github.com/mohanarpit/terraform@v0.6.16-0.20160909104007-291f29853544/builtin/providers/aws/resource_aws_s3_bucket_policy.go

github.com/mohanarpit/terraform@v0.6.16-0.20160909104007-291f29853544/builtin/providers/aws/resource_aws_s3_bucket_policy.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  	"time"
     7  
     8  	"github.com/aws/aws-sdk-go/aws"
     9  	"github.com/aws/aws-sdk-go/aws/awserr"
    10  	"github.com/aws/aws-sdk-go/service/s3"
    11  	"github.com/hashicorp/terraform/helper/resource"
    12  	"github.com/hashicorp/terraform/helper/schema"
    13  )
    14  
    15  func resourceAwsS3BucketPolicy() *schema.Resource {
    16  	return &schema.Resource{
    17  		Create: resourceAwsS3BucketPolicyPut,
    18  		Read:   resourceAwsS3BucketPolicyRead,
    19  		Update: resourceAwsS3BucketPolicyPut,
    20  		Delete: resourceAwsS3BucketPolicyDelete,
    21  
    22  		Schema: map[string]*schema.Schema{
    23  			"bucket": {
    24  				Type:     schema.TypeString,
    25  				Required: true,
    26  				ForceNew: true,
    27  			},
    28  
    29  			"policy": {
    30  				Type:             schema.TypeString,
    31  				Required:         true,
    32  				DiffSuppressFunc: suppressEquivalentAwsPolicyDiffs,
    33  			},
    34  		},
    35  	}
    36  }
    37  
    38  func resourceAwsS3BucketPolicyPut(d *schema.ResourceData, meta interface{}) error {
    39  	s3conn := meta.(*AWSClient).s3conn
    40  
    41  	bucket := d.Get("bucket").(string)
    42  	policy := d.Get("policy").(string)
    43  
    44  	d.SetId(bucket)
    45  
    46  	log.Printf("[DEBUG] S3 bucket: %s, put policy: %s", bucket, policy)
    47  
    48  	params := &s3.PutBucketPolicyInput{
    49  		Bucket: aws.String(bucket),
    50  		Policy: aws.String(policy),
    51  	}
    52  
    53  	err := resource.Retry(1*time.Minute, func() *resource.RetryError {
    54  		if _, err := s3conn.PutBucketPolicy(params); err != nil {
    55  			if awserr, ok := err.(awserr.Error); ok {
    56  				if awserr.Code() == "MalformedPolicy" {
    57  					return resource.RetryableError(awserr)
    58  				}
    59  			}
    60  			return resource.NonRetryableError(err)
    61  		}
    62  		return nil
    63  	})
    64  
    65  	if err != nil {
    66  		return fmt.Errorf("Error putting S3 policy: %s", err)
    67  	}
    68  
    69  	return nil
    70  }
    71  
    72  func resourceAwsS3BucketPolicyRead(d *schema.ResourceData, meta interface{}) error {
    73  	s3conn := meta.(*AWSClient).s3conn
    74  
    75  	log.Printf("[DEBUG] S3 bucket policy, read for bucket: %s", d.Id())
    76  	pol, err := s3conn.GetBucketPolicy(&s3.GetBucketPolicyInput{
    77  		Bucket: aws.String(d.Id()),
    78  	})
    79  
    80  	v := ""
    81  	if err == nil && pol.Policy != nil {
    82  		v = *pol.Policy
    83  	}
    84  	if err := d.Set("policy", v); err != nil {
    85  		return err
    86  	}
    87  
    88  	return nil
    89  }
    90  
    91  func resourceAwsS3BucketPolicyDelete(d *schema.ResourceData, meta interface{}) error {
    92  	s3conn := meta.(*AWSClient).s3conn
    93  
    94  	bucket := d.Get("bucket").(string)
    95  
    96  	log.Printf("[DEBUG] S3 bucket: %s, delete policy", bucket)
    97  	_, err := s3conn.DeleteBucketPolicy(&s3.DeleteBucketPolicyInput{
    98  		Bucket: aws.String(bucket),
    99  	})
   100  
   101  	if err != nil {
   102  		return fmt.Errorf("Error deleting S3 policy: %s", err)
   103  	}
   104  
   105  	return nil
   106  }