Merge pull request #10 from imperva/sarthak/dynamo_iam_role

Sarthak/dynamo_iam_role
imperva · Jun 19, 2024 · 55d1925 · 55d1925
2 parents acfa60a + cad496e
commit 55d1925
Show file tree

Hide file tree

Showing 7 changed files with 63 additions and 36 deletions.
diff --git a/dsfhub/client.go b/dsfhub/client.go
@@ -93,6 +93,7 @@ type AssetData struct {
 	AvailabilityZones      string            `json:"availability_zones,omitempty"`
 	AvailableRegions       []interface{}     `json:"available_regions,omitempty"`
 	AwsProxyConfig         *AwsProxyConfig   `json:"aws_proxy_config,omitempty"`
+	BucketAccountId        string            `json:"bucket_account_id,omitempty"`
 	CaCertsPath            string            `json:"ca_certs_path,omitempty"`
 	CaFile                 string            `json:"ca_file,omitempty"`
 	ClusterEngine          string            `json:"cluster_engine,omitempty"`

diff --git a/dsfhub/resource_asset_schema.go b/dsfhub/resource_asset_schema.go
@@ -1272,6 +1272,15 @@ var assetSchemaJson = `{
             "required": false,
             "type": "map"
         },
+        "BucketAccountId": {
+            "defaultValue": null,
+            "description": "AWS account ID",
+            "displayName": "Bucket Account ID",
+            "example": "123456789101",
+            "id": "bucket_account_id",
+            "required": false,
+            "type": "string" 
+        },
         "CaCertsPath": {
             "defaultValue": null,
             "description": "Certificate authority certificates path; what location should the sysetm look for certificate information from. Equivalent to --capath in a curl call",

diff --git a/dsfhub/resource_cloud_account.go b/dsfhub/resource_cloud_account.go
@@ -30,14 +30,14 @@ func resourceCloudAccount() *schema.Resource {
 			//	Required:    false,
 			//	Optional:    true,
 			//},
-			//"arn": {
-			//	Type:        schema.TypeString,
-			//	Description: "Amazon Resource Name - format is arn:partition:service:region:account-id and used as the asset_id",
-			//	Required:    false,
-			//	Optional:    true,
-			//	Computed:    true,
-			//	Default:     nil,
-			//},
+			"arn": {
+				Type:        schema.TypeString,
+				Description: "Amazon Resource Name - format is arn:partition:service:region:account-id and used as the asset_id",
+				Required:    false,
+				Optional:    true,
+				Computed:    true,
+				Default:     nil,
+			},
 			"asset_display_name": {
 				Type:        schema.TypeString,
 				Description: "User-friendly name of the asset, defined by user.",
@@ -538,7 +538,7 @@ func resourceCloudAccountRead(d *schema.ResourceData, m interface{}) error {
 	// Set returned and computed values
 	d.Set("admin_email", cloudAccountReadResponse.Data.AssetData.AdminEmail)
 	//d.Set("application", cloudAccountReadResponse.Data.AssetData.Application)
-	//d.Set("arn", cloudAccountReadResponse.Data.AssetData.Arn)
+	d.Set("arn", cloudAccountReadResponse.Data.AssetData.Arn)
 	d.Set("asset_display_name", cloudAccountReadResponse.Data.AssetData.AssetDisplayName)
 	d.Set("asset_id", cloudAccountReadResponse.Data.AssetData.AssetID)
 	d.Set("asset_source", cloudAccountReadResponse.Data.AssetData.AssetSource)

diff --git a/dsfhub/resource_common.go b/dsfhub/resource_common.go
@@ -102,8 +102,15 @@ func createResource(dsfDataSource *ResourceWrapper, serverType string, d *schema
 	}
 
 	// Check to see if AWS serverType, populate arn from asset_id
-	if ok := strings.HasPrefix(dsfDataSource.Data.ServerType, "AWS"); ok {
-		dsfDataSource.Data.AssetData.Arn = dsfDataSource.Data.AssetData.AssetID
+	arn_state := d.Get("arn").(string)
+	isAwsServerType := strings.HasPrefix(dsfDataSource.Data.ServerType, "AWS")
+	// fmt.Println(arn_state)
+	if isAwsServerType {
+		if arn_state == "" {
+			dsfDataSource.Data.AssetData.Arn = dsfDataSource.Data.AssetData.AssetID
+		} else {
+			dsfDataSource.Data.AssetData.Arn = arn_state
+		}
 	}
 
 	//  Iterate through asset_connection blocks in resource input

diff --git a/dsfhub/resource_data_source.go b/dsfhub/resource_data_source.go
@@ -44,14 +44,14 @@ func resourceDSFDataSource() *schema.Resource {
 			// 	Required:    false,
 			// 	Optional:    true,
 			// },
-			//"arn": {
-			//	Type:        schema.TypeString,
-			//	Description: "Amazon Resource Name - format is arn:partition:service:region:account-id:resource-type:resource-id and used as the asset_id",
-			//	Required:    false,
-			//	Optional:    true,
-			//	Computed:    true,
-			//	Default:     nil,
-			//},
+			"arn": {
+				Type:        schema.TypeString,
+				Description: "Amazon Resource Name - format is arn:partition:service:region:account-id:resource-type:resource-id and used as the asset_id",
+				Required:    false,
+				Optional:    true,
+				Computed:    true,
+				Default:     nil,
+			},
 			"asset_display_name": {
 				Type:        schema.TypeString,
 				Description: "User-friendly name of the asset, defined by user.",
@@ -1351,7 +1351,7 @@ func resourceDSFDataSourceRead(d *schema.ResourceData, m interface{}) error {
 	d.Set("admin_email", dsfDataSourceReadResponse.Data.AssetData.AdminEmail)
 	//d.Set("application", dsfDataSourceReadResponse.Data.AssetData.Application)
 	//d.Set("archive", dsfDataSourceReadResponse.Data.AssetData.Archive)
-	//d.Set("arn", dsfDataSourceReadResponse.Data.AssetData.Arn)
+	d.Set("arn", dsfDataSourceReadResponse.Data.AssetData.Arn)
 	d.Set("asset_display_name", dsfDataSourceReadResponse.Data.AssetData.AssetDisplayName)
 	d.Set("asset_id", dsfDataSourceReadResponse.Data.AssetData.AssetID)
 	d.Set("asset_source", dsfDataSourceReadResponse.Data.AssetData.AssetSource)

