From bc5f879fcdda67c08ebe6c6bd66996cbe690f94f Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Wed, 26 Mar 2025 11:46:14 +0000 Subject: [PATCH 01/14] init --- docs/data-sources/resource_policies.md | 2 ++ docs/data-sources/resource_policy.md | 1 + docs/resources/resource_policy.md | 4 ++++ examples/mongodbatlas_resource_policy/main.tf | 2 ++ internal/service/resourcepolicy/model.go | 5 ++++- internal/service/resourcepolicy/resource.go | 13 +++++++++---- internal/service/resourcepolicy/resource_schema.go | 5 +++++ internal/service/resourcepolicy/resource_test.go | 5 +++-- 8 files changed, 30 insertions(+), 7 deletions(-) diff --git a/docs/data-sources/resource_policies.md b/docs/data-sources/resource_policies.md index 5445839eeb..9a79a66fe5 100644 --- a/docs/data-sources/resource_policies.md +++ b/docs/data-sources/resource_policies.md @@ -107,6 +107,7 @@ Read-Only: - `created_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--resource_policies--created_by_user)) - `created_date` (String) Date and time in UTC when the Atlas resource policy was created. +- `description` (String) Description of the atlas resource policy. - `id` (String) Unique 24-hexadecimal digit string that identifies an Atlas resource policy. - `last_updated_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--resource_policies--last_updated_by_user)) - `last_updated_date` (String) Date and time in UTC when the Atlas resource policy was last updated. @@ -150,6 +151,7 @@ Read-Only: - `created_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--results--created_by_user)) - `created_date` (String) Date and time in UTC when the Atlas resource policy was created. +- `description` (String) Description of the atlas resource policy. - `id` (String) Unique 24-hexadecimal digit string that identifies an Atlas resource policy. - `last_updated_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--results--last_updated_by_user)) - `last_updated_date` (String) Date and time in UTC when the Atlas resource policy was last updated. diff --git a/docs/data-sources/resource_policy.md b/docs/data-sources/resource_policy.md index 8f2ed405d4..889eddf919 100644 --- a/docs/data-sources/resource_policy.md +++ b/docs/data-sources/resource_policy.md @@ -100,6 +100,7 @@ output "policy_ids" { - `created_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--created_by_user)) - `created_date` (String) Date and time in UTC when the Atlas resource policy was created. +- `description` (String) Description of the atlas resource policy. - `last_updated_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--last_updated_by_user)) - `last_updated_date` (String) Date and time in UTC when the Atlas resource policy was last updated. - `name` (String) Human-readable label that describes the Atlas resource policy. diff --git a/docs/resources/resource_policy.md b/docs/resources/resource_policy.md index 9961806d66..4eaf039b5f 100644 --- a/docs/resources/resource_policy.md +++ b/docs/resources/resource_policy.md @@ -99,6 +99,10 @@ output "policy_ids" { - `org_id` (String) Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the [/orgs](#tag/Organizations/operation/listOrganizations) endpoint to retrieve all organizations to which the authenticated user has access. - `policies` (Attributes List) List of policies that make up the Atlas resource policy. (see [below for nested schema](#nestedatt--policies)) +### Optional + +- `description` (String) Description of the atlas resource policy. + ### Read-Only - `created_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--created_by_user)) diff --git a/examples/mongodbatlas_resource_policy/main.tf b/examples/mongodbatlas_resource_policy/main.tf index 9ff857470e..698faec290 100644 --- a/examples/mongodbatlas_resource_policy/main.tf +++ b/examples/mongodbatlas_resource_policy/main.tf @@ -1,6 +1,7 @@ resource "mongodbatlas_resource_policy" "project_ip_access_list" { org_id = var.org_id name = "forbid-access-from-anywhere" + description = "Forbids access from anywhere" policies = [ { @@ -21,6 +22,7 @@ EOF resource "mongodbatlas_resource_policy" "cloud_provider" { org_id = var.org_id name = "forbid-cloud-provider" + description = "Forbids AWS and Azure for clusters" policies = [ { body = templatefile("${path.module}/cloud-provider.cedar", { diff --git a/internal/service/resourcepolicy/model.go b/internal/service/resourcepolicy/model.go index 78bcba2a11..a781bcbf01 100644 --- a/internal/service/resourcepolicy/model.go +++ b/internal/service/resourcepolicy/model.go @@ -3,10 +3,12 @@ package resourcepolicy import ( "context" + "go.mongodb.org/atlas-sdk/v20250219001/admin" + "github.com/hashicorp/terraform-plugin-framework/diag" "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/mongodb/terraform-provider-mongodbatlas/internal/common/conversion" - "go.mongodb.org/atlas-sdk/v20250219001/admin" ) func NewTFModel(ctx context.Context, input *admin.ApiAtlasResourcePolicy) (*TFModel, diag.Diagnostics) { @@ -24,6 +26,7 @@ func NewTFModel(ctx context.Context, input *admin.ApiAtlasResourcePolicy) (*TFMo LastUpdatedByUser: lastUpdatedByUser, LastUpdatedDate: types.StringPointerValue(conversion.TimePtrToStringPtr(input.LastUpdatedDate)), Name: types.StringPointerValue(input.Name), + Description: types.StringPointerValue(input.Description), OrgID: types.StringPointerValue(input.OrgId), Policies: policies, Version: types.StringPointerValue(input.Version), diff --git a/internal/service/resourcepolicy/resource.go b/internal/service/resourcepolicy/resource.go index 2c51b6079f..15ab83ff9e 100644 --- a/internal/service/resourcepolicy/resource.go +++ b/internal/service/resourcepolicy/resource.go @@ -80,8 +80,9 @@ func (r *resourcePolicyRS) Create(ctx context.Context, req resource.CreateReques connV2 := r.Client.AtlasV2 policySDK, _, err := connV2.ResourcePoliciesApi.CreateAtlasResourcePolicy(ctx, orgID, &admin.ApiAtlasResourcePolicyCreate{ - Name: plan.Name.ValueString(), - Policies: policies, + Name: plan.Name.ValueString(), + Description: plan.Description.ValueStringPointer(), + Policies: policies, }).Execute() if err != nil { resp.Diagnostics.AddError(errorCreate, err.Error()) @@ -134,8 +135,12 @@ func (r *resourcePolicyRS) Update(ctx context.Context, req resource.UpdateReques connV2 := r.Client.AtlasV2 policies := NewAdminPolicies(ctx, plan.Policies) editAdmin := admin.ApiAtlasResourcePolicyEdit{ - Name: plan.Name.ValueStringPointer(), - Policies: &policies, + Name: plan.Name.ValueStringPointer(), + Description: plan.Description.ValueStringPointer(), + Policies: &policies, + } + if editAdmin.Description == nil { + editAdmin.Description = conversion.StringPtr("") } policySDK, _, err := connV2.ResourcePoliciesApi.UpdateAtlasResourcePolicy(ctx, orgID, resourcePolicyID, &editAdmin).Execute() diff --git a/internal/service/resourcepolicy/resource_schema.go b/internal/service/resourcepolicy/resource_schema.go index 067fd0e6bf..1d8e9694af 100644 --- a/internal/service/resourcepolicy/resource_schema.go +++ b/internal/service/resourcepolicy/resource_schema.go @@ -60,6 +60,10 @@ func ResourceSchema(ctx context.Context) schema.Schema { MarkdownDescription: "Human-readable label that describes the Atlas resource policy.", Required: true, }, + "description": schema.StringAttribute{ + MarkdownDescription: "Description of the atlas resource policy.", + Optional: true, + }, "org_id": schema.StringAttribute{ MarkdownDescription: "Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the [/orgs](#tag/Organizations/operation/listOrganizations) endpoint to retrieve all organizations to which the authenticated user has access.", Required: true, @@ -98,6 +102,7 @@ type TFModel struct { LastUpdatedByUser types.Object `tfsdk:"last_updated_by_user"` LastUpdatedDate types.String `tfsdk:"last_updated_date"` Name types.String `tfsdk:"name"` + Description types.String `tfsdk:"description"` OrgID types.String `tfsdk:"org_id"` Version types.String `tfsdk:"version"` Policies []TFPolicyModel `tfsdk:"policies"` diff --git a/internal/service/resourcepolicy/resource_test.go b/internal/service/resourcepolicy/resource_test.go index fad86921aa..a0fbacb69e 100644 --- a/internal/service/resourcepolicy/resource_test.go +++ b/internal/service/resourcepolicy/resource_test.go @@ -9,6 +9,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" + "github.com/mongodb/terraform-provider-mongodbatlas/internal/testutil/acc" ) @@ -176,7 +177,7 @@ func configBasic(orgID, policyName string) string { return configWithPolicyBodies(orgID, policyName, validPolicyForbidAwsCloudProvider) } -func configWithPolicyBodies(orgID, policyName string, bodies ...string) string { +func configWithPolicyBodies(orgID, policyName string, description string, bodies ...string) string { policies := "" for _, body := range bodies { policies += fmt.Sprintf(` @@ -203,7 +204,7 @@ data "mongodbatlas_resource_policy" "test" { data "mongodbatlas_resource_policies" "test" { org_id = mongodbatlas_resource_policy.test.org_id } - `, orgID, policyName, policies) + `, orgID, policyName, policies, description) } func checkImportStateIDFunc(resourceID string) resource.ImportStateIdFunc { From e265633ebf6ee9d29c26d40550bb524b573297fc Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Wed, 26 Mar 2025 11:49:26 +0000 Subject: [PATCH 02/14] changelog --- .changelog/3214.txt | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .changelog/3214.txt diff --git a/.changelog/3214.txt b/.changelog/3214.txt new file mode 100644 index 0000000000..63db5dbc8a --- /dev/null +++ b/.changelog/3214.txt @@ -0,0 +1,11 @@ +```release-note:enhancement +resource/mongodbatlas_resource_policy: Adds support for new `description` field +``` + +```release-note:enhancement +data-source/mongodbatlas_resource_policy: Adds support for new `description` field +``` + +```release-note:enhancement +data-source/mongodbatlas_resource_policies: Adds support for new `description` field +``` \ No newline at end of file From 1ea84036c4494d9d5db99c4ef0d274201f05e124 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Wed, 26 Mar 2025 12:49:13 +0000 Subject: [PATCH 03/14] minor --- internal/service/resourcepolicy/resource.go | 2 +- .../service/resourcepolicy/resource_test.go | 35 ++++++++++++------- 2 files changed, 23 insertions(+), 14 deletions(-) diff --git a/internal/service/resourcepolicy/resource.go b/internal/service/resourcepolicy/resource.go index 15ab83ff9e..ddb6863f24 100644 --- a/internal/service/resourcepolicy/resource.go +++ b/internal/service/resourcepolicy/resource.go @@ -140,7 +140,7 @@ func (r *resourcePolicyRS) Update(ctx context.Context, req resource.UpdateReques Policies: &policies, } if editAdmin.Description == nil { - editAdmin.Description = conversion.StringPtr("") + editAdmin.Description = conversion.Pointer("") } policySDK, _, err := connV2.ResourcePoliciesApi.UpdateAtlasResourcePolicy(ctx, orgID, resourcePolicyID, &editAdmin).Execute() diff --git a/internal/service/resourcepolicy/resource_test.go b/internal/service/resourcepolicy/resource_test.go index a0fbacb69e..79fa65a37a 100644 --- a/internal/service/resourcepolicy/resource_test.go +++ b/internal/service/resourcepolicy/resource_test.go @@ -10,6 +10,7 @@ import ( "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/hashicorp/terraform-plugin-testing/terraform" + "github.com/mongodb/terraform-provider-mongodbatlas/internal/common/conversion" "github.com/mongodb/terraform-provider-mongodbatlas/internal/testutil/acc" ) @@ -64,6 +65,7 @@ func basicTestCase(t *testing.T) *resource.TestCase { orgID = os.Getenv("MONGODB_ATLAS_ORG_ID") policyName = "test-policy" updatedName = "updated-policy" + description = conversion.StringPtr("test-description") ) return &resource.TestCase{ // Need sequential execution for assertions to be deterministic (plural data source) PreCheck: func() { acc.PreCheckBasic(t) }, @@ -71,15 +73,15 @@ func basicTestCase(t *testing.T) *resource.TestCase { CheckDestroy: checkDestroy, Steps: []resource.TestStep{ { - Config: configBasic(orgID, policyName), + Config: configBasic(orgID, policyName, description), Check: checksResourcePolicy(orgID, policyName, 1), }, { - Config: configBasic(orgID, updatedName), + Config: configBasic(orgID, updatedName, nil), Check: checksResourcePolicy(orgID, updatedName, 1), }, { - Config: configBasic(orgID, updatedName), + Config: configBasic(orgID, updatedName, nil), ResourceName: resourceID, ImportStateIdFunc: checkImportStateIDFunc(resourceID), ImportState: true, @@ -99,11 +101,11 @@ func TestAccResourcePolicy_multipleNestedPolicies(t *testing.T) { CheckDestroy: checkDestroy, Steps: []resource.TestStep{ { - Config: configWithPolicyBodies(orgID, "test-policy-multiple", validPolicyForbidAwsCloudProvider, validPolicyProjectForbidIPAccessAnywhere), + Config: configWithPolicyBodies(orgID, "test-policy-multiple", nil, validPolicyForbidAwsCloudProvider, validPolicyProjectForbidIPAccessAnywhere), Check: checksResourcePolicy(orgID, "test-policy-multiple", 2), }, { - Config: configWithPolicyBodies(orgID, "test-policy-multiple", validPolicyForbidAwsCloudProvider, validPolicyProjectForbidIPAccessAnywhere), + Config: configWithPolicyBodies(orgID, "test-policy-multiple", nil, validPolicyForbidAwsCloudProvider, validPolicyProjectForbidIPAccessAnywhere), ResourceName: resourceID, ImportStateIdFunc: checkImportStateIDFunc(resourceID), ImportState: true, @@ -126,15 +128,15 @@ func TestAccResourcePolicy_invalidConfig(t *testing.T) { CheckDestroy: checkDestroy, Steps: []resource.TestStep{ { - Config: configWithPolicyBodies(orgID, policyName, invalidPolicyMissingComma), + Config: configWithPolicyBodies(orgID, policyName, nil, invalidPolicyMissingComma), ExpectError: regexp.MustCompile("unexpected token `resource`"), }, { - Config: configWithPolicyBodies(orgID, policyName, invalidPolicyUnknownCloudProvider), + Config: configWithPolicyBodies(orgID, policyName, nil, invalidPolicyUnknownCloudProvider), ExpectError: regexp.MustCompile(`entity id aws222 does not exist in the context of this organization`), }, { - Config: configWithPolicyBodies(orgID, policyName, validPolicyForbidAwsCloudProvider, invalidPolicyUnknownCloudProvider), + Config: configWithPolicyBodies(orgID, policyName, nil, validPolicyForbidAwsCloudProvider, invalidPolicyUnknownCloudProvider), ExpectError: regexp.MustCompile(`entity id aws222 does not exist in the context of this organization`), }, }, @@ -173,11 +175,16 @@ func checksResourcePolicy(orgID, name string, policyCount int) resource.TestChec return acc.CheckRSAndDS(resourceID, &dataSourceID, nil, attrSet, attrMap, resource.ComposeAggregateTestCheckFunc(checks...)) } -func configBasic(orgID, policyName string) string { - return