mirror of
https://github.com/opentofu/opentofu.git
synced 2024-12-29 10:21:01 -06:00
Merge pull request #8359 from hashicorp/f-aws-acm-datasource
provider/aws: New Data Source: aws_acm_certificate
This commit is contained in:
commit
c75369d65d
@ -14,6 +14,7 @@ import (
|
||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/aws/session"
|
||||
"github.com/aws/aws-sdk-go/service/acm"
|
||||
"github.com/aws/aws-sdk-go/service/apigateway"
|
||||
"github.com/aws/aws-sdk-go/service/applicationautoscaling"
|
||||
"github.com/aws/aws-sdk-go/service/autoscaling"
|
||||
@ -110,6 +111,7 @@ type AWSClient struct {
|
||||
elbv2conn *elbv2.ELBV2
|
||||
emrconn *emr.EMR
|
||||
esconn *elasticsearch.ElasticsearchService
|
||||
acmconn *acm.ACM
|
||||
apigateway *apigateway.APIGateway
|
||||
appautoscalingconn *applicationautoscaling.ApplicationAutoScaling
|
||||
autoscalingconn *autoscaling.AutoScaling
|
||||
@ -246,6 +248,7 @@ func (c *Config) Client() (interface{}, error) {
|
||||
return nil, authErr
|
||||
}
|
||||
|
||||
client.acmconn = acm.New(sess)
|
||||
client.apigateway = apigateway.New(sess)
|
||||
client.appautoscalingconn = applicationautoscaling.New(sess)
|
||||
client.autoscalingconn = autoscaling.New(sess)
|
||||
|
80
builtin/providers/aws/data_source_aws_acm_certificate.go
Normal file
80
builtin/providers/aws/data_source_aws_acm_certificate.go
Normal file
@ -0,0 +1,80 @@
|
||||
package aws
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/service/acm"
|
||||
"github.com/hashicorp/errwrap"
|
||||
"github.com/hashicorp/terraform/helper/schema"
|
||||
)
|
||||
|
||||
func dataSourceAwsAcmCertificate() *schema.Resource {
|
||||
return &schema.Resource{
|
||||
Read: dataSourceAwsAcmCertificateRead,
|
||||
Schema: map[string]*schema.Schema{
|
||||
"domain": {
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
},
|
||||
"arn": {
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
},
|
||||
"statuses": {
|
||||
Type: schema.TypeList,
|
||||
Optional: true,
|
||||
Elem: &schema.Schema{Type: schema.TypeString},
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func dataSourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) error {
|
||||
conn := meta.(*AWSClient).acmconn
|
||||
params := &acm.ListCertificatesInput{}
|
||||
|
||||
target := d.Get("domain")
|
||||
|
||||
statuses, ok := d.GetOk("statuses")
|
||||
if ok {
|
||||
statusStrings := statuses.([]string)
|
||||
statusList := make([]*string, len(statusStrings))
|
||||
for i, status := range statusStrings {
|
||||
statusList[i] = aws.String(strings.ToUpper(status))
|
||||
}
|
||||
params.CertificateStatuses = statusList
|
||||
} else {
|
||||
params.CertificateStatuses = []*string{aws.String("ISSUED")}
|
||||
}
|
||||
|
||||
var arns []string
|
||||
err := conn.ListCertificatesPages(params, func(page *acm.ListCertificatesOutput, lastPage bool) bool {
|
||||
for _, cert := range page.CertificateSummaryList {
|
||||
if *cert.DomainName == target {
|
||||
arns = append(arns, *cert.CertificateArn)
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
})
|
||||
if err != nil {
|
||||
return errwrap.Wrapf("Error describing certificates: {{err}}", err)
|
||||
}
|
||||
|
||||
if len(arns) == 0 {
|
||||
return fmt.Errorf("No certificate with statuses [%s] for domain %q found in this region.",
|
||||
strings.Join(statuses.([]string), ", "), target)
|
||||
}
|
||||
if len(arns) > 1 {
|
||||
return fmt.Errorf("Multiple certificates with statuses [%s] for domain %s found in this region.",
|
||||
strings.Join(statuses.([]string), ","), target)
|
||||
}
|
||||
|
||||
d.SetId(time.Now().UTC().String())
|
||||
d.Set("arn", arns[0])
|
||||
|
||||
return nil
|
||||
}
|
@ -0,0 +1,63 @@
|
||||
package aws
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/hashicorp/terraform/helper/resource"
|
||||
"github.com/hashicorp/terraform/terraform"
|
||||
)
|
||||
|
||||
func TestAccAwsAcmCertificateDataSource_basic(t *testing.T) {
|
||||
region := os.Getenv("AWS_ACM_TEST_REGION")
|
||||
domain := os.Getenv("AWS_ACM_TEST_DOMAIN")
|
||||
certArn := os.Getenv("AWS_ACM_TEST_CERT_ARN")
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() {
|
||||
testAccPreCheck(t)
|
||||
if region == "" {
|
||||
t.Skip("AWS_ACM_TEST_REGION must be set to a region an ACM certificate pre-created for this test.")
