hashicorp · AliAllomani · Jan 19, 2024 · Jan 19, 2024
@@ -27,6 +27,11 @@ func DataSourceRules() *schema.Resource {
 				Optional:     true,
 				ValidateFunc: validation.StringIsValidRegExp,
 			},
+			"domain_regex": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringIsValidRegExp,
+			},
 			"owner_id": {
 				Type:     schema.TypeString,
 				Optional: true,
@@ -70,6 +75,9 @@ func dataSourceRulesRead(ctx context.Context, d *schema.ResourceData, meta inter
 			if v, ok := d.GetOk("name_regex"); ok && !regexache.MustCompile(v.(string)).MatchString(aws.StringValue(rule.Name)) {
 				continue
 			}
+			if v, ok := d.GetOk("domain_regex"); ok && !regexache.MustCompile(v.(string)).MatchString(aws.StringValue(rule.DomainName)) {
+				continue
+			}
 			if v, ok := d.GetOk("owner_id"); ok && aws.StringValue(rule.OwnerId) != v.(string) {
 				continue
 			}

@@ -101,6 +101,46 @@ func TestAccRoute53ResolverRulesDataSource_nonExistentNameRegex(t *testing.T) {
 	})
 }
 
+func TestAccRoute53ResolverRulesDataSource_domainRegex(t *testing.T) {
+	ctx := acctest.Context(t)
+	dsResourceName := "data.aws_route53_resolver_rules.test"
+	rCount := 3
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.PreCheck(ctx, t); testAccPreCheck(ctx, t) },
+		ErrorCheck:               acctest.ErrorCheck(t, route53resolver.EndpointsID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccRulesDataSourceConfig_domainRegex(rCount, rName),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(dsResourceName, "resolver_rule_ids.#", strconv.Itoa(rCount)),
+				),
+			},
+		},
+	})
+}
+
+func TestAccRoute53ResolverRulesDataSource_nonExistentDomainRegex(t *testing.T) {
+	ctx := acctest.Context(t)
+	dsResourceName := "data.aws_route53_resolver_rules.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.PreCheck(ctx, t); testAccPreCheck(ctx, t) },
+		ErrorCheck:               acctest.ErrorCheck(t, route53resolver.EndpointsID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccRulesDataSourceConfig_nonExistentDomainRegex,
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttr(dsResourceName, "resolver_rule_ids.#", "0"),
+				),
+			},
+		},
+	})
+}
+
 const testAccRulesDataSourceConfig_basic = `
 # The default Internet Resolver rule.
 data "aws_route53_resolver_rules" "test" {
@@ -171,3 +211,26 @@ data "aws_route53_resolver_rules" "test" {
   name_regex = "dne-regex"
 }
 `
+
+func testAccRulesDataSourceConfig_domainRegex(rCount int, rName string) string {
+	return fmt.Sprintf(`
+resource "aws_route53_resolver_rule" "test" {
+  count       = %[1]d
+  domain_name = "%[2]s.example.org"
+  name        = "%[2]s-${count.index}-rule"
+  rule_type   = "SYSTEM"
+}
+
+data "aws_route53_resolver_rules" "test" {
+  domain_regex = "%[2]s\\.example\\.org\\."
+
+  depends_on = [aws_route53_resolver_rule.test]
+}
+`, rCount, rName)
+}
+
+const testAccRulesDataSourceConfig_nonExistentDomainRegex = `
+data "aws_route53_resolver_rules" "test" {
+  domain_regex = "dne-regex"
+}
+`
@@ -41,13 +41,26 @@ data "aws_route53_resolver_rules" "example" {
 }
 ```
 
+### Retrieving rules by domain regex
+
+Resolver rules whose domain contains `abc`.
+
+```terraform
+data "aws_route53_resolver_rules" "example" {
+  domain_regex = ".*abc.*"
+}
+```
+
 ## Argument Reference
 
 The arguments of this data source act as filters for querying the available resolver rules in the current region.
 
 * `name_regex` - (Optional) Regex string to filter resolver rule names.
   The filtering is done locally, so could have a performance impact if the result is large.
   This argument should be used along with other arguments to limit the number of results returned.
+* `domain_regex` - (Optional) Regex string to filter resolver rule domains.
+  The filtering is done locally, so could have a performance impact if the result is large.
+  This argument should be used along with other arguments to limit the number of results returned.
 * `owner_id` (Optional) When the desired resolver rules are shared with another AWS account, the account ID of the account that the rules are shared with.
 * `resolver_endpoint_id` (Optional) ID of the outbound resolver endpoint for the desired resolver rules.
 * `rule_type` (Optional) Rule type of the desired resolver rules. Valid values are `FORWARD`, `SYSTEM` and `RECURSIVE`.