Add redshift_group data source

docs/data-sources/group.md

@@ -0,0 +1,36 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "redshift_group Data Source - terraform-provider-redshift"
+subcategory: ""
+description: |-
+  Groups are collections of users who are all granted whatever privileges are associated with the group. You can use groups to assign privileges by role. For example, you can create different groups for sales, administration, and support and give the users in each group the appropriate access to the data they require for their work. You can grant or revoke privileges at the group level, and those changes will apply to all members of the group, except for superusers.
+---
+
+# redshift_group (Data Source)
+
+Groups are collections of users who are all granted whatever privileges are associated with the group. You can use groups to assign privileges by role. For example, you can create different groups for sales, administration, and support and give the users in each group the appropriate access to the data they require for their work. You can grant or revoke privileges at the group level, and those changes will apply to all members of the group, except for superusers.
+
+## Example Usage
+
+```terraform
+data "redshift_group" "staff" {
+  name = "group_users"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- **name** (String) Name of the user group. Group names beginning with two underscores are reserved for Amazon Redshift internal use.
+
+### Optional
+
+- **id** (String) The ID of this resource.
+
+### Read-Only
+
+- **users** (Set of String) List of the user names who belong to the group
+
+

examples/data-sources/redshift_group/data-source.tf

@@ -0,0 +1,3 @@
+data "redshift_group" "staff" {
+  name = "group_users"
+}

redshift/data_source_redshift_group.go

@@ -0,0 +1,54 @@
+package redshift
+
+import (
+	"regexp"
+	"strings"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+	"github.com/lib/pq"
+)
+
+func dataSourceRedshiftGroup() *schema.Resource {
+	return &schema.Resource{
+		Description: `
+Groups are collections of users who are all granted whatever privileges are associated with the group. You can use groups to assign privileges by role. For example, you can create different groups for sales, administration, and support and give the users in each group the appropriate access to the data they require for their work. You can grant or revoke privileges at the group level, and those changes will apply to all members of the group, except for superusers.
+		`,
+		Read: RedshiftResourceFunc(dataSourceRedshiftGroupRead),
+		Schema: map[string]*schema.Schema{
+			groupNameAttr: {
+				Type:         schema.TypeString,
+				Required:     true,
+				Description:  "Name of the user group. Group names beginning with two underscores are reserved for Amazon Redshift internal use.",
+				ValidateFunc: validation.StringDoesNotMatch(regexp.MustCompile("^__.*"), "Group names beginning with two underscores are reserved for Amazon Redshift internal use"),
+				StateFunc: func(val interface{}) string {
+					return strings.ToLower(val.(string))
+				},
+			},
+			groupUsersAttr: {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+				Description: "List of the user names who belong to the group",
+			},
+		},
+	}
+}
+
+func dataSourceRedshiftGroupRead(db *DBConnection, d *schema.ResourceData) error {
+	var (
+		groupId    string
+		groupUsers []string
+	)
+
+	sql := `SELECT ARRAY(SELECT u.usename FROM pg_user_info u, pg_group g WHERE g.groname = $1 AND u.usesysid = ANY(g.grolist)) AS members, grosysid FROM pg_group WHERE groname = $1`
+	if err := db.QueryRow(sql, d.Get(groupNameAttr).(string)).Scan(pq.Array(&groupUsers), &groupId); err != nil {
+		return err
+	}
+
+	d.SetId(groupId)
+	d.Set(groupUsersAttr, groupUsers)
+	return nil
+}

redshift/data_source_redshift_group_test.go

@@ -0,0 +1,46 @@
+package redshift
+
+import (
+	"fmt"
+	"strings"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+)
+
+func TestAccDataSourceRedshiftGroup_basic(t *testing.T) {
+	groupName := strings.ReplaceAll(acctest.RandomWithPrefix("tf_acc_data_basic"), "-", "_")
+	userName := strings.ReplaceAll(acctest.RandomWithPrefix("tf_acc_data_basic"), "-", "_")
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckRedshiftGroupDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceRedshiftGroupConfig_basic(groupName, userName),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr("data.redshift_group.group", groupNameAttr, groupName),
+					resource.TestCheckResourceAttr("data.redshift_group.group", fmt.Sprintf("%s.#", groupUsersAttr), "1"),
+					resource.TestCheckTypeSetElemAttr("data.redshift_group.group", fmt.Sprintf("%s.*", groupUsersAttr), userName),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceRedshiftGroupConfig_basic(groupName string, userName string) string {
+	return fmt.Sprintf(`
+resource "redshift_user" "user" {
+	%[1]s = %[2]q
+}
+resource "redshift_group" "group" {
+	%[3]s = %[4]q
+	%[5]s = [ redshift_user.user.%[1]s ]
+}
+
+data "redshift_group" "group" {
+	%[3]s = redshift_group.group.%[3]s
+}
+`, userNameAttr, userName, groupNameAttr, groupName, groupUsersAttr)
+}

redshift/provider.go

@@ -69,8 +69,10 @@ func Provider() *schema.Provider {
 			"redshift_schema":    redshiftSchema(),
 			"redshift_privilege": redshiftPrivilege(),
 		},
-		DataSourcesMap: map[string]*schema.Resource{},
-		ConfigureFunc:  providerConfigure,
+		DataSourcesMap: map[string]*schema.Resource{
+			"redshift_group": dataSourceRedshiftGroup(),
+		},
+		ConfigureFunc: providerConfigure,
 	}
 }