wafv2: New-style sweepers.

ewbankkit · ewbankkit · commit a30e138cf257 · 2025-05-12T16:40:53.000-04:00
diff --git a/internal/service/wafv2/sweep.go b/internal/service/wafv2/sweep.go
@@ -4,71 +4,63 @@
 package wafv2
 
 import (
-	"fmt"
+	"context"
 	"log"
 	"strings"
 
 	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/service/wafv2"
 	awstypes "github.com/aws/aws-sdk-go-v2/service/wafv2/types"
-	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-aws/internal/conns"
 	"github.com/hashicorp/terraform-provider-aws/internal/sweep"
 	"github.com/hashicorp/terraform-provider-aws/internal/sweep/awsv2"
 	"github.com/hashicorp/terraform-provider-aws/internal/sweep/framework"
 	"github.com/hashicorp/terraform-provider-aws/names"
 )
 
 func RegisterSweepers() {
-	resource.AddTestSweepers("aws_wafv2_ip_set", &resource.Sweeper{
-		Name: "aws_wafv2_ip_set",
-		F:    sweepIPSets,
-		Dependencies: []string{
-			"aws_wafv2_rule_group",
-			"aws_wafv2_web_acl",
-		},
-	})
+	awsv2.Register("aws_wafv2_api_key", sweepAPIKeys)
+	awsv2.Register("aws_wafv2_ip_set", sweepIPSets, "aws_wafv2_rule_group", "aws_wafv2_web_acl")
+	awsv2.Register("aws_wafv2_regex_pattern_set", sweepRegexPatternSets, "aws_wafv2_rule_group", "aws_wafv2_web_acl")
+	awsv2.Register("aws_wafv2_rule_group", sweepRuleGroups, "aws_wafv2_web_acl")
+	awsv2.Register("aws_wafv2_web_acl", sweepWebACLs)
+}
 
-	resource.AddTestSweepers("aws_wafv2_regex_pattern_set", &resource.Sweeper{
-		Name: "aws_wafv2_regex_pattern_set",
-		F:    sweepRegexPatternSets,
-		Dependencies: []string{
-			"aws_wafv2_rule_group",
-			"aws_wafv2_web_acl",
-		},
-	})
+func sweepAPIKeys(ctx context.Context, client *conns.AWSClient) ([]sweep.Sweepable, error) {
+	conn := client.WAFV2Client(ctx)
+	var input wafv2.ListAPIKeysInput
+	input.Scope = awstypes.ScopeRegional
+	sweepResources := make([]sweep.Sweepable, 0)
 
-	resource.AddTestSweepers("aws_wafv2_rule_group", &resource.Sweeper{
-		Name: "aws_wafv2_rule_group",
-		F:    sweepRuleGroups,
-		Dependencies: []string{
-			"aws_wafv2_web_acl",
-		},
-	})
+	err := listAPIKeysPages(ctx, conn, &input, func(page *wafv2.ListAPIKeysOutput, lastPage bool) bool {
+		if page == nil {
+			return !lastPage
+		}
 
-	resource.AddTestSweepers("aws_wafv2_web_acl", &resource.Sweeper{
-		Name: "aws_wafv2_web_acl",
-		F:    sweepWebACLs,
-	})
+		for _, v := range page.APIKeySummaries {
+			sweepResources = append(sweepResources, framework.NewSweepResource(newAPIKeyResource, client,
+				framework.NewAttribute("api_key", aws.ToString(v.APIKey)),
+				framework.NewAttribute(names.AttrScope, awstypes.ScopeRegional),
+			))
+		}
 
-	resource.AddTestSweepers("aws_wafv2_api_key", &resource.Sweeper{
-		Name: "aws_wafv2_api_key",
-		F:    sweepAPIKeys,
+		return !lastPage
 	})
-}
 
-func sweepIPSets(region string) error {
-	ctx := sweep.Context(region)
-	client, err := sweep.SharedRegionalSweepClient(ctx, region)
 	if err != nil {
-		return fmt.Errorf("error getting client: %s", err)
+		return nil, err
 	}
+
+	return sweepResources, nil
+}
+
+func sweepIPSets(ctx context.Context, client *conns.AWSClient) ([]sweep.Sweepable, error) {
 	conn := client.WAFV2Client(ctx)
-	input := &wafv2.ListIPSetsInput{
-		Scope: awstypes.ScopeRegional,
-	}
+	var input wafv2.ListIPSetsInput
+	input.Scope = awstypes.ScopeRegional
 	sweepResources := make([]sweep.Sweepable, 0)
 