|
||||
}
|
||||
if domain == "" {
|
||||
t.Skip("AWS_ACM_TEST_DOMAIN must be set to a domain with an ACM certificate pre-created for this test.")
|
||||
}
|
||||
if certArn == "" {
|
||||
t.Skip("AWS_ACM_TEST_CERT_ARN must be set to the ARN of an ACM cert pre-created for this test.")
|
||||
}
|
||||
},
|
||||
Providers: testAccProviders,
|
||||
Steps: []resource.TestStep{
|
||||
{
|
||||
Config: testAccCheckAwsAcmCertificateDataSourceConfig(region, domain),
|
||||
Check: testAccCheckAcmArnMatches("data.aws_acm_certificate.test", certArn),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckAcmArnMatches(name, expectArn string) resource.TestCheckFunc {
|
||||
return func(s *terraform.State) error {
|
||||
ms := s.RootModule()
|
||||
rs, ok := ms.Resources[name]
|
||||
if !ok {
|
||||
return fmt.Errorf("Not found: %s", name)
|
||||
}
|
||||
gotArn := rs.Primary.Attributes["arn"]
|
||||
if gotArn != expectArn {
|
||||
return fmt.Errorf("Expected cert to have arn: %s, got: %s", expectArn, gotArn)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
func testAccCheckAwsAcmCertificateDataSourceConfig(region, domain string) string {
|
||||
return fmt.Sprintf(`
|
||||
provider "aws" {
|
||||
region = "%s"
|
||||
}
|
||||
data "aws_acm_certificate" "test" {
|
||||
domain = "%s"
|
||||
}
|
||||
`, region, domain)
|
||||
}
|
@ -143,6 +143,7 @@ func Provider() terraform.ResourceProvider {
|
||||
},
|
||||
|
||||
DataSourcesMap: map[string]*schema.Resource{
|
||||
"aws_acm_certificate": dataSourceAwsAcmCertificate(),
|
||||
"aws_ami": dataSourceAwsAmi(),
|
||||
"aws_availability_zone": dataSourceAwsAvailabilityZone(),
|
||||
"aws_availability_zones": dataSourceAwsAvailabilityZones(),
|
||||
|
1471
vendor/github.com/aws/aws-sdk-go/service/acm/api.go
generated
vendored
Normal file
1471
vendor/github.com/aws/aws-sdk-go/service/acm/api.go
generated
vendored
Normal file
File diff suppressed because it is too large
Load Diff
95
vendor/github.com/aws/aws-sdk-go/service/acm/service.go
generated
vendored
Normal file
95
vendor/github.com/aws/aws-sdk-go/service/acm/service.go
generated
vendored
Normal file
@ -0,0 +1,95 @@
|
||||
// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
|
||||
|
||||
package acm
|
||||
|
||||
import (
|
||||
"github.com/aws/aws-sdk-go/aws"
|
||||
"github.com/aws/aws-sdk-go/aws/client"
|
||||
"github.com/aws/aws-sdk-go/aws/client/metadata"
|
||||
"github.com/aws/aws-sdk-go/aws/request"
|
||||
"github.com/aws/aws-sdk-go/aws/signer/v4"
|
||||
"github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
|
||||
)
|
||||
|
||||
// Welcome to the AWS Certificate Manager (ACM) Command Reference. This guide
|
||||
// provides descriptions, syntax, and usage examples for each ACM command. You
|
||||
// can use AWS Certificate Manager to request ACM Certificates for your AWS-based
|
||||
// websites and applications. For general information about using ACM and for
|
||||
// more information about using the console, see the AWS Certificate Manager
|
||||
// User Guide (http://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html).
|
||||
// For more information about using the ACM API, see the AWS Certificate Manager
|
||||
// API Reference (http://docs.aws.amazon.com/acm/latest/APIReference/Welcome.html).
|
||||
//The service client's operations are safe to be used concurrently.
|
||||
// It is not safe to mutate any of the client's properties though.
|
||||
type ACM struct {
|
||||
*client.Client
|
||||
}
|
||||
|
||||
// Used for custom client initialization logic
|
||||
var initClient func(*client.Client)
|
||||
|
||||
// Used for custom request initialization logic
|
||||
var initRequest func(*request.Request)
|
||||
|
||||
// A ServiceName is the name of the service the client will make API calls to.
|
||||
const ServiceName = "acm"
|
||||
|
||||
// New creates a new instance of the ACM client with a session.
|
||||
// If additional configuration is needed for the client instance use the optional
|
||||
// aws.Config parameter to add your extra config.
|
||||
//
|
||||
// Example:
|
||||
// // Create a ACM client from just a session.
|
||||
// svc := acm.New(mySession)
|
||||
//
|
||||
// // Create a ACM client with additional configuration
|
||||
// svc := acm.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
|
||||
func New(p client.ConfigProvider, cfgs ...*aws.Config) *ACM {
|
||||
c := p.ClientConfig(ServiceName, cfgs...)