configWithPolicyBodies(orgID, policyName, validPolicyForbidAwsCloudProvider) +func configBasic(orgID, policyName string, description *string) string { + return configWithPolicyBodies(orgID, policyName, description, validPolicyForbidAwsCloudProvider) } -func configWithPolicyBodies(orgID, policyName string, description string, bodies ...string) string { +func configWithPolicyBodies(orgID, policyName string, description *string, bodies ...string) string { + descriptionStr := "" + if description != nil { + descriptionStr = fmt.Sprintf("description = %q", *description) + } + policies := "" for _, body := range bodies { policies += fmt.Sprintf(` @@ -192,9 +199,11 @@ func configWithPolicyBodies(orgID, policyName string, description string, bodies resource "mongodbatlas_resource_policy" "test" { org_id = %[1]q name = %[2]q + + %[3]s policies = [ -%s + %[4]s ] } data "mongodbatlas_resource_policy" "test" { @@ -204,7 +213,7 @@ data "mongodbatlas_resource_policy" "test" { data "mongodbatlas_resource_policies" "test" { org_id = mongodbatlas_resource_policy.test.org_id } - `, orgID, policyName, policies, description) + `, orgID, policyName, descriptionStr, policies) } func checkImportStateIDFunc(resourceID string) resource.ImportStateIdFunc { From 4701e88d78fb703032899680e48cccc9947ac8c4 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Wed, 26 Mar 2025 12:54:18 +0000 Subject: [PATCH 04/14] add example to docs --- docs/data-sources/resource_policies.md | 2 ++ docs/data-sources/resource_policy.md | 2 ++ docs/resources/resource_policy.md | 2 ++ 3 files changed, 6 insertions(+) diff --git a/docs/data-sources/resource_policies.md b/docs/data-sources/resource_policies.md index 9a79a66fe5..41f59a443c 100644 --- a/docs/data-sources/resource_policies.md +++ b/docs/data-sources/resource_policies.md @@ -11,6 +11,7 @@ resource "mongodbatlas_resource_policy" "project_ip_access_list" { org_id = var.org_id name = "forbid-access-from-anywhere" + description = "Forbids access from anywhere" policies = [ { @@ -31,6 +32,7 @@ EOF resource "mongodbatlas_resource_policy" "cloud_provider" { org_id = var.org_id name = "forbid-cloud-provider" + description = "Forbids AWS and Azure for clusters" policies = [ { body = templatefile("${path.module}/cloud-provider.cedar", { diff --git a/docs/data-sources/resource_policy.md b/docs/data-sources/resource_policy.md index 889eddf919..83e0a5c574 100644 --- a/docs/data-sources/resource_policy.md +++ b/docs/data-sources/resource_policy.md @@ -11,6 +11,7 @@ resource "mongodbatlas_resource_policy" "project_ip_access_list" { org_id = var.org_id name = "forbid-access-from-anywhere" + description = "Forbids access from anywhere" policies = [ { @@ -31,6 +32,7 @@ EOF resource "mongodbatlas_resource_policy" "cloud_provider" { org_id = var.org_id name = "forbid-cloud-provider" + description = "Forbids AWS and Azure for clusters" policies = [ { body = templatefile("${path.module}/cloud-provider.cedar", { diff --git a/docs/resources/resource_policy.md b/docs/resources/resource_policy.md index 4eaf039b5f..cf706d7d44 100644 --- a/docs/resources/resource_policy.md +++ b/docs/resources/resource_policy.md @@ -13,6 +13,7 @@ resource "mongodbatlas_resource_policy" "project_ip_access_list" { org_id = var.org_id name = "forbid-access-from-anywhere" + description = "Forbids access from anywhere" policies = [ { @@ -33,6 +34,7 @@ EOF resource "mongodbatlas_resource_policy" "cloud_provider" { org_id = var.org_id name = "forbid-cloud-provider" + description = "Forbids AWS and Azure for clusters" policies = [ { body = templatefile("${path.module}/cloud-provider.cedar", { From 0ce7bcc130e4d79d6c5de685424bd28900c35b14 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Wed, 26 Mar 2025 13:14:07 +0000 Subject: [PATCH 05/14] mig test --- .../service/resourcepolicy/resource_migration_test.go | 8 +++++++- internal/service/resourcepolicy/resource_test.go | 6 +++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/internal/service/resourcepolicy/resource_migration_test.go b/internal/service/resourcepolicy/resource_migration_test.go index d7ebd7fa8d..85f5c1a0d0 100644 --- a/internal/service/resourcepolicy/resource_migration_test.go +++ b/internal/service/resourcepolicy/resource_migration_test.go @@ -8,5 +8,11 @@ import ( func TestMigResourcePolicy_basic(t *testing.T) { mig.SkipIfVersionBelow(t, "1.22.0") // this feature was introduced in provider version 1.21.0, plural data source schema was changed in 1.22.0 - mig.CreateAndRunTestNonParallel(t, basicTestCase(t)) + + var description *string + if mig.IsProviderVersionAtLeast("1.32.0") { + description = descriptionPtr + } + + mig.CreateAndRunTestNonParallel(t, basicTestCase(t, description)) } diff --git a/internal/service/resourcepolicy/resource_test.go b/internal/service/resourcepolicy/resource_test.go index 79fa65a37a..7380c609fc 100644 --- a/internal/service/resourcepolicy/resource_test.go +++ b/internal/service/resourcepolicy/resource_test.go @@ -52,20 +52,20 @@ var ( when { context.project.ipAccessList.contains(ip("0.0.0.0/0")) };` + descriptionPtr = conversion.StringPtr("test-description") ) func TestAccResourcePolicy_basic(t *testing.T) { - tc := basicTestCase(t) + tc := basicTestCase(t, descriptionPtr) resource.Test(t, *tc) } -func basicTestCase(t *testing.T) *resource.TestCase { +func basicTestCase(t *testing.T, description *string) *resource.TestCase { t.Helper() var ( orgID = os.Getenv("MONGODB_ATLAS_ORG_ID") policyName = "test-policy" updatedName = "updated-policy" - description = conversion.StringPtr("test-description") ) return &resource.TestCase{ // Need sequential execution for assertions to be deterministic (plural data source) PreCheck: func() { acc.PreCheckBasic(t) }, From 1d9965372f75c3161c5e1c9ef41c61da5997394d Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Wed, 26 Mar 2025 13:18:18 +0000 Subject: [PATCH 06/14] min --- examples/mongodbatlas_resource_policy/versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/mongodbatlas_resource_policy/versions.tf b/examples/mongodbatlas_resource_policy/versions.tf index 3a10272928..59f6dabde7 100644 --- a/examples/mongodbatlas_resource_policy/versions.tf +++ b/examples/mongodbatlas_resource_policy/versions.tf @@ -6,7 +6,7 @@ terraform { } mongodbatlas = { source = "mongodb/mongodbatlas" - version = "~> 1.20" + version = "~> 1.31" } } required_version = ">= 1.0" From 6dabe0046c6c42dd91836416277ce9a23dedca00 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Thu, 27 Mar 2025 14:27:26 +0000 Subject: [PATCH 07/14] Pr comments --- docs/data-sources/resource_policies.md | 2 +- internal/service/resourcepolicy/resource.go | 9 ++++----- internal/service/resourcepolicy/resource_test.go | 10 +++++++++- 3 files changed, 14 insertions(+), 7 deletions(-) diff --git a/docs/data-sources/resource_policies.md b/docs/data-sources/resource_policies.md index 41f59a443c..bb8edb096b 100644 --- a/docs/data-sources/resource_policies.md +++ b/docs/data-sources/resource_policies.md @@ -109,7 +109,7 @@ Read-Only: - `created_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--resource_policies--created_by_user)) - `created_date` (String) Date and time in UTC when the Atlas resource policy was created. -- `description` (String) Description of the atlas resource policy. +- `description` (String) Description of the Atlas resource policy. - `id` (String) Unique 24-hexadecimal digit string that identifies an Atlas resource policy. - `last_updated_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--resource_policies--last_updated_by_user)) - `last_updated_date` (String) Date and time in UTC when the Atlas resource policy was last updated. diff --git a/internal/service/resourcepolicy/resource.go b/internal/service/resourcepolicy/resource.go index b3c8255422..e2c7683ed3 100644 --- a/internal/service/resourcepolicy/resource.go +++ b/internal/service/resourcepolicy/resource.go @@ -135,13 +135,12 @@ func (r *resourcePolicyRS) Update(ctx context.Context, req resource.UpdateReques connV2 := r.Client.AtlasV2 policies := NewAdminPolicies(ctx, plan.Policies) editAdmin := admin.ApiAtlasResourcePolicyEdit{ - Name: plan.Name.ValueStringPointer(), - Description: plan.Description.ValueStringPointer(), + Name: plan.Name.ValueStringPointer(), + // description is an optional attribute (i.e. null by default), if it is removed from the config during an update + // (i.e. user wants to remove the existing description from resource policy), we send an empty string ("") as the value in API request for update + Description: conversion.Pointer(plan.Description.ValueString()), Policies: &policies, } - if editAdmin.Description == nil { - editAdmin.Description = conversion.Pointer("") - } policySDK, _, err := connV2.ResourcePoliciesApi.UpdateAtlasResourcePolicy(ctx, orgID, resourcePolicyID, &editAdmin).Execute() if err != nil { diff --git a/internal/service/resourcepolicy/resource_test.go b/internal/service/resourcepolicy/resource_test.go index 7380c609fc..dc5d354d13 100644 --- a/internal/service/resourcepolicy/resource_test.go +++ b/internal/service/resourcepolicy/resource_test.go @@ -67,6 +67,10 @@ func basicTestCase(t *testing.T, description *string) *resource.TestCase { policyName = "test-policy" updatedName = "updated-policy" ) + var updatedDescription string + if description != nil { + updatedDescription = fmt.Sprintf("updated-%s", *description) + } return &resource.TestCase{ // Need sequential execution for assertions to be deterministic (plural data source) PreCheck: func() { acc.PreCheckBasic(t) }, ProtoV6ProviderFactories: acc.TestAccProviderV6Factories, @@ -81,7 +85,11 @@ func basicTestCase(t *testing.T, description *string) *resource.TestCase { Check: checksResourcePolicy(orgID, updatedName, 1), }, { - Config: configBasic(orgID, updatedName, nil), + Config: configBasic(orgID, updatedName, &updatedDescription), + Check: checksResourcePolicy(orgID, updatedName, 1), + }, + { + Config: configBasic(orgID, updatedName, &updatedDescription), ResourceName: resourceID, ImportStateIdFunc: checkImportStateIDFunc(resourceID), ImportState: true, From 86f6f9ae9e4d6ee3cc248158e032f8625c75bbfa Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Thu, 27 Mar 2025 17:34:05 +0000 Subject: [PATCH 08/14] doc updates --- docs/data-sources/resource_policies.md | 2 +- docs/data-sources/resource_policy.md | 2 +- docs/resources/resource_policy.md | 2 +- internal/service/resourcepolicy/resource_schema.go | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/data-sources/resource_policies.md b/docs/data-sources/resource_policies.md index bb8edb096b..449db17e55 100644 --- a/docs/data-sources/resource_policies.md +++ b/docs/data-sources/resource_policies.md @@ -153,7 +153,7 @@ Read-Only: - `created_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--results--created_by_user)) - `created_date` (String) Date and time in UTC when the Atlas resource policy was created. -- `description` (String) Description of the atlas resource policy. +- `description` (String) Description of the Atlas resource policy. - `id` (String) Unique 24-hexadecimal digit string that identifies an Atlas resource policy. - `last_updated_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--results--last_updated_by_user)) - `last_updated_date` (String) Date and time in UTC when the Atlas resource policy was last updated. diff --git a/docs/data-sources/resource_policy.md b/docs/data-sources/resource_policy.md index 83e0a5c574..3d3251a0ff 100644 --- a/docs/data-sources/resource_policy.md +++ b/docs/data-sources/resource_policy.md @@ -102,7 +102,7 @@ output "policy_ids" { - `created_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--created_by_user)) - `created_date` (String) Date and time in UTC when the Atlas resource policy was created. -- `description` (String) Description of the atlas resource policy. +- `description` (String) Description of the Atlas resource policy. - `last_updated_by_user` (Attributes) The user that last updated the Atlas resource policy. (see [below for nested schema](#nestedatt--last_updated_by_user)) - `last_updated_date` (String) Date and time in UTC when the Atlas resource policy was last updated. - `name` (String) Human-readable label that describes the Atlas resource policy. diff --git a/docs/resources/resource_policy.md b/docs/resources/resource_policy.md index cf706d7d44..ee2f5b1d3e 100644 --- a/docs/resources/resource_policy.md +++ b/docs/resources/resource_policy.md @@ -103,7 +103,7 @@ output "policy_ids" { ### Optional -- `description` (String) Description of the atlas resource policy. +- `description` (String) Description of the Atlas resource policy. ### Read-Only diff --git a/internal/service/resourcepolicy/resource_schema.go b/internal/service/resourcepolicy/resource_schema.go index 1d8e9694af..309d0cc7fb 100644 --- a/internal/service/resourcepolicy/resource_schema.go +++ b/internal/service/resourcepolicy/resource_schema.go @@ -61,7 +61,7 @@ func ResourceSchema(ctx context.Context) schema.Schema { Required: true, }, "description": schema.StringAttribute{ - MarkdownDescription: "Description of the atlas resource policy.", + MarkdownDescription: "Description of the Atlas resource policy.", Optional: true, }, "org_id": schema.StringAttribute{ From 9e3c62bcba3767314eaa8a03cd25f8c6e4da3b0e Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Thu, 27 Mar 2025 17:37:29 +0000 Subject: [PATCH 09/14] min --- .changelog/3214.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.changelog/3214.txt b/.changelog/3214.txt index 63db5dbc8a..f196eb8318 100644 --- a/.changelog/3214.txt +++ b/.changelog/3214.txt @@ -1,11 +1,11 @@ ```release-note:enhancement -resource/mongodbatlas_resource_policy: Adds support for new `description` field +resource/mongodbatlas_resource_policy: Adds support for the new `description` field ``` ```release-note:enhancement -data-source/mongodbatlas_resource_policy: Adds support for new `description` field +data-source/mongodbatlas_resource_policy: Adds support for the new `description` field ``` ```release-note:enhancement -data-source/mongodbatlas_resource_policies: Adds support for new `description` field +data-source/mongodbatlas_resource_policies: Adds support for the new `description` field ``` \ No newline at end of file From 9476c0979bdf3f899723d40636d53815714bffe4 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Fri, 28 Mar 2025 17:13:44 +0000 Subject: [PATCH 10/14] example --- examples/mongodbatlas_resource_policy/main.tf | 8 ++++---- examples/mongodbatlas_resource_policy/provider.tf | 2 +- examples/mongodbatlas_resource_policy/variables.tf | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/examples/mongodbatlas_resource_policy/main.tf