-	err = listIPSetsPages(ctx, conn, input, func(page *wafv2.ListIPSetsOutput, lastPage bool) bool {
+	err := listIPSetsPages(ctx, conn, &input, func(page *wafv2.ListIPSetsOutput, lastPage bool) bool {
 		if page == nil {
 			return !lastPage
 		}
@@ -87,37 +79,20 @@ func sweepIPSets(region string) error {
 		return !lastPage
 	})
 
-	if awsv2.SkipSweepError(err) {
-		log.Printf("[WARN] Skipping WAFv2 IPSet sweep for %s: %s", region, err)
-		return nil
-	}
-
-	if err != nil {
-		return fmt.Errorf("error listing WAFv2 IPSets (%s): %w", region, err)
-	}
-
-	err = sweep.SweepOrchestrator(ctx, sweepResources)
-
 	if err != nil {
-		return fmt.Errorf("error sweeping WAFv2 IPSets (%s): %w", region, err)
+		return nil, err
 	}
 
-	return nil
+	return sweepResources, nil
 }
 
-func sweepRegexPatternSets(region string) error {
-	ctx := sweep.Context(region)
-	client, err := sweep.SharedRegionalSweepClient(ctx, region)
-	if err != nil {
-		return fmt.Errorf("error getting client: %s", err)
-	}
+func sweepRegexPatternSets(ctx context.Context, client *conns.AWSClient) ([]sweep.Sweepable, error) {
 	conn := client.WAFV2Client(ctx)
-	input := &wafv2.ListRegexPatternSetsInput{
-		Scope: awstypes.ScopeRegional,
-	}
+	var input wafv2.ListRegexPatternSetsInput
+	input.Scope = awstypes.ScopeRegional
 	sweepResources := make([]sweep.Sweepable, 0)
 
-	err = listRegexPatternSetsPages(ctx, conn, input, func(page *wafv2.ListRegexPatternSetsOutput, lastPage bool) bool {
+	err := listRegexPatternSetsPages(ctx, conn, &input, func(page *wafv2.ListRegexPatternSetsOutput, lastPage bool) bool {
 		if page == nil {
 			return !lastPage
 		}
@@ -136,37 +111,20 @@ func sweepRegexPatternSets(region string) error {
 		return !lastPage
 	})
 
-	if awsv2.SkipSweepError(err) {
-		log.Printf("[WARN] Skipping WAFv2 RegexPatternSet sweep for %s: %s", region, err)
-		return nil
-	}
-
 	if err != nil {
-		return fmt.Errorf("error listing WAFv2 RegexPatternSets (%s): %w", region, err)
+		return nil, err
 	}
 
-	err = sweep.SweepOrchestrator(ctx, sweepResources)
-
-	if err != nil {
-		return fmt.Errorf("error sweeping WAFv2 RegexPatternSets (%s): %w", region, err)
-	}
-
-	return nil
+	return sweepResources, nil
 }
 
-func sweepRuleGroups(region string) error {
-	ctx := sweep.Context(region)
-	client, err := sweep.SharedRegionalSweepClient(ctx, region)
-	if err != nil {
-		return fmt.Errorf("error getting client: %s", err)
-	}
+func sweepRuleGroups(ctx context.Context, client *conns.AWSClient) ([]sweep.Sweepable, error) {
 	conn := client.WAFV2Client(ctx)
-	input := &wafv2.ListRuleGroupsInput{
-		Scope: awstypes.ScopeRegional,
-	}
+	var input wafv2.ListRuleGroupsInput
+	input.Scope = awstypes.ScopeRegional
 	sweepResources := make([]sweep.Sweepable, 0)
 
-	err = listRuleGroupsPages(ctx, conn, input, func(page *wafv2.ListRuleGroupsOutput, lastPage bool) bool {
+	err := listRuleGroupsPages(ctx, conn, &input, func(page *wafv2.ListRuleGroupsOutput, lastPage bool) bool {
 		if page == nil {
 			return !lastPage
 		}
@@ -185,37 +143,20 @@ func sweepRuleGroups(region string) error {
 		return !lastPage
 	})
 
