github.com/econnell/terraform@v0.5.4-0.20150722160631-78eb236786a4/builtin/providers/aws/resource_aws_iam_server_certificate.go

github.com/econnell/terraform@v0.5.4-0.20150722160631-78eb236786a4/builtin/providers/aws/resource_aws_iam_server_certificate.go (about)

     1  package aws
     2  
     3  import (
     4  	"crypto/sha1"
     5  	"encoding/hex"
     6  	"fmt"
     7  	"strings"
     8  
     9  	"github.com/aws/aws-sdk-go/aws"
    10  	"github.com/aws/aws-sdk-go/aws/awserr"
    11  	"github.com/aws/aws-sdk-go/service/iam"
    12  	"github.com/hashicorp/terraform/helper/schema"
    13  )
    14  
    15  func resourceAwsIAMServerCertificate() *schema.Resource {
    16  	return &schema.Resource{
    17  		Create: resourceAwsIAMServerCertificateCreate,
    18  		Read:   resourceAwsIAMServerCertificateRead,
    19  		Delete: resourceAwsIAMServerCertificateDelete,
    20  
    21  		Schema: map[string]*schema.Schema{
    22  			"certificate_body": &schema.Schema{
    23  				Type:      schema.TypeString,
    24  				Required:  true,
    25  				ForceNew:  true,
    26  				StateFunc: normalizeCert,
    27  			},
    28  
    29  			"certificate_chain": &schema.Schema{
    30  				Type:      schema.TypeString,
    31  				Optional:  true,
    32  				ForceNew:  true,
    33  				StateFunc: normalizeCert,
    34  			},
    35  
    36  			"path": &schema.Schema{
    37  				Type:     schema.TypeBool,
    38  				Optional: true,
    39  				ForceNew: true,
    40  			},
    41  
    42  			"private_key": &schema.Schema{
    43  				Type:      schema.TypeString,
    44  				Required:  true,
    45  				ForceNew:  true,
    46  				StateFunc: normalizeCert,
    47  			},
    48  
    49  			"name": &schema.Schema{
    50  				Type:     schema.TypeString,
    51  				Required: true,
    52  				ForceNew: true,
    53  			},
    54  
    55  			"arn": &schema.Schema{
    56  				Type:     schema.TypeString,
    57  				Optional: true,
    58  				Computed: true,
    59  			},
    60  		},
    61  	}
    62  }
    63  
    64  func resourceAwsIAMServerCertificateCreate(d *schema.ResourceData, meta interface{}) error {
    65  	conn := meta.(*AWSClient).iamconn
    66  
    67  	createOpts := &iam.UploadServerCertificateInput{
    68  		CertificateBody:       aws.String(d.Get("certificate_body").(string)),
    69  		PrivateKey:            aws.String(d.Get("private_key").(string)),
    70  		ServerCertificateName: aws.String(d.Get("name").(string)),
    71  	}
    72  
    73  	if v, ok := d.GetOk("certificate_chain"); ok {
    74  		createOpts.CertificateChain = aws.String(v.(string))
    75  	}
    76  
    77  	if v, ok := d.GetOk("Path"); ok {
    78  		createOpts.Path = aws.String(v.(string))
    79  	}
    80  
    81  	resp, err := conn.UploadServerCertificate(createOpts)
    82  	if err != nil {
    83  		if awsErr, ok := err.(awserr.Error); ok {
    84  			return fmt.Errorf("[WARN] Error uploading server certificate, error: %s: %s", awsErr.Code(), awsErr.Message())
    85  		}
    86  		return fmt.Errorf("[WARN] Error uploading server certificate, error: %s", err)
    87  	}
    88  
    89  	d.SetId(*resp.ServerCertificateMetadata.ServerCertificateID)
    90  
    91  	return resourceAwsIAMServerCertificateRead(d, meta)
    92  }
    93  
    94  func resourceAwsIAMServerCertificateRead(d *schema.ResourceData, meta interface{}) error {
    95  	conn := meta.(*AWSClient).iamconn
    96  	resp, err := conn.GetServerCertificate(&iam.GetServerCertificateInput{
    97  		ServerCertificateName: aws.String(d.Get("name").(string)),
    98  	})
    99  
   100  	if err != nil {
   101  		if awsErr, ok := err.(awserr.Error); ok {
   102  			return fmt.Errorf("[WARN] Error reading IAM Server Certificate: %s: %s", awsErr.Code(), awsErr.Message())
   103  		}
   104  		return fmt.Errorf("[WARN] Error reading IAM Server Certificate: %s", err)
   105  	}
   106  
   107  	// these values should always be present, and have a default if not set in
   108  	// configuration, and so safe to reference with nil checks
   109  	d.Set("certificate_body", normalizeCert(resp.ServerCertificate.CertificateBody))
   110  	d.Set("certificate_chain", normalizeCert(resp.ServerCertificate.CertificateChain))
   111  	d.Set("path", resp.ServerCertificate.ServerCertificateMetadata.Path)
   112  	d.Set("arn", resp.ServerCertificate.ServerCertificateMetadata.ARN)
   113  
   114  	return nil
   115  }
   116  
   117  func resourceAwsIAMServerCertificateDelete(d *schema.ResourceData, meta interface{}) error {
   118  	conn := meta.(*AWSClient).iamconn
   119  	_, err := conn.DeleteServerCertificate(&iam.DeleteServerCertificateInput{
   120  		ServerCertificateName: aws.String(d.Get("name").(string)),
   121  	})
   122  
   123  	if err != nil {
   124  		if awsErr, ok := err.(awserr.Error); ok {
   125  			return fmt.Errorf("[WARN] Error deleting server certificate: %s: %s", awsErr.Code(), awsErr.Message())
   126  		}
   127  		return err
   128  	}
   129  
   130  	d.SetId("")
   131  	return nil
   132  }
   133  
   134  func normalizeCert(cert interface{}) string {
   135  	if cert == nil {
   136  		return ""
   137  	}
   138  	switch cert.(type) {
   139  	case string:
   140  		hash := sha1.Sum([]byte(strings.TrimSpace(cert.(string))))
   141  		return hex.EncodeToString(hash[:])
   142  	case *string:
   143  		hash := sha1.Sum([]byte(strings.TrimSpace(*cert.(*string))))
   144  		return hex.EncodeToString(hash[:])
   145  	default:
   146  		return ""
   147  	}
   148  }