Fix create storage credentials with owner for account (#3184)

donatasm · web-flow · commit 2606c7672467 · 2024-02-07T08:53:14.000Z
* Use storage credential name instead of ID to patch owner

* Add create account storage credential basic test

* Add acceptance test
diff --git a/catalog/resource_storage_credential.go b/catalog/resource_storage_credential.go
@@ -75,7 +75,7 @@ func ResourceStorageCredential() common.Resource {
 				_, err = acc.StorageCredentials.Update(ctx, catalog.AccountsUpdateStorageCredential{
 					CredentialInfo:        &update,
 					MetastoreId:           metastoreId,
-					StorageCredentialName: storageCredential.CredentialInfo.Id,
+					StorageCredentialName: storageCredential.CredentialInfo.Name,
 				})
 				if err != nil {
 					return err
diff --git a/catalog/resource_storage_credential_test.go b/catalog/resource_storage_credential_test.go
@@ -115,6 +115,72 @@ func TestCreateStorageCredentialWithOwner(t *testing.T) {
 	}.ApplyNoError(t)
 }
 
+func TestCreateAccountStorageCredentialWithOwner(t *testing.T) {
+	qa.ResourceFixture{
+		Fixtures: []qa.HTTPFixture{
+			{
+				Method:   "POST",
+				Resource: "/api/2.0/accounts/account_id/metastores/metastore_id/storage-credentials",
+				ExpectedRequest: &catalog.AccountsCreateStorageCredential{
+					MetastoreId: "metastore_id",
+					CredentialInfo: &catalog.CreateStorageCredential{
+						Name: "storage_credential_name",
+						AwsIamRole: &catalog.AwsIamRole{
+							RoleArn: "arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF",
+						},
+					},
+				},
+				Response: catalog.AccountsStorageCredentialInfo{
+					CredentialInfo: &catalog.StorageCredentialInfo{
+						Name: "storage_credential_name",
+					},
+				},
+			},
+			{
+				Method:   "PUT",
+				Resource: "/api/2.0/accounts/account_id/metastores/metastore_id/storage-credentials/storage_credential_name",
+				ExpectedRequest: &catalog.AccountsUpdateStorageCredential{
+					CredentialInfo: &catalog.UpdateStorageCredential{
+						Name:  "storage_credential_name",
+						Owner: "administrators",
+						AwsIamRole: &catalog.AwsIamRole{
+							RoleArn: "arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF",
+						},
+					},
+				},
+				Response: &catalog.AccountsStorageCredentialInfo{
+					CredentialInfo: &catalog.StorageCredentialInfo{
+						Name: "storage_credential_name",
+					},
+				},
+			},
+			{
+				Method:   "GET",
+				Resource: "/api/2.0/accounts/account_id/metastores/metastore_id/storage-credentials/storage_credential_name?",
+				Response: &catalog.AccountsStorageCredentialInfo{
+					CredentialInfo: &catalog.StorageCredentialInfo{
+						Name: "storage_credential_name",
+						AwsIamRole: &catalog.AwsIamRole{
+							RoleArn: "arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF",
+						},
+					},
+				},
+			},
+		},
+		Resource:  ResourceStorageCredential(),
+		AccountID: "account_id",
+		Create:    true,
+		HCL: `
+		name = "storage_credential_name"
+		metastore_id = "metastore_id"
+		aws_iam_role {
+			role_arn = "arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF"
+		}
+		owner = "administrators"
+		`,
+	}.ApplyNoError(t)
+}
+
 func TestCreateStorageCredentialsReadOnly(t *testing.T) {
 	qa.ResourceFixture{
 		Fixtures: []qa.HTTPFixture{
diff --git a/internal/acceptance/storage_credential_test.go b/internal/acceptance/storage_credential_test.go
@@ -32,3 +32,22 @@ func TestUcAccStorageCredential(t *testing.T) {
 		})
 	}
 }
+
+func TestAccStorageCredentialOwner(t *testing.T) {
+	unityAccountLevel(t, step{
+		Template: `
+			resource "databricks_service_principal" "test_acc_storage_credential_owner" {
+				display_name = "test_acc_storage_credential_owner {var.RANDOM}"
+			}
+
+			resource "databricks_storage_credential" "test_acc_storage_credential_owner" {
+				name = "test_acc_storage_credential_owner-{var.RANDOM}"
+				owner = databricks_service_principal.test_acc_storage_credential_owner.application_id
+				metastore_id = "{env.TEST_METASTORE_ID}"
+				aws_iam_role {
+					role_arn = "{env.TEST_METASTORE_DATA_ACCESS_ARN}"
+				}
+			}
+		`,
+	})
+}
