github.com/anuaimi/terraform@v0.6.4-0.20150904235404-2bf9aec61da8/builtin/providers/aws/resource_aws_iam_server_certificate.go (about) 1 package aws 2 3 import ( 4 "crypto/sha1" 5 "encoding/hex" 6 "fmt" 7 "log" 8 "strings" 9 10 "github.com/aws/aws-sdk-go/aws" 11 "github.com/aws/aws-sdk-go/aws/awserr" 12 "github.com/aws/aws-sdk-go/service/iam" 13 "github.com/hashicorp/terraform/helper/schema" 14 ) 15 16 func resourceAwsIAMServerCertificate() *schema.Resource { 17 return &schema.Resource{ 18 Create: resourceAwsIAMServerCertificateCreate, 19 Read: resourceAwsIAMServerCertificateRead, 20 Delete: resourceAwsIAMServerCertificateDelete, 21 22 Schema: map[string]*schema.Schema{ 23 "certificate_body": &schema.Schema{ 24 Type: schema.TypeString, 25 Required: true, 26 ForceNew: true, 27 StateFunc: normalizeCert, 28 }, 29 30 "certificate_chain": &schema.Schema{ 31 Type: schema.TypeString, 32 Optional: true, 33 ForceNew: true, 34 StateFunc: normalizeCert, 35 }, 36 37 "path": &schema.Schema{ 38 Type: schema.TypeString, 39 Optional: true, 40 Default: "/", 41 ForceNew: true, 42 }, 43 44 "private_key": &schema.Schema{ 45 Type: schema.TypeString, 46 Required: true, 47 ForceNew: true, 48 StateFunc: normalizeCert, 49 }, 50 51 "name": &schema.Schema{ 52 Type: schema.TypeString, 53 Required: true, 54 ForceNew: true, 55 }, 56 57 "arn": &schema.Schema{ 58 Type: schema.TypeString, 59 Optional: true, 60 Computed: true, 61 }, 62 }, 63 } 64 } 65 66 func resourceAwsIAMServerCertificateCreate(d *schema.ResourceData, meta interface{}) error { 67 conn := meta.(*AWSClient).iamconn 68 69 createOpts := &iam.UploadServerCertificateInput{ 70 CertificateBody: aws.String(d.Get("certificate_body").(string)), 71 PrivateKey: aws.String(d.Get("private_key").(string)), 72 ServerCertificateName: aws.String(d.Get("name").(string)), 73 } 74 75 if v, ok := d.GetOk("certificate_chain"); ok { 76 createOpts.CertificateChain = aws.String(v.(string)) 77 } 78 79 if v, ok := d.GetOk("path"); ok { 80 createOpts.Path = aws.String(v.(string)) 81 } 82 83 log.Printf("[DEBUG] Creating IAM Server Certificate with opts: %s", createOpts) 84 resp, err := conn.UploadServerCertificate(createOpts) 85 if err != nil { 86 if awsErr, ok := err.(awserr.Error); ok { 87 return fmt.Errorf("[WARN] Error uploading server certificate, error: %s: %s", awsErr.Code(), awsErr.Message()) 88 } 89 return fmt.Errorf("[WARN] Error uploading server certificate, error: %s", err) 90 } 91 92 d.SetId(*resp.ServerCertificateMetadata.ServerCertificateId) 93 94 return resourceAwsIAMServerCertificateRead(d, meta) 95 } 96 97 func resourceAwsIAMServerCertificateRead(d *schema.ResourceData, meta interface{}) error { 98 conn := meta.(*AWSClient).iamconn 99 resp, err := conn.GetServerCertificate(&iam.GetServerCertificateInput{ 100 ServerCertificateName: aws.String(d.Get("name").(string)), 101 }) 102 103 if err != nil { 104 if awsErr, ok := err.(awserr.Error); ok { 105 return fmt.Errorf("[WARN] Error reading IAM Server Certificate: %s: %s", awsErr.Code(), awsErr.Message()) 106 } 107 return fmt.Errorf("[WARN] Error reading IAM Server Certificate: %s", err) 108 } 109 110 // these values should always be present, and have a default if not set in 111 // configuration, and so safe to reference with nil checks 112 d.Set("certificate_body", normalizeCert(resp.ServerCertificate.CertificateBody)) 113 114 c := normalizeCert(resp.ServerCertificate.CertificateChain) 115 if c != "" { 116 d.Set("certificate_chain", c) 117 } 118 119 d.Set("path", resp.ServerCertificate.ServerCertificateMetadata.Path) 120 d.Set("arn", resp.ServerCertificate.ServerCertificateMetadata.Arn) 121 122 return nil 123 } 124 125 func resourceAwsIAMServerCertificateDelete(d *schema.ResourceData, meta interface{}) error { 126 conn := meta.(*AWSClient).iamconn 127 _, err := conn.DeleteServerCertificate(&iam.DeleteServerCertificateInput{ 128 ServerCertificateName: aws.String(d.Get("name").(string)), 129 }) 130 131 if err != nil { 132 if awsErr, ok := err.(awserr.Error); ok { 133 return fmt.Errorf("[WARN] Error deleting server certificate: %s: %s", awsErr.Code(), awsErr.Message()) 134 } 135 return err 136 } 137 138 d.SetId("") 139 return nil 140 } 141 142 func normalizeCert(cert interface{}) string { 143 if cert == nil || cert == (*string)(nil) { 144 return "" 145 } 146 147 switch cert.(type) { 148 case string: 149 hash := sha1.Sum([]byte(strings.TrimSpace(cert.(string)))) 150 return hex.EncodeToString(hash[:]) 151 case *string: 152 hash := sha1.Sum([]byte(strings.TrimSpace(*cert.(*string)))) 153 return hex.EncodeToString(hash[:]) 154 default: 155 return "" 156 } 157 }