github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_iam_user_ssh_key.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/iam" 10 11 "github.com/hashicorp/terraform/helper/schema" 12 ) 13 14 func resourceAwsIamUserSshKey() *schema.Resource { 15 return &schema.Resource{ 16 Create: resourceAwsIamUserSshKeyCreate, 17 Read: resourceAwsIamUserSshKeyRead, 18 Update: resourceAwsIamUserSshKeyUpdate, 19 Delete: resourceAwsIamUserSshKeyDelete, 20 21 Schema: map[string]*schema.Schema{ 22 "ssh_public_key_id": &schema.Schema{ 23 Type: schema.TypeString, 24 Computed: true, 25 }, 26 "fingerprint": &schema.Schema{ 27 Type: schema.TypeString, 28 Computed: true, 29 }, 30 "username": &schema.Schema{ 31 Type: schema.TypeString, 32 Required: true, 33 ForceNew: true, 34 }, 35 "public_key": &schema.Schema{ 36 Type: schema.TypeString, 37 Required: true, 38 }, 39 40 "encoding": &schema.Schema{ 41 Type: schema.TypeString, 42 Required: true, 43 ValidateFunc: validateIamUserSSHKeyEncoding, 44 }, 45 46 "status": &schema.Schema{ 47 Type: schema.TypeString, 48 Optional: true, 49 Computed: true, 50 }, 51 }, 52 } 53 } 54 55 func resourceAwsIamUserSshKeyCreate(d *schema.ResourceData, meta interface{}) error { 56 iamconn := meta.(*AWSClient).iamconn 57 username := d.Get("username").(string) 58 publicKey := d.Get("public_key").(string) 59 60 request := &iam.UploadSSHPublicKeyInput{ 61 UserName: aws.String(username), 62 SSHPublicKeyBody: aws.String(publicKey), 63 } 64 65 log.Println("[DEBUG] Create IAM User SSH Key Request:", request) 66 createResp, err := iamconn.UploadSSHPublicKey(request) 67 if err != nil { 68 return fmt.Errorf("Error creating IAM User SSH Key %s: %s", username, err) 69 } 70 71 d.Set("ssh_public_key_id", createResp.SSHPublicKey.SSHPublicKeyId) 72 d.SetId(*createResp.SSHPublicKey.SSHPublicKeyId) 73 74 return resourceAwsIamUserSshKeyRead(d, meta) 75 } 76 77 func resourceAwsIamUserSshKeyRead(d *schema.ResourceData, meta interface{}) error { 78 iamconn := meta.(*AWSClient).iamconn 79 username := d.Get("username").(string) 80 request := &iam.GetSSHPublicKeyInput{ 81 UserName: aws.String(username), 82 SSHPublicKeyId: aws.