feat(GROW-2883): lwgenerate enable adding aws provider default tags (#…

…1623)
lacework · May 10, 2024 · 5d6ef3d · 5d6ef3d
1 parent f469da5
commit 5d6ef3d
Show file tree

Hide file tree

Showing 2 changed files with 66 additions and 0 deletions.
diff --git a/lwgenerate/aws/aws.go b/lwgenerate/aws/aws.go
@@ -293,6 +293,9 @@ type GenerateAwsTfConfigurationArgs struct {
 
 	// Lacework Organization
 	LaceworkOrganizationLevel bool
+
+	// Default AWS Provider Tags
+	ProviderDefaultTags map[string]interface{}
 }
 
 func (args *GenerateAwsTfConfigurationArgs) IsEmpty() bool {
@@ -429,6 +432,13 @@ func NewTerraform(
 	return config
 }
 
+// WithProviderDefaultTags adds default_tags to the provider configuration for AWS (if tags are present)
+func WithProviderDefaultTags(tags map[string]interface{}) AwsTerraformModifier {
+	return func(c *GenerateAwsTfConfigurationArgs) {
+		c.ProviderDefaultTags = tags
+	}
+}
+
 // WithAwsProfile Set the AWS Profile to utilize for the main AWS provider
 func WithAwsProfile(name string) AwsTerraformModifier {
 	return func(c *GenerateAwsTfConfigurationArgs) {
@@ -806,6 +816,18 @@ func createAwsProvider(args *GenerateAwsTfConfigurationArgs) ([]*hclwrite.Block,
 		lwgenerate.HclProviderWithAttributes(attributes),
 	}
 
+	if len(args.ProviderDefaultTags) != 0 {
+		defaultTagsBlock, err := lwgenerate.HclCreateGenericBlock(
+			"default_tags",
+			nil,
+			map[string]interface{}{"tags": args.ProviderDefaultTags},
+		)
+		if err != nil {
+			return nil, err
+		}
+		modifiers = append(modifiers, lwgenerate.HclProviderWithGenericBlocks(defaultTagsBlock))
+	}
+
 	if args.AwsAssumeRole != "" {
 		assumeRoleBlock, err := lwgenerate.HclCreateGenericBlock(
 			"assume_role",

diff --git a/lwgenerate/aws/aws_test.go b/lwgenerate/aws/aws_test.go
@@ -40,6 +40,19 @@ func TestGenerationAgentless(t *testing.T) {
 	assert.NotNil(t, hcl)
 	assert.Equal(t, moduleImportAgentless, hcl)
 }
+func TestGenerationWithProviderTags(t *testing.T) {
+	hcl, err := NewTerraform(
+		false,
+		false,
+		true,
+		false,
+		WithAwsRegion("us-east-2"),
+		WithProviderDefaultTags(map[string]interface{}{"TAG_TEST": "foo", "TAG_TEST1": "bar"}),
+	).Generate()
+	assert.Nil(t, err)
+	assert.NotNil(t, hcl)
+	assert.Equal(t, moduleImportConfigWithProviderTags, hcl)
+}
 
 func TestGenerationAgentlessOrganization(t *testing.T) {
 	hcl, err := NewTerraform(
@@ -675,6 +688,37 @@ var moduleImportCloudtrail = `module "main_cloudtrail" {
 }
 `
 
+var moduleImportConfigWithProviderTags = `terraform {
+  required_providers {
+    lacework = {
+      source  = "lacework/lacework"
+      version = "~> 1.0"
+    }
+  }
+}
+
+provider "aws" {
+  alias  = "main"
+  region = "us-east-2"
+
+  default_tags {
+    tags = {
+      TAG_TEST  = "foo"
+      TAG_TEST1 = "bar"
+    }
+  }
+}
+
+module "aws_config" {
+  source  = "lacework/config/aws"
+  version = "~> 0.5"
+
+  providers = {
+    aws = aws.main
+  }
+}
+`
+
 var moduleImportConfig = `module "aws_config" {
   source  = "lacework/config/aws"
   version = "~> 0.5"