PLT-824: AWS cloud account validation feature. (#68)

spectrocloud · Nov 22, 2023 · 01d6574 · 01d6574
1 parent 4c5cb4f
commit 01d6574
Showing 1 changed file with 48 additions and 0 deletions.
diff --git a/client/account_aws.go b/client/account_aws.go
@@ -2,16 +2,34 @@ package client
 
 import (
 	hapitransport "github.com/spectrocloud/hapi/apiutil/transport"
+	cloudC "github.com/spectrocloud/hapi/cloud/client/v1"
 	"github.com/spectrocloud/hapi/models"
 	clusterC "github.com/spectrocloud/hapi/spectrocluster/client/v1"
 )
 
+func toV1AwsCloudAccount(account *models.V1AwsAccount) *models.V1AwsCloudAccount {
+	return &models.V1AwsCloudAccount{
+		AccessKey:      account.Spec.AccessKey,
+		CredentialType: account.Spec.CredentialType,
+		Partition:      account.Spec.Partition,
+		PolicyARNs:     account.Spec.PolicyARNs,
+		SecretKey:      account.Spec.SecretKey,
+		Sts:            account.Spec.Sts,
+	}
+}
+
 func (h *V1Client) CreateCloudAccountAws(account *models.V1AwsAccount, AccountContext string) (string, error) {
 	client, err := h.GetClusterClient()
 	if err != nil {
 		return "", err
 	}
 
+	// validate account
+	err = validateCloudAccountAws(account, h)
+	if err != nil {
+		return "", err
+	}
+
 	var params *clusterC.V1CloudAccountsAwsCreateParams
 	switch AccountContext {
 	case "project":
@@ -28,12 +46,42 @@ func (h *V1Client) CreateCloudAccountAws(account *models.V1AwsAccount, AccountCo
 	return *success.Payload.UID, nil
 }
 
+func validateCloudAccountAws(account *models.V1AwsAccount, h *V1Client) error {
+	client, err := h.GetCloudClient()
+	if err != nil {
+		return err
+	}
+
+	PcgId := account.Metadata.Annotations[OverlordUID]
+	// check PCG
+	err = h.CheckPCG(PcgId)
+	if err != nil {
+		return err
+	}
+
+	// validate account
+	paramsValidate := cloudC.NewV1AwsAccountValidateParams()
+	paramsValidate = paramsValidate.WithAwsCloudAccount(toV1AwsCloudAccount(account))
+	_, err = client.V1AwsAccountValidate(paramsValidate)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
 func (h *V1Client) UpdateCloudAccountAws(account *models.V1AwsAccount) error {
 	client, err := h.GetClusterClient()
 	if err != nil {
 		return err
 	}
 
+	// validate account
+	err = validateCloudAccountAws(account, h)
+	if err != nil {
+		return err
+	}
+
 	uid := account.Metadata.UID
 	params := clusterC.NewV1CloudAccountsAwsUpdateParamsWithContext(h.Ctx).WithUID(uid).WithBody(account)
 	_, err = client.V1CloudAccountsAwsUpdate(params)