From 46cb7b4710055dbd1568cd20afa194aa46d497d5 Mon Sep 17 00:00:00 2001 From: Andras Ferencz-Szabo Date: Fri, 28 Oct 2016 13:40:04 +0100 Subject: [PATCH] Allow underscores in IAM user and group names (#9684) * Allow underscores in IAM user and group names * Add notes to iam_user and iam_group docs that names are not distinguished by case --- builtin/providers/aws/resource_aws_iam_group.go | 4 ++-- builtin/providers/aws/resource_aws_iam_group_test.go | 2 +- builtin/providers/aws/resource_aws_iam_user.go | 4 ++-- builtin/providers/aws/resource_aws_iam_user_test.go | 2 +- .../source/docs/providers/aws/r/iam_group.html.markdown | 8 ++++---- .../source/docs/providers/aws/r/iam_user.html.markdown | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/builtin/providers/aws/resource_aws_iam_group.go b/builtin/providers/aws/resource_aws_iam_group.go index 9e294989e9..a4ca805eea 100644 --- a/builtin/providers/aws/resource_aws_iam_group.go +++ b/builtin/providers/aws/resource_aws_iam_group.go @@ -132,9 +132,9 @@ func resourceAwsIamGroupDelete(d *schema.ResourceData, meta interface{}) error { func validateAwsIamGroupName(v interface{}, k string) (ws []string, errors []error) { value := v.(string) - if !regexp.MustCompile(`^[0-9A-Za-z=,.@-]+$`).MatchString(value) { + if !regexp.MustCompile(`^[0-9A-Za-z=,.@\-_]+$`).MatchString(value) { errors = append(errors, fmt.Errorf( - "only alphanumeric characters, hyphens, commas, periods, @ symbols and equals signs allowed in %q: %q", + "only alphanumeric characters, hyphens, underscores, commas, periods, @ symbols and equals signs allowed in %q: %q", k, value)) } return diff --git a/builtin/providers/aws/resource_aws_iam_group_test.go b/builtin/providers/aws/resource_aws_iam_group_test.go index 3585571ccd..c8be39d196 100644 --- a/builtin/providers/aws/resource_aws_iam_group_test.go +++ b/builtin/providers/aws/resource_aws_iam_group_test.go @@ -14,6 +14,7 @@ import ( func TestValidateIamGroupName(t *testing.T) { validNames := []string{ "test-group", + "test_group", "testgroup123", "TestGroup", "Test-Group", @@ -34,7 +35,6 @@ func TestValidateIamGroupName(t *testing.T) { " ", ":", ";", - "testgroup_123", "test name", "/slash-at-the-beginning", "slash-at-the-end/", diff --git a/builtin/providers/aws/resource_aws_iam_user.go b/builtin/providers/aws/resource_aws_iam_user.go index fdc69aa01e..40a866e8c8 100644 --- a/builtin/providers/aws/resource_aws_iam_user.go +++ b/builtin/providers/aws/resource_aws_iam_user.go @@ -217,9 +217,9 @@ func resourceAwsIamUserDelete(d *schema.ResourceData, meta interface{}) error { func validateAwsIamUserName(v interface{}, k string) (ws []string, errors []error) { value := v.(string) - if !regexp.MustCompile(`^[0-9A-Za-z=,.@-]+$`).MatchString(value) { + if !regexp.MustCompile(`^[0-9A-Za-z=,.@\-_]+$`).MatchString(value) { errors = append(errors, fmt.Errorf( - "only alphanumeric characters, hyphens, commas, periods, @ symbols and equals signs allowed in %q: %q", + "only alphanumeric characters, hyphens, underscores, commas, periods, @ symbols and equals signs allowed in %q: %q", k, value)) } return diff --git a/builtin/providers/aws/resource_aws_iam_user_test.go b/builtin/providers/aws/resource_aws_iam_user_test.go index 927b9be777..6c8a602d1e 100644 --- a/builtin/providers/aws/resource_aws_iam_user_test.go +++ b/builtin/providers/aws/resource_aws_iam_user_test.go @@ -15,6 +15,7 @@ import ( func TestValidateIamUserName(t *testing.T) { validNames := []string{ "test-user", + "test_user", "testuser123", "TestUser", "Test-User", @@ -35,7 +36,6 @@ func TestValidateIamUserName(t *testing.T) { " ", ":", ";", - "testuser_123", "test name", "/slash-at-the-beginning", "slash-at-the-end/", diff --git a/website/source/docs/providers/aws/r/iam_group.html.markdown b/website/source/docs/providers/aws/r/iam_group.html.markdown index fc4b0d1411..c67312530d 100644 --- a/website/source/docs/providers/aws/r/iam_group.html.markdown +++ b/website/source/docs/providers/aws/r/iam_group.html.markdown @@ -23,7 +23,7 @@ resource "aws_iam_group" "developers" { The following arguments are supported: -* `name` - (Required) The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-.`. +* `name` - (Required) The group's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. Group names are not distinguished by case. For example, you cannot create groups named both "ADMINS" and "admins". * `path` - (Optional, default "/") Path in which to create the group. ## Attributes Reference @@ -37,11 +37,11 @@ The following attributes are exported: * `unique_id` - The [unique ID][1] assigned by AWS. [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#GUIDs - + ## Import -IAM Groups can be imported using the `name`, e.g. +IAM Groups can be imported using the `name`, e.g. ``` $ terraform import aws_iam_group.developers developers -``` \ No newline at end of file +``` diff --git a/website/source/docs/providers/aws/r/iam_user.html.markdown b/website/source/docs/providers/aws/r/iam_user.html.markdown index 783dfe5ec1..e1832d3edd 100644 --- a/website/source/docs/providers/aws/r/iam_user.html.markdown +++ b/website/source/docs/providers/aws/r/iam_user.html.markdown @@ -46,7 +46,7 @@ EOF The following arguments are supported: -* `name` - (Required) The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-.`. +* `name` - (Required) The user's name. The name must consist of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: `=,.@-_.`. User names are not distinguished by case. For example, you cannot create users named both "TESTUSER" and "testuser". * `path` - (Optional, default "/") Path in which to create the user. * `force_destroy` - (Optional, default false) When destroying this user, destroy even if it has non-Terraform-managed IAM access keys. Without `force_destroy` @@ -64,7 +64,7 @@ The following attributes are exported: ## Import -IAM Users can be imported using the `name`, e.g. +IAM Users can be imported using the `name`, e.g. ``` $ terraform import aws_iam_user.lb loadbalancer