check if plugin type is PluginTypeAWSIdentityCenter and PluginAWSICSe…

…ttings is not nil for delete action
gravitational · Dec 17, 2024 · 9a0162d · 9a0162d
1 parent 2546d1c
commit 9a0162d
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 5 deletions.
diff --git a/lib/services/local/integrations.go b/lib/services/local/integrations.go
@@ -213,8 +213,11 @@ func integrationReferencedByAWSICPlugin(ctx context.Context, bk backend.Backend,
 			continue
 		}
 
-		if pluginV1.GetType() == types.PluginType(types.PluginTypeAWSIdentityCenter) {
-			switch pluginV1.Spec.GetAwsIc().IntegrationName {
+		if pluginV1.GetType() != types.PluginType(types.PluginTypeAWSIdentityCenter) {
+			continue
+		}
+		if awsIC := pluginV1.Spec.GetAwsIc(); awsIC != nil {
+			switch awsIC.IntegrationName {
 			case name:
 				return nil, trace.BadParameter("cannot delete AWS OIDC integration currently referenced by AWS Identity Center integration %q", pluginV1.GetName())
 			default:

diff --git a/lib/services/local/saml_idp_service_provider.go b/lib/services/local/saml_idp_service_provider.go
@@ -419,9 +419,13 @@ func spReferencedByAWSICPlugin(ctx context.Context, bk backend.Backend, serviceP
 		if !ok {
 			continue
 		}
-
-		if pluginV1.Spec.GetAwsIc().SamlIdpServiceProviderName == serviceProviderName {
-			return trace.BadParameter("cannot delete SAML service provider currently referenced by AWS Identity Center integration %q", pluginV1.GetName())
+		if pluginV1.GetType() != types.PluginType(types.PluginTypeAWSIdentityCenter) {
+			continue
+		}
+		if awsIC := pluginV1.Spec.GetAwsIc(); awsIC != nil {
+			if awsIC.SamlIdpServiceProviderName == serviceProviderName {
+				return trace.BadParameter("cannot delete SAML service provider currently referenced by AWS Identity Center integration %q", pluginV1.GetName())
+			}
 		}
 	}