github.com/armen/terraform@v0.5.2-0.20150529052519-caa8117a08f1/builtin/providers/aws/resource_aws_iam_server_certificate.go

github.com/armen/terraform@v0.5.2-0.20150529052519-caa8117a08f1/builtin/providers/aws/resource_aws_iam_server_certificate.go (about)

     1  package aws
     2  
     3  import (
     4  	"crypto/sha1"
     5  	"encoding/hex"
     6  	"fmt"
     7  	"strings"
     8  
     9  	"github.com/awslabs/aws-sdk-go/aws"
    10  	"github.com/awslabs/aws-sdk-go/aws/awserr"
    11  	"github.com/awslabs/aws-sdk-go/service/iam"
    12  	"github.com/hashicorp/terraform/helper/schema"
    13  )
    14  
    15  func resourceAwsIAMServerCertificate() *schema.Resource {
    16  	return &schema.Resource{
    17  		Create: resourceAwsIAMServerCertificateCreate,
    18  		Read:   resourceAwsIAMServerCertificateRead,
    19  		Delete: resourceAwsIAMServerCertificateDelete,
    20  
    21  		Schema: map[string]*schema.Schema{
    22  			"certificate_body": &schema.Schema{
    23  				Type:      schema.TypeString,
    24  				Required:  true,
    25  				ForceNew:  true,
    26  				StateFunc: normalizeCert,
    27  			},
    28  
    29  			"certificate_chain": &schema.Schema{
    30  				Type:     schema.TypeString,
    31  				Optional: true,
    32  				ForceNew: true,
    33  			},
    34  
    35  			"path": &schema.Schema{
    36  				Type:     schema.TypeBool,
    37  				Optional: true,
    38  				ForceNew: true,
    39  			},
    40  
    41  			"private_key": &schema.Schema{
    42  				Type:      schema.TypeString,
    43  				Required:  true,
    44  				ForceNew:  true,
    45  				StateFunc: normalizeCert,
    46  			},
    47  
    48  			"name": &schema.Schema{
    49  				Type:     schema.TypeString,
    50  				Required: true,
    51  				ForceNew: true,
    52  			},
    53  
    54  			"arn": &schema.Schema{
    55  				Type:     schema.TypeString,
    56  				Optional: true,
    57  				Computed: true,
    58  			},
    59  		},
    60  	}
    61  }
    62  
    63  func resourceAwsIAMServerCertificateCreate(d *schema.ResourceData, meta interface{}) error {
    64  	conn := meta.(*AWSClient).iamconn
    65  
    66  	createOpts := &iam.UploadServerCertificateInput{
    67  		CertificateBody:       aws.String(d.Get("certificate_body").(string)),
    68  		PrivateKey:            aws.String(d.Get("private_key").(string)),
    69  		ServerCertificateName: aws.String(d.Get("name").(string)),
    70  	}
    71  
    72  	if v, ok := d.GetOk("certificate_chain"); ok {
    73  		createOpts.CertificateChain = aws.String(v.(string))
    74  	}
    75  
    76  	if v, ok := d.GetOk("Path"); ok {
    77  		createOpts.Path = aws.String(v.(string))
    78  	}
    79  
    80  	resp, err := conn.UploadServerCertificate(createOpts)
    81  	if err != nil {
    82  		if awsErr, ok := err.(awserr.Error); ok {
    83  			return fmt.Errorf("[WARN] Error uploading server certificate, error: %s: %s", awsErr.Code(), awsErr.Message())
    84  		}
    85  		return fmt.Errorf("[WARN] Error uploading server certificate, error: %s", err)
    86  	}
    87  
    88  	d.SetId(*resp.ServerCertificateMetadata.ServerCertificateID)
    89  
    90  	return resourceAwsIAMServerCertificateRead(d, meta)
    91  }
    92  
    93  func resourceAwsIAMServerCertificateRead(d *schema.ResourceData, meta interface{}) error {
    94  	conn := meta.(*AWSClient).iamconn
    95  	resp, err := conn.GetServerCertificate(&iam.GetServerCertificateInput{
    96  		ServerCertificateName: aws.String(d.Get("name").(string)),
    97  	})
    98  
    99  	if err != nil {
   100  		if awsErr, ok := err.(awserr.Error); ok {
   101  			return fmt.Errorf("[WARN] Error reading IAM Server Certificate: %s: %s", awsErr.Code(), awsErr.Message())
   102  		}
   103  		return fmt.Errorf("[WARN] Error reading IAM Server Certificate: %s", err)
   104  	}
   105  
   106  	// these values should always be present, and have a default if not set in
   107  	// configuration, and so safe to reference with nil checks
   108  	d.Set("certificate_body", normalizeCert(resp.ServerCertificate.CertificateBody))
   109  	d.Set("certificate_chain", resp.ServerCertificate.CertificateChain)
   110  	d.Set("path", resp.ServerCertificate.ServerCertificateMetadata.Path)
   111  	d.Set("arn", resp.ServerCertificate.ServerCertificateMetadata.ARN)
   112  
   113  	return nil
   114  }
   115  
   116  func resourceAwsIAMServerCertificateDelete(d *schema.ResourceData, meta interface{}) error {
   117  	conn := meta.(*AWSClient).iamconn
   118  	_, err := conn.DeleteServerCertificate(&iam.DeleteServerCertificateInput{
   119  		ServerCertificateName: aws.String(d.Get("name").(string)),
   120  	})
   121  
   122  	if err != nil {
   123  		if awsErr, ok := err.(awserr.Error); ok {
   124  			return fmt.Errorf("[WARN] Error deleting server certificate: %s: %s", awsErr.Code(), awsErr.Message())
   125  		}
   126  		return err
   127  	}
   128  
   129  	d.SetId("")
   130  	return nil
   131  }
   132  
   133  func normalizeCert(cert interface{}) string {
   134  	if cert == nil {
   135  		return ""
   136  	}
   137  	switch cert.(type) {
   138  	case string:
   139  		hash := sha1.Sum([]byte(strings.TrimSpace(cert.(string))))
   140  		return hex.EncodeToString(hash[:])
   141  	case *string:
   142  		hash := sha1.Sum([]byte(strings.TrimSpace(*cert.(*string))))
   143  		return hex.EncodeToString(hash[:])
   144  	default:
   145  		return ""
   146  	}
   147  }