckResourceAttr(resourceName, "key_attributes.0.key_modes_of_use.0.decrypt", acctest.CtTrue),
resource.TestCheckResourceAttr(resourceName, "key_attributes.0.key_modes_of_use.0.encrypt", acctest.CtTrue),
resource.TestCheckResourceAttr(resourceName, "key_attributes.0.key_modes_of_use.0.wrap", acctest.CtTrue),
resource.TestCheckResourceAttr(resourceName, "key_attributes.0.key_modes_of_use.0.unwrap", acctest.CtTrue),
acctest.MatchResourceAttrRegionalARN(ctx, resourceName, names.AttrARN, "payment-cryptography", regexache.MustCompile(`key/.+`)),
),
},
Expand Down

0 comments on commit 44e7b1b

Please sign in to comment.