d/aws_secretsmanager_secrets - new data source

internal/generate/namevaluesfilters/generators/servicefilters/main.go

@@ -29,10 +29,10 @@ var sliceServiceNames = []string{
 	"imagebuilder",
 	"licensemanager",
 	"neptune",
-	"opensearchservice",
 	"rds",
 	"resourcegroupstaggingapi",
 	"route53resolver",
+	"secretsmanager",
 }
 
 type TemplateData struct {

internal/generate/namevaluesfilters/service_generation_customizations.go

@@ -23,7 +23,7 @@ func ServiceFilterType(serviceName string) string {
 // ServiceFilterTypeNameField determines the service filter type name field.
 func ServiceFilterTypeNameField(serviceName string) string {
 	switch serviceName {
-	case "resourcegroupstaggingapi":
+	case "resourcegroupstaggingapi", "secretsmanager":
 		return "Key"
 	default:
 		return "Name"

internal/provider/provider.go

@@ -820,6 +820,7 @@ func Provider() *schema.Provider {
 			"aws_secretsmanager_secret":          secretsmanager.DataSourceSecret(),
 			"aws_secretsmanager_secret_rotation": secretsmanager.DataSourceSecretRotation(),
 			"aws_secretsmanager_secret_version":  secretsmanager.DataSourceSecretVersion(),
+			"aws_secretsmanager_secrets":         secretsmanager.DataSourceSecrets(),
 
 			"aws_serverlessapplicationrepository_application": serverlessrepo.DataSourceApplication(),
 

internal/service/secretsmanager/secrets_data_source.go

@@ -0,0 +1,69 @@
+package secretsmanager
+
+import (
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/secretsmanager"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-provider-aws/internal/conns"
+	"github.com/hashicorp/terraform-provider-aws/internal/generate/namevaluesfilters"
+)
+
+func DataSourceSecrets() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceSecretsRead,
+		Schema: map[string]*schema.Schema{
+			"arns": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
+			"filter": namevaluesfilters.Schema(),
+			"names": {
+				Type:     schema.TypeSet,
+				Computed: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
+		},
+	}
+}
+
+func dataSourceSecretsRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*conns.AWSClient).SecretsManagerConn
+
+	input := &secretsmanager.ListSecretsInput{}
+
+	if v, ok := d.GetOk("filter"); ok {
+		input.Filters = namevaluesfilters.New(v.(*schema.Set)).SecretsmanagerFilters()
+	}
+
+	var results []*secretsmanager.SecretListEntry
+
+	conn.ListSecretsPages(input, func(page *secretsmanager.ListSecretsOutput, lastPage bool) bool {
+		if page == nil {
+			return !lastPage
+		}
+
+		for _, secretListEntry := range page.SecretList {
+			if secretListEntry == nil {
+				continue
+			}
+
+			results = append(results, secretListEntry)
+		}
+
+		return !lastPage
+	})
+
+	var arns, names []string
+
+	for _, r := range results {
+		arns = append(arns, aws.StringValue(r.ARN))
+		names = append(names, aws.StringValue(r.Name))
+	}
+
+	d.SetId(meta.(*conns.AWSClient).Region)
+	d.Set("arns", arns)
+	d.Set("names", names)
+
+	return nil
+}

internal/service/secretsmanager/secrets_data_source_test.go

@@ -0,0 +1,73 @@
+package secretsmanager_test
+
+import (
+	"fmt"
+	"log"
+	"testing"
+	"time"
+
+	"github.com/aws/aws-sdk-go/service/secretsmanager"
+	sdkacctest "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+	"github.com/hashicorp/terraform-provider-aws/internal/acctest"
+)
+
+func TestAccSecretsManagerSecretsDataSource_filter(t *testing.T) {
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+	resourceName := "aws_secretsmanager_secret.test"
+	dataSourceName := "data.aws_secretsmanager_secrets.test"
+
+	propagationSleep := func() resource.TestCheckFunc {
+		return func(s *terraform.State) error {
+			log.Print("[DEBUG] Test: Sleep to allow secrets become visible in the list.")
+			time.Sleep(30 * time.Second)
+			return nil
+		}
+	}
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { acctest.PreCheck(t); testAccPreCheck(t) },
+		ErrorCheck:   acctest.ErrorCheck(t, secretsmanager.EndpointsID),
+		Providers:    acctest.Providers,
+		CheckDestroy: testAccCheckSecretDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccConfigSecrets_filter(rName),
+				Check:  propagationSleep(),
+			},
+			{
+				Config: testAccConfigSecretsWithDataSource_filter(rName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(dataSourceName, "arns.#", "1"),
+					resource.TestCheckResourceAttr(dataSourceName, "names.#", "1"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "arns.0", resourceName, "arn"),
+					resource.TestCheckResourceAttrPair(dataSourceName, "names.0", resourceName, "name"),
+				),
+			},
+		},
+	})
+}
+
+func testAccConfigSecrets_filter(rName string) string {
+	return fmt.Sprintf(`
+resource "aws_secretsmanager_secret" "test" {
+  name = %[1]q
+}
+`, rName)
+}
+
+func testAccConfigSecretsWithDataSource_filter(rName string) string {
+	return fmt.Sprintf(`
+resource "aws_secretsmanager_secret" "test" {
+  name = %[1]q
+}
+
+data "aws_secretsmanager_secrets" "test" {
+  filter {
+    name   = "name"
+    values = [aws_secretsmanager_secret.test.name]
+  }
+}
+`, rName)
+}

website/docs/d/secretsmanager_secrets.html.markdown

@@ -0,0 +1,38 @@
+---
+subcategory: "Secrets Manager"
+layout: "aws"
+page_title: "AWS: aws_secretsmanager_secrets"
+description: |-
+    Get information on Secrets Manager secrets.
+---
+
+# Data Source: aws_secretsmanager_secrets
+
+Use this data source to get the ARNs and names of Secrets Manager secrets matching the specified criteria.
+
+## Example Usage
+
+```terraform
+data "aws_secretsmanager_secrets" "example" {
+  filter {
+    name   = "name"
+    values = ["example]
+  }
+}
+```
+
+## Argument Reference
+
+* `filter` - (Optional) Configuration block(s) for filtering. Detailed below.
+
+## filter Configuration Block
+
+The following arguments are supported by the `filter` configuration block:
+
+* `name` - (Required) The name of the filter field. Valid values can be found in the [Secrets Manager ListSecrets API Reference](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_ListSecrets.html).
+* `values` - (Required) Set of values that are accepted for the given filter field. Results will be selected if any given value matches.
+
+## Attributes Reference
+
+* `arns` - Set of ARNs of the matched Secrets Manager secrets.
+* `names` - Set of names of the matched Secrets Manager secrets.