github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/builtin/providers/vault/resource_mount.go (about) 1 package vault 2 3 import ( 4 "fmt" 5 "github.com/hashicorp/terraform/helper/schema" 6 "github.com/hashicorp/vault/api" 7 "log" 8 ) 9 10 func mountResource() *schema.Resource { 11 return &schema.Resource{ 12 Create: mountWrite, 13 Update: mountUpdate, 14 Delete: mountDelete, 15 Read: mountRead, 16 17 Schema: map[string]*schema.Schema{ 18 "path": { 19 Type: schema.TypeString, 20 Required: true, 21 ForceNew: false, 22 Description: "Where the secret backend will be mounted", 23 }, 24 25 "type": { 26 Type: schema.TypeString, 27 Required: true, 28 ForceNew: true, 29 Description: "Type of the backend, such as 'aws'", 30 }, 31 32 "description": { 33 Type: schema.TypeString, 34 Optional: true, 35 Required: false, 36 ForceNew: true, 37 Description: "Human-friendly description of the mount", 38 }, 39 40 "default_lease_ttl_seconds": { 41 Type: schema.TypeInt, 42 Required: false, 43 Optional: true, 44 ForceNew: false, 45 Description: "Default lease duration for tokens and secrets in seconds", 46 }, 47 48 "max_lease_ttl_seconds": { 49 Type: schema.TypeInt, 50 Required: false, 51 Optional: true, 52 ForceNew: false, 53 Description: "Maximum possible lease duration for tokens and secrets in seconds", 54 }, 55 }, 56 } 57 } 58 59 func mountWrite(d *schema.ResourceData, meta interface{}) error { 60 client := meta.(*api.Client) 61 62 info := &api.MountInput{ 63 Type: d.Get("type").(string), 64 Description: d.Get("description").(string), 65 Config: api.MountConfigInput{ 66 DefaultLeaseTTL: fmt.Sprintf("%ds", d.Get("default_lease_ttl_seconds")), 67 MaxLeaseTTL: fmt.Sprintf("%ds", d.Get("max_lease_ttl_seconds")), 68 }, 69 } 70 71 path := d.Get("path").(string) 72 73 log.Printf("[DEBUG] Creating mount %s in Vault", path) 74 75 if err := client.Sys().Mount(path, info); err != nil { 76 return fmt.Errorf("error writing to Vault: %s", err) 77 } 78 79 d.SetId(path) 80 81 return nil 82 } 83 84 func mountUpdate(d *schema.ResourceData, meta interface{}) error { 85 client := meta.(*api.Client) 86 87 config := api.MountConfigInput{ 88 DefaultLeaseTTL: fmt.Sprintf("%ds", d.Get("default_lease_ttl_seconds")), 89 MaxLeaseTTL: fmt.Sprintf("%ds", d.Get("max_lease_ttl_seconds")), 90 } 91 92 path := d.Id() 93 94 if d.HasChange("path") { 95 newPath := d.Get("path").(string) 96 97 log.Printf("[DEBUG] Remount %s to %s in Vault", path, newPath) 98 99 err := client.Sys().Remount(d.Id(), newPath) 100 if err != nil { 101 return fmt.Errorf("error remounting in Vault: %s", err) 102 } 103 104 d.SetId(newPath) 105 path = newPath 106 } 107 108 log.Printf("[DEBUG] Updating mount %s in Vault", path) 109 110 if err := client.Sys().TuneMount(path, config); err != nil { 111 return fmt.Errorf("error updating Vault: %s", err) 112 } 113 114 return nil 115 } 116 117 func mountDelete(d *schema.ResourceData, meta interface{}) error { 118 client := meta.(*api.Client) 119 120 path := d.Id() 121 122 log.Printf("[DEBUG] Unmounting %s from Vault", path) 123 124 if err := client.Sys().Unmount(path); err != nil { 125 return fmt.Errorf("error deleting from Vault: %s", err) 126 } 127 128 return nil 129 } 130 131 func mountRead(d *schema.ResourceData, meta interface{}) error { 132 client := meta.(*api.Client) 133 134 path := d.Id() 135 136 log.Printf("[DEBUG] Reading mount %s from Vault", path) 137 138 mount, err := client.Sys().MountConfig(path) 139 if err != nil { 140 return fmt.Errorf("error reading from Vault: %s", err) 141 } 142 143 d.Set("default_lease_ttl_seconds", mount.DefaultLeaseTTL) 144 d.Set("max_lease_ttl_seconds", mount.MaxLeaseTTL) 145 146 return nil 147 }