github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/resource_aws_iam_group.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"regexp"
     6  
     7  	"github.com/aws/aws-sdk-go/aws"
     8  	"github.com/aws/aws-sdk-go/aws/awserr"
     9  	"github.com/aws/aws-sdk-go/service/iam"
    10  
    11  	"github.com/hashicorp/terraform/helper/schema"
    12  )
    13  
    14  func resourceAwsIamGroup() *schema.Resource {
    15  	return &schema.Resource{
    16  		Create: resourceAwsIamGroupCreate,
    17  		Read:   resourceAwsIamGroupRead,
    18  		Update: resourceAwsIamGroupUpdate,
    19  		Delete: resourceAwsIamGroupDelete,
    20  		Importer: &schema.ResourceImporter{
    21  			State: schema.ImportStatePassthrough,
    22  		},
    23  
    24  		Schema: map[string]*schema.Schema{
    25  			"arn": &schema.Schema{
    26  				Type:     schema.TypeString,
    27  				Computed: true,
    28  			},
    29  			"unique_id": &schema.Schema{
    30  				Type:     schema.TypeString,
    31  				Computed: true,
    32  			},
    33  			"name": &schema.Schema{
    34  				Type:         schema.TypeString,
    35  				Required:     true,
    36  				ValidateFunc: validateAwsIamGroupName,
    37  			},
    38  			"path": &schema.Schema{
    39  				Type:     schema.TypeString,
    40  				Optional: true,
    41  				Default:  "/",
    42  			},
    43  		},
    44  	}
    45  }
    46  
    47  func resourceAwsIamGroupCreate(d *schema.ResourceData, meta interface{}) error {
    48  	iamconn := meta.(*AWSClient).iamconn
    49  	name := d.Get("name").(string)
    50  	path := d.Get("path").(string)
    51  
    52  	request := &iam.CreateGroupInput{
    53  		Path:      aws.String(path),
    54  		GroupName: aws.String(name),
    55  	}
    56  
    57  	createResp, err := iamconn.CreateGroup(request)
    58  	if err != nil {
    59  		return fmt.Errorf("Error creating IAM Group %s: %s", name, err)
    60  	}
    61  	d.SetId(*createResp.Group.GroupName)
    62  
    63  	return resourceAwsIamGroupReadResult(d, createResp.Group)
    64  }
    65  
    66  func resourceAwsIamGroupRead(d *schema.ResourceData, meta interface{}) error {
    67  	iamconn := meta.(*AWSClient).iamconn
    68  
    69  	request := &iam.GetGroupInput{
    70  		GroupName: aws.String(d.Id()),
    71  	}
    72  
    73  	getResp, err := iamconn.GetGroup(request)
    74  	if err != nil {
    75  		if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" {
    76  			d.SetId("")
    77  			return nil
    78  		}
    79  		return fmt.Errorf("Error reading IAM Group %s: %s", d.Id(), err)
    80  	}
    81  	return resourceAwsIamGroupReadResult(d, getResp.Group)
    82  }
    83  
    84  func resourceAwsIamGroupReadResult(d *schema.ResourceData, group *iam.Group) error {
    85  	if err := d.Set("name", group.GroupName); err != nil {
    86  		return err
    87  	}
    88  	if err := d.Set("arn", group.Arn); err != nil {
    89  		return err
    90  	}
    91  	if err := d.Set("path", group.Path); err != nil {
    92  		return err
    93  	}
    94  	if err := d.Set("unique_id", group.GroupId); err != nil {
    95  		return err
    96  	}
    97  	return nil
    98  }
    99  
   100  func resourceAwsIamGroupUpdate(d *schema.ResourceData, meta interface{}) error {
   101  	if d.HasChange("name") || d.HasChange("path") {
   102  		iamconn := meta.(*AWSClient).iamconn
   103  		on, nn := d.GetChange("name")
   104  		_, np := d.GetChange("path")
   105  
   106  		request := &iam.UpdateGroupInput{
   107  			GroupName:    aws.String(on.(string)),
   108  			NewGroupName: aws.String(nn.(string)),
   109  			NewPath:      aws.String(np.(string)),
   110  		}
   111  		_, err := iamconn.UpdateGroup(request)
   112  		if err != nil {
   113  			return fmt.Errorf("Error updating IAM Group %s: %s", d.Id(), err)
   114  		}
   115  		return resourceAwsIamGroupRead(d, meta)
   116  	}
   117  	return nil
   118  }
   119  
   120  func resourceAwsIamGroupDelete(d *schema.ResourceData, meta interface{}) error {
   121  	iamconn := meta.(*AWSClient).iamconn
   122  
   123  	request := &iam.DeleteGroupInput{
   124  		GroupName: aws.String(d.Id()),
   125  	}
   126  
   127  	if _, err := iamconn.DeleteGroup(request); err != nil {
   128  		return fmt.Errorf("Error deleting IAM Group %s: %s", d.Id(), err)
   129  	}
   130  	return nil
   131  }
   132  
   133  func validateAwsIamGroupName(v interface{}, k string) (ws []string, errors []error) {
   134  	value := v.(string)
   135  	if !regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`).MatchString(value) {
   136  		errors = append(errors, fmt.Errorf(
   137  			"only alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs allowed in %q: %q",
   138  			k, value))
   139  	}
   140  	return
   141  }