diff --git a/dsfhub/resource_log_aggregator.go b/dsfhub/resource_log_aggregator.go
@@ -30,14 +30,14 @@ func resourceLogAggregator() *schema.Resource {
 			//	Required:    false,
 			//	Optional:    true,
 			//},
-			//"arn": {
-			//	Type:        schema.TypeString,
-			//	Description: "Amazon Resource Name - format is arn:partition:service:region:account-id and used as the asset_id",
-			//	Required:    false,
-			//	Optional:    true,
-			//	Computed:    true,
-			//	Default:     nil,
-			//},
+			"arn": {
+				Type:        schema.TypeString,
+				Description: "Amazon Resource Name - format is arn:partition:service:region:account-id and used as the asset_id",
+				Required:    false,
+				Optional:    true,
+				Computed:    true,
+				Default:     nil,
+			},
 			"asset_display_name": {
 				Type:        schema.TypeString,
 				Description: "User-friendly name of the asset, defined by user.",
@@ -435,6 +435,13 @@ func resourceLogAggregator() *schema.Resource {
 					},
 				},
 			},
+			"bucket_account_id": {
+				Type:        schema.TypeString,
+				Description: "S3 bucket Account ID",
+				Required:    false,
+				Optional:    true,
+				Default:     nil,
+			},
 			"credentials_endpoint": {
 				Type:        schema.TypeString,
 				Description: "A specific sts endpoint to use",
@@ -668,13 +675,14 @@ func resourceLogAggregatorRead(d *schema.ResourceData, m interface{}) error {
 	// Set returned and computed values
 	d.Set("admin_email", logAggregatorReadResponse.Data.AssetData.AdminEmail)
 	//d.Set("application", logAggregatorReadResponse.Data.AssetData.Application)
-	//d.Set("arn", logAggregatorReadResponse.Data.AssetData.Arn)
+	d.Set("arn", logAggregatorReadResponse.Data.AssetData.Arn)
 	d.Set("asset_display_name", logAggregatorReadResponse.Data.AssetData.AssetDisplayName)
 	d.Set("asset_id", logAggregatorReadResponse.Data.AssetData.AssetID)
 	d.Set("asset_source", logAggregatorReadResponse.Data.AssetData.AssetSource)
 	d.Set("audit_pull_enabled", logAggregatorReadResponse.Data.AssetData.AuditPullEnabled)
 	d.Set("audit_type", logAggregatorReadResponse.Data.AssetData.AuditType)
 	d.Set("available_regions", logAggregatorReadResponse.Data.AssetData.AvailableRegions)
+	d.Set("bucket_account_id", logAggregatorReadResponse.Data.AssetData.BucketAccountId)
 	d.Set("credential_endpoint", logAggregatorReadResponse.Data.AssetData.CredentialsEndpoint)
 	d.Set("criticality", logAggregatorReadResponse.Data.AssetData.Criticality)
 	d.Set("gateway_id", logAggregatorReadResponse.Data.GatewayID)

diff --git a/dsfhub/resource_secret_manager.go b/dsfhub/resource_secret_manager.go
@@ -30,12 +30,14 @@ func resourceSecretManager() *schema.Resource {
 				Required:    false,
 				Optional:    true,
 			},
-			//"arn": {
-			//	Type:        schema.TypeString,
-			//	Description: "Amazon Resource Name - format is arn:partition:service:region:account-id and used as the asset_id",
-			//	Required:    false,
-			//	Optional:    true,
-			//},
+			"arn": {
+				Type:        schema.TypeString,
+				Description: "Amazon Resource Name - format is arn:partition:service:region:account-id and used as the asset_id",
+				Required:    false,
+				Optional:    true,
+				Computed:    true,
+				Default:     nil,
+			},
 			"asset_display_name": {
 				Type:        schema.TypeString,
 				Description: "User-friendly name of the asset, defined by user.",
@@ -539,7 +541,7 @@ func resourceSecretManagerRead(d *schema.ResourceData, m interface{}) error {
 	// Set returned and computed values
 	d.Set("admin_email", secretManagerReadResponse.Data.AssetData.AdminEmail)
 	d.Set("application", secretManagerReadResponse.Data.AssetData.Application)
-	//d.Set("arn", secretManagerReadResponse.Data.AssetData.Arn)
+	d.Set("arn", secretManagerReadResponse.Data.AssetData.Arn)
 	d.Set("asset_display_name", secretManagerReadResponse.Data.AssetData.AssetDisplayName)
 	d.Set("asset_id", secretManagerReadResponse.Data.AssetData.AssetID)
 	d.Set("asset_source", secretManagerReadResponse.Data.AssetData.AssetSource)