github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/vault/resource_policy.go (about) 1 package vault 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/hashicorp/terraform/helper/schema" 8 "github.com/hashicorp/vault/api" 9 ) 10 11 func policyResource() *schema.Resource { 12 return &schema.Resource{ 13 Create: policyWrite, 14 Update: policyWrite, 15 Delete: policyDelete, 16 Read: policyRead, 17 18 Schema: map[string]*schema.Schema{ 19 "name": &schema.Schema{ 20 Type: schema.TypeString, 21 Required: true, 22 ForceNew: true, 23 Description: "Name of the policy", 24 }, 25 26 "policy": &schema.Schema{ 27 Type: schema.TypeString, 28 Required: true, 29 Description: "The policy document", 30 }, 31 }, 32 } 33 } 34 35 func policyWrite(d *schema.ResourceData, meta interface{}) error { 36 client := meta.(*api.Client) 37 38 name := d.Get("name").(string) 39 policy := d.Get("policy").(string) 40 41 log.Printf("[DEBUG] Writing policy %s to Vault", name) 42 err := client.Sys().PutPolicy(name, policy) 43 44 if err != nil { 45 return fmt.Errorf("error writing to Vault: %s", err) 46 } 47 48 d.SetId(name) 49 50 return nil 51 } 52 53 func policyDelete(d *schema.ResourceData, meta interface{}) error { 54 client := meta.(*api.Client) 55 56 name := d.Id() 57 58 log.Printf("[DEBUG] Deleting policy %s from Vault", name) 59 60 err := client.Sys().DeletePolicy(name) 61 if err != nil { 62 return fmt.Errorf("error deleting from Vault: %s", err) 63 } 64 65 return nil 66 } 67 68 func policyRead(d *schema.ResourceData, meta interface{}) error { 69 client := meta.(*api.Client) 70 71 name := d.Id() 72 73 policy, err := client.Sys().GetPolicy(name) 74 75 if err != nil { 76 return fmt.Errorf("error reading from Vault: %s", err) 77 } 78 79 d.Set("policy", policy) 80 81 return nil 82 }