b/examples/mongodbatlas_resource_policy/main.tf index 698faec290..badf53cc54 100644 --- a/examples/mongodbatlas_resource_policy/main.tf +++ b/examples/mongodbatlas_resource_policy/main.tf @@ -1,6 +1,6 @@ resource "mongodbatlas_resource_policy" "project_ip_access_list" { - org_id = var.org_id - name = "forbid-access-from-anywhere" + org_id = var.org_id + name = "forbid-access-from-anywhere" description = "Forbids access from anywhere" policies = [ @@ -20,8 +20,8 @@ EOF } resource "mongodbatlas_resource_policy" "cloud_provider" { - org_id = var.org_id - name = "forbid-cloud-provider" + org_id = var.org_id + name = "forbid-cloud-provider" description = "Forbids AWS and Azure for clusters" policies = [ { diff --git a/examples/mongodbatlas_resource_policy/provider.tf b/examples/mongodbatlas_resource_policy/provider.tf index e5aeda8033..18c430e061 100644 --- a/examples/mongodbatlas_resource_policy/provider.tf +++ b/examples/mongodbatlas_resource_policy/provider.tf @@ -1,4 +1,4 @@ provider "mongodbatlas" { public_key = var.public_key private_key = var.private_key -} \ No newline at end of file +} diff --git a/examples/mongodbatlas_resource_policy/variables.tf b/examples/mongodbatlas_resource_policy/variables.tf index 503476e252..a02e412d99 100644 --- a/examples/mongodbatlas_resource_policy/variables.tf +++ b/examples/mongodbatlas_resource_policy/variables.tf @@ -9,4 +9,4 @@ variable "private_key" { variable "org_id" { description = "Atlas Organization ID" type = string -} \ No newline at end of file +} From 0213fee7098b8c97601fa8992435a1fa0fd19247 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Mon, 31 Mar 2025 12:18:18 +0100 Subject: [PATCH 11/14] format --- docs/data-sources/resource_policies.md | 8 ++++---- docs/data-sources/resource_policy.md | 8 ++++---- docs/resources/resource_policy.md | 8 ++++---- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/data-sources/resource_policies.md b/docs/data-sources/resource_policies.md index 449db17e55..2c79bf7f9c 100644 --- a/docs/data-sources/resource_policies.md +++ b/docs/data-sources/resource_policies.md @@ -9,8 +9,8 @@ ## Example Usages ```terraform resource "mongodbatlas_resource_policy" "project_ip_access_list" { - org_id = var.org_id - name = "forbid-access-from-anywhere" + org_id = var.org_id + name = "forbid-access-from-anywhere" description = "Forbids access from anywhere" policies = [ @@ -30,8 +30,8 @@ EOF } resource "mongodbatlas_resource_policy" "cloud_provider" { - org_id = var.org_id - name = "forbid-cloud-provider" + org_id = var.org_id + name = "forbid-cloud-provider" description = "Forbids AWS and Azure for clusters" policies = [ { diff --git a/docs/data-sources/resource_policy.md b/docs/data-sources/resource_policy.md index 3d3251a0ff..c5e306fef0 100644 --- a/docs/data-sources/resource_policy.md +++ b/docs/data-sources/resource_policy.md @@ -9,8 +9,8 @@ ## Example Usages ```terraform resource "mongodbatlas_resource_policy" "project_ip_access_list" { - org_id = var.org_id - name = "forbid-access-from-anywhere" + org_id = var.org_id + name = "forbid-access-from-anywhere" description = "Forbids access from anywhere" policies = [ @@ -30,8 +30,8 @@ EOF } resource "mongodbatlas_resource_policy" "cloud_provider" { - org_id = var.org_id - name = "forbid-cloud-provider" + org_id = var.org_id + name = "forbid-cloud-provider" description = "Forbids AWS and Azure for clusters" policies = [ { diff --git a/docs/resources/resource_policy.md b/docs/resources/resource_policy.md index ee2f5b1d3e..3f6624be6f 100644 --- a/docs/resources/resource_policy.md +++ b/docs/resources/resource_policy.md @@ -11,8 +11,8 @@ ```terraform resource "mongodbatlas_resource_policy" "project_ip_access_list" { - org_id = var.org_id - name = "forbid-access-from-anywhere" + org_id = var.org_id + name = "forbid-access-from-anywhere" description = "Forbids access from anywhere" policies = [ @@ -32,8 +32,8 @@ EOF } resource "mongodbatlas_resource_policy" "cloud_provider" { - org_id = var.org_id - name = "forbid-cloud-provider" + org_id = var.org_id + name = "forbid-cloud-provider" description = "Forbids AWS and Azure for clusters" policies = [ { From f8c9100c844f2ff44e84dbdeac9efc5084e8f183 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Mon, 31 Mar 2025 12:31:21 +0100 Subject: [PATCH 12/14] ds test --- internal/service/resourcepolicy/resource_test.go | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/internal/service/resourcepolicy/resource_test.go b/internal/service/resourcepolicy/resource_test.go index dc5d354d13..2cd8cacf45 100644 --- a/internal/service/resourcepolicy/resource_test.go +++ b/internal/service/resourcepolicy/resource_test.go @@ -78,15 +78,15 @@ func basicTestCase(t *testing.T, description *string) *resource.TestCase { Steps: []resource.TestStep{ { Config: configBasic(orgID, policyName, description), - Check: checksResourcePolicy(orgID, policyName, 1), + Check: checksResourcePolicy(orgID, policyName, description, 1), }, { Config: configBasic(orgID, updatedName, nil), - Check: checksResourcePolicy(orgID, updatedName, 1), + Check: checksResourcePolicy(orgID, updatedName, nil, 1), }, { Config: configBasic(orgID, updatedName, &updatedDescription), - Check: checksResourcePolicy(orgID, updatedName, 1), + Check: checksResourcePolicy(orgID, updatedName, &updatedDescription, 1), }, { Config: configBasic(orgID, updatedName, &updatedDescription), @@ -110,7 +110,7 @@ func TestAccResourcePolicy_multipleNestedPolicies(t *testing.T) { Steps: []resource.TestStep{ { Config: configWithPolicyBodies(orgID, "test-policy-multiple", nil, validPolicyForbidAwsCloudProvider, validPolicyProjectForbidIPAccessAnywhere), - Check: checksResourcePolicy(orgID, "test-policy-multiple", 2), + Check: checksResourcePolicy(orgID, "test-policy-multiple", nil, 2), }, { Config: configWithPolicyBodies(orgID, "test-policy-multiple", nil, validPolicyForbidAwsCloudProvider, validPolicyProjectForbidIPAccessAnywhere), @@ -152,12 +152,13 @@ func TestAccResourcePolicy_invalidConfig(t *testing.T) { ) } -func checksResourcePolicy(orgID, name string, policyCount int) resource.TestCheckFunc { +func checksResourcePolicy(orgID, name string, description *string, policyCount int) resource.TestCheckFunc { attrMap := map[string]string{ "org_id": orgID, "policies.#": fmt.Sprintf("%d", policyCount), "name": name, } + attrSet := []string{ "created_by_user.id", "created_by_user.name", @@ -168,6 +169,10 @@ func checksResourcePolicy(orgID, name string, policyCount int) resource.TestChec "id", "version", } + if description != nil { + attrSet = append(attrSet, "description") + } + pluralMap := map[string]string{ "org_id": orgID, "results.#": "1", From 39ee63d2c8ca34c7f21da75c561b09419e80cf65 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Mon, 31 Mar 2025 12:42:04 +0100 Subject: [PATCH 13/14] ut --- internal/service/resourcepolicy/model_test.go | 10 ++++++++-- .../testdata/policy_multipleEntries.json | 1 + 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/internal/service/resourcepolicy/model_test.go b/internal/service/resourcepolicy/model_test.go index 49b18304b8..ed2517f15c 100644 --- a/internal/service/resourcepolicy/model_test.go +++ b/internal/service/resourcepolicy/model_test.go @@ -5,12 +5,15 @@ import ( "encoding/json" "testing" + "go.mongodb.org/atlas-sdk/v20250312001/admin" + "github.com/hashicorp/terraform-plugin-framework/diag" "github.com/hashicorp/terraform-plugin-framework/types" + "github.com/stretchr/testify/assert" + + "github.com/mongodb/terraform-provider-mongodbatlas/internal/common/conversion" "github.com/mongodb/terraform-provider-mongodbatlas/internal/service/resourcepolicy" "github.com/mongodb/terraform-provider-mongodbatlas/internal/testutil/unit" - "github.com/stretchr/testify/assert" - "go.mongodb.org/atlas-sdk/v20250312001/admin" ) var ( @@ -32,6 +35,7 @@ type tfModelTestCase struct { orgID string policyID string version string + description *string } func (tc *tfModelTestCase) addDefaults() { @@ -101,6 +105,7 @@ func createTFModel(t *testing.T, testCase *tfModelTestCase) *resourcepolicy.TFMo Name: types.StringValue(testCase.name), OrgID: types.StringValue(testCase.orgID), Version: types.StringValue(testCase.version), + Description: types.StringPointerValue(testCase.description), } } @@ -118,6 +123,7 @@ func TestNewTFModel(t *testing.T) { createdDate: "2024-09-11T13:36:18Z", lastUpdatedDate: "2024-09-11T13:36:18Z", policyID: "66e19cd2fdc0332d1fa5e877", + description: conversion.StringPtr("test description"), }, } diff --git a/internal/service/resourcepolicy/testdata/policy_multipleEntries.json b/internal/service/resourcepolicy/testdata/policy_multipleEntries.json index 074ccec9b6..24d7f70aa4 100644 --- a/internal/service/resourcepolicy/testdata/policy_multipleEntries.json +++ b/internal/service/resourcepolicy/testdata/policy_multipleEntries.json @@ -4,6 +4,7 @@ "name": "mvccpeou" }, "createdDate": "2024-09-11T13:36:18Z", + "description": "test description", "id": "66e19cd2fdc0332d1fa5e877", "lastUpdatedByUser": { "id": "65def6f00f722a1507105ad8", From 1322c1330284f1fa9f5c124904e6f1e24ba3d015 Mon Sep 17 00:00:00 2001 From: Aastha Mahendru Date: Mon, 31 Mar 2025 13:01:05 +0100 Subject: [PATCH 14/14] lint --- internal/service/resourcepolicy/model_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/service/resourcepolicy/model_test.go b/internal/service/resourcepolicy/model_test.go index ed2517f15c..3981adca74 100644 --- a/internal/service/resourcepolicy/model_test.go +++ b/internal/service/resourcepolicy/model_test.go @@ -24,6 +24,7 @@ var ( ) type tfModelTestCase struct { + description *string name string SDKRespJSON string userIDCreate string @@ -35,7 +36,6 @@ type tfModelTestCase struct { orgID string policyID string version string - description *string } func (tc *tfModelTestCase) addDefaults() {