-	if awsv2.SkipSweepError(err) {
-		log.Printf("[WARN] Skipping WAFv2 RuleGroup sweep for %s: %s", region, err)
-		return nil
-	}
-
 	if err != nil {
-		return fmt.Errorf("error listing WAFv2 RuleGroups (%s): %w", region, err)
+		return nil, err
 	}
 
-	err = sweep.SweepOrchestrator(ctx, sweepResources)
-
-	if err != nil {
-		return fmt.Errorf("error sweeping WAFv2 RuleGroups (%s): %w", region, err)
-	}
-
-	return nil
+	return sweepResources, nil
 }
 
-func sweepWebACLs(region string) error {
-	ctx := sweep.Context(region)
-	client, err := sweep.SharedRegionalSweepClient(ctx, region)
-	if err != nil {
-		return fmt.Errorf("error getting client: %s", err)
-	}
+func sweepWebACLs(ctx context.Context, client *conns.AWSClient) ([]sweep.Sweepable, error) {
 	conn := client.WAFV2Client(ctx)
-	input := &wafv2.ListWebACLsInput{
-		Scope: awstypes.ScopeRegional,
-	}
+	var input wafv2.ListWebACLsInput
+	input.Scope = awstypes.ScopeRegional
 	sweepResources := make([]sweep.Sweepable, 0)
 
-	err = listWebACLsPages(ctx, conn, input, func(page *wafv2.ListWebACLsOutput, lastPage bool) bool {
+	err := listWebACLsPages(ctx, conn, &input, func(page *wafv2.ListWebACLsOutput, lastPage bool) bool {
 		if page == nil {
 			return !lastPage
 		}
@@ -244,65 +185,9 @@ func sweepWebACLs(region string) error {
 		return !lastPage
 	})
 
-	if awsv2.SkipSweepError(err) {
-		log.Printf("[WARN] Skipping WAFv2 WebACL sweep for %s: %s", region, err)
-		return nil
-	}
-
-	if err != nil {
-		return fmt.Errorf("error listing WAFv2 WebACLs (%s): %w", region, err)
-	}
-
-	err = sweep.SweepOrchestrator(ctx, sweepResources)
-
-	if err != nil {
-		return fmt.Errorf("error sweeping WAFv2 WebACLs (%s): %w", region, err)
-	}
-
-	return nil
-}
-
-func sweepAPIKeys(region string) error {
-	ctx := sweep.Context(region)
-	client, err := sweep.SharedRegionalSweepClient(ctx, region)
-	if err != nil {
-		return fmt.Errorf("error getting client: %w", err)
-	}
-	conn := client.WAFV2Client(ctx)
-
-	sweepResources := make([]sweep.Sweepable, 0)
-
-	input := &wafv2.ListAPIKeysInput{
-		Scope: awstypes.ScopeRegional,
-	}
-
-	err = listAPIKeysPages(ctx, conn, input, func(page *wafv2.ListAPIKeysOutput, lastPage bool) bool {
-		if page == nil {
-			return !lastPage
-		}
-
-		for _, v := range page.APIKeySummaries {
-			sweepResources = append(sweepResources, framework.NewSweepResource(newAPIKeyResource, client,
-				framework.NewAttribute("api_key", aws.ToString(v.APIKey)),
-				framework.NewAttribute("token_domains", v.TokenDomains),
-				framework.NewAttribute(names.AttrScope, awstypes.ScopeRegional),
-			))
-		}
-		return !lastPage
-	})
-
-	if awsv2.SkipSweepError(err) {
-		log.Printf("[WARN] Skipping WAFv2 API Key sweep for %s scope in %s: %s", awstypes.ScopeRegional, region, err)
-		return nil
-	}
-	if err != nil {
-		return fmt.Errorf("error listing WAFv2 API Keys in (%s) for scope %s: %w", region, awstypes.ScopeRegional, err)
-	}
-
-	err = sweep.SweepOrchestrator(ctx, sweepResources)
 	if err != nil {
-		return fmt.Errorf("error sweeping WAFv2 API Keys (%s): %w", region, err)
+		return nil, err
 	}
 
-	return nil
+	return sweepResources, nil
 }
