-
Notifications
You must be signed in to change notification settings - Fork 154
/
data_source_huaweicloud_identity_custom_role.go
131 lines (115 loc) · 3.41 KB
/
data_source_huaweicloud_identity_custom_role.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package iam
import (
"context"
"encoding/json"
"log"
"github.com/hashicorp/go-multierror"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/chnsz/golangsdk/openstack/identity/v3.0/policies"
"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/config"
"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/utils"
)
// @API IAM GET /v3.0/OS-ROLE/roles
func DataSourceIdentityCustomRole() *schema.Resource {
return &schema.Resource{
ReadContext: dataSourceIdentityCustomRoleRead,
Schema: map[string]*schema.Schema{
"name": {
Type: schema.TypeString,
Optional: true,
Computed: true,
AtLeastOneOf: []string{"name", "id"},
},
"id": {
Type: schema.TypeString,
Optional: true,
Computed: true,
AtLeastOneOf: []string{"name", "id"},
},
"domain_id": {
Type: schema.TypeString,
Optional: true,
Computed: true,
},
"references": {
Type: schema.TypeInt,
Optional: true,
Computed: true,
},
"description": {
Type: schema.TypeString,
Optional: true,
Computed: true,
},
"type": {
Type: schema.TypeString,
Optional: true,
Computed: true,
},
"catalog": {
Type: schema.TypeString,
Computed: true,
},
"policy": {
Type: schema.TypeString,
Computed: true,
},
},
}
}
func dataSourceIdentityCustomRoleRead(_ context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
cfg := meta.(*config.Config)
identityClient, err := cfg.IAMV3Client(cfg.GetRegion(d))
if err != nil {
return diag.Errorf("error creating IAM client: %s", err)
}
allPages, err := policies.List(identityClient).AllPages()
if err != nil {
return diag.Errorf("unable to query IAM custom policies: %s", err)
}
allPolicies, err := policies.ExtractPageRoles(allPages)
if err != nil {
return diag.Errorf("unable to extract IAM custom policies: %s", err)
}
conditions := map[string]interface{}{
"ID": d.Get("id").(string),
"Name": d.Get("name").(string),
"Type": d.Get("type").(string),
"Description": d.Get("description").(string),
"DomainId": d.Get("domain_id").(string),
"References": d.Get("references").(int),
}
filterPolicies, err := utils.FilterSliceWithField(allPolicies, conditions)
if err != nil {
return diag.Errorf("filter IAM custom policies failed: %s", err)
}
if len(filterPolicies) < 1 {
return diag.Errorf("your query returned no results. " +
"Please change your search criteria and try again.")
}
if len(filterPolicies) > 1 {
return diag.Errorf("your query returned more than one result. " +
"Please try a more specific search criteria.")
}
role := filterPolicies[0].(policies.Role)
log.Printf("[DEBUG] retrieve IAM custom policy: %#v", role)
policy, err := json.Marshal(role.Policy)
if err != nil {
return diag.Errorf("error marshaling the policy of IAM custom policy: %s", err)
}
d.SetId(role.ID)
mErr := multierror.Append(nil,
d.Set("name", role.Name),
d.Set("domain_id", role.DomainId),
d.Set("references", role.References),
d.Set("catalog", role.Catalog),
d.Set("description", role.Description),
d.Set("type", role.Type),
d.Set("policy", string(policy)),
)
if err = mErr.ErrorOrNil(); err != nil {
return diag.Errorf("error setting IAM custom policy fields: %s", err)
}
return nil
}