github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_iam_group.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "regexp" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/iam" 10 11 "github.com/hashicorp/terraform/helper/schema" 12 ) 13 14 func resourceAwsIamGroup() *schema.Resource { 15 return &schema.Resource{ 16 Create: resourceAwsIamGroupCreate, 17 Read: resourceAwsIamGroupRead, 18 Update: resourceAwsIamGroupUpdate, 19 Delete: resourceAwsIamGroupDelete, 20 Importer: &schema.ResourceImporter{ 21 State: schema.ImportStatePassthrough, 22 }, 23 24 Schema: map[string]*schema.Schema{ 25 "arn": &schema.Schema{ 26 Type: schema.TypeString, 27 Computed: true, 28 }, 29 "unique_id": &schema.Schema{ 30 Type: schema.TypeString, 31 Computed: true, 32 }, 33 "name": &schema.Schema{ 34 Type: schema.TypeString, 35 Required: true, 36 ValidateFunc: validateAwsIamGroupName, 37 }, 38 "path": &schema.Schema{ 39 Type: schema.TypeString, 40 Optional: true, 41 Default: "/", 42 }, 43 }, 44 } 45 } 46 47 func resourceAwsIamGroupCreate(d *schema.ResourceData, meta interface{}) error { 48 iamconn := meta.(*AWSClient).iamconn 49 name := d.Get("name").(string) 50 path := d.Get("path").(string) 51 52 request := &iam.CreateGroupInput{ 53 Path: aws.String(path), 54 GroupName: aws.String(name), 55 } 56 57 createResp, err := iamconn.CreateGroup(request) 58 if err != nil { 59 return fmt.Errorf("Error creating IAM Group %s: %s", name, err) 60 } 61 d.SetId(*createResp.Group.GroupName) 62 63 return resourceAwsIamGroupReadResult(d, createResp.Group) 64 } 65 66 func resourceAwsIamGroupRead(d *schema.ResourceData, meta interface{}) error { 67 iamconn := meta.(*AWSClient).iamconn 68 69 request := &iam.GetGroupInput{ 70 GroupName: aws.String(d.Id()), 71 } 72 73 getResp, err := iamconn.GetGroup(request) 74 if err != nil { 75 if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" { 76 d.SetId("") 77 return nil 78 } 79 return fmt.Errorf("Error reading IAM Group %s: %s", d.Id(), err) 80 } 81 return resourceAwsIamGroupReadResult(d, getResp.Group) 82 } 83 84 func resourceAwsIamGroupReadResult(d *schema.ResourceData, group *iam.Group) error { 85 if err := d.Set("name", group.GroupName); err != nil { 86 return err 87 } 88 if err := d.Set("arn", group.Arn); err != nil { 89 return err 90 } 91 if err := d.Set("path", group.Path); err != nil { 92 return err 93 } 94 if err := d.Set("unique_id", group.GroupId); err != nil { 95 return err 96 } 97 return nil 98 } 99 100 func resourceAwsIamGroupUpdate(d *schema.ResourceData, meta interface{}) error { 101 if d.HasChange("name") || d.HasChange("path") { 102 iamconn := meta.(*AWSClient).iamconn 103 on, nn := d.GetChange("name") 104 _, np := d.GetChange("path") 105 106 request := &iam.UpdateGroupInput{ 107 GroupName: aws.String(on.(string)), 108 NewGroupName: aws.String(nn.(string)), 109 NewPath: aws.String(np.(string)), 110 } 111 _, err := iamconn.UpdateGroup(request) 112 if err != nil { 113 return fmt.Errorf("Error updating IAM Group %s: %s", d.Id(), err) 114 } 115 return resourceAwsIamGroupRead(d, meta) 116 } 117 return nil 118 } 119 120 func resourceAwsIamGroupDelete(d *schema.ResourceData, meta interface{}) error { 121 iamconn := meta.(*AWSClient).iamconn 122 123 request := &iam.DeleteGroupInput{ 124 GroupName: aws.String(d.Id()), 125 } 126 127 if _, err := iamconn.DeleteGroup(request); err != nil { 128 return fmt.Errorf("Error deleting IAM Group %s: %s", d.Id(), err) 129 } 130 return nil 131 } 132 133 func validateAwsIamGroupName(v interface{}, k string) (ws []string, errors []error) { 134 value := v.(string) 135 if !regexp.MustCompile(`^[0-9A-Za-z=,.@\-_+]+$`).MatchString(value) { 136 errors = append(errors, fmt.Errorf( 137 "only alphanumeric characters, hyphens, underscores, commas, periods, @ symbols, plus and equals signs allowed in %q: %q", 138 k, value)) 139 } 140 return 141 }