|
||||
return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion)
|
||||
}
|
||||
|
||||
// newClient creates, initializes and returns a new service client instance.
|
||||
func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion string) *ACM {
|
||||
svc := &ACM{
|
||||
Client: client.New(
|
||||
cfg,
|
||||
metadata.ClientInfo{
|
||||
ServiceName: ServiceName,
|
||||
SigningRegion: signingRegion,
|
||||
Endpoint: endpoint,
|
||||
APIVersion: "2015-12-08",
|
||||
JSONVersion: "1.1",
|
||||
TargetPrefix: "CertificateManager",
|
||||
},
|
||||
handlers,
|
||||
),
|
||||
}
|
||||
|
||||
// Handlers
|
||||
svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler)
|
||||
svc.Handlers.Build.PushBackNamed(jsonrpc.BuildHandler)
|
||||
svc.Handlers.Unmarshal.PushBackNamed(jsonrpc.UnmarshalHandler)
|
||||
svc.Handlers.UnmarshalMeta.PushBackNamed(jsonrpc.UnmarshalMetaHandler)
|
||||
svc.Handlers.UnmarshalError.PushBackNamed(jsonrpc.UnmarshalErrorHandler)
|
||||
|
||||
// Run custom client initialization if present
|
||||
if initClient != nil {
|
||||
initClient(svc.Client)
|
||||
}
|
||||
|
||||
return svc
|
||||
}
|
||||
|
||||
// newRequest creates a new request for a ACM operation and runs any
|
||||
// custom request initialization.
|
||||
func (c *ACM) newRequest(op *request.Operation, params, data interface{}) *request.Request {
|
||||
req := c.NewRequest(op, params, data)
|
||||
|
||||
// Run custom request initialization if present
|
||||
if initRequest != nil {
|
||||
initRequest(req)
|
||||
}
|
||||
|
||||
return req
|
||||
}
|
10
vendor/vendor.json
vendored
10
vendor/vendor.json
vendored
@ -545,7 +545,15 @@
|
||||
"revisionTime": "2016-10-17T19:35:59Z"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "1GRM9c7nKCaKe8Mx/tTcemGKq/4=",
|
||||
"checksumSHA1": "3lzFHxiUPnQtRo0UIKHRymmFSvk=",
|
||||
"path": "github.com/aws/aws-sdk-go/service/acm",
|
||||
"revision": "35c21ff262580265c1d77095d6f712605fd0c3f4",
|
||||
"revisionTime": "2016-08-16T21:54:33Z",
|
||||
"version": "v1.4.2",
|
||||
"versionExact": "v1.4.2"
|
||||
},
|
||||
{
|
||||
"checksumSHA1": "DXwm+kmVCiuvvGCcUTeZD/L31Kk=",
|
||||
"path": "github.com/aws/aws-sdk-go/service/apigateway",
|
||||
"revision": "09f8dd1eb5e719dc370b432d3d6d8f86e5bf6dbe",
|
||||
"revisionTime": "2016-10-17T19:35:59Z"
|
||||
|
@ -0,0 +1,35 @@
|
||||
---
|
||||
layout: "aws"
|
||||
page_title: "AWS: aws_acm_certificate"
|
||||
sidebar_current: "docs-aws-datasource-acm-certificate"
|
||||
description: |-
|
||||
Get information on a Amazon Certificate Manager (ACM) Certificate
|
||||
---
|
||||
|
||||
# aws\_acm\_certificate
|
||||
|
||||
Use this data source to get the ARN of a certificate in AWS Certificate
|
||||
Manager (ACM). The process of requesting and verifying a certificate in ACM
|
||||
requires some manual steps, which means that Terraform cannot automate the
|
||||
creation of ACM certificates. But using this data source, you can reference
|
||||
them by domain without having to hard code the ARNs as input.
|
||||
|
||||
## Example Usage
|
||||
|
||||
```
|
||||
data "aws_acm_certificate" "example" {
|
||||
domain = "tf.example.com"
|
||||
statuses = ["ISSUED"]
|
||||
}
|
||||
```
|
||||
|
||||
## Argument Reference
|
||||
|
||||
* `domain` - (Required) The domain of the certificate to look up. If no certificate is found with this name, an error will be returned.
|
||||
* `statuses` - (Optional) A list of statuses on which to filter the returned list. Valid values are `PENDING_VALIDATION`, `ISSUED`,
|
||||
`INACTIVE`, `EXPIRED`, `VALIDATION_TIMED_OUT`, `REVOKED` and `FAILED`. If no value is specified, only certificates in the `ISSUED` state
|
||||
are returned.
|
||||
|
||||
## Attributes Reference
|
||||
|
||||
* `arn` - Set to the ARN of the found certificate, suitable for referencing in other resources that support ACM certificates.
|
Loading…
Reference in New Issue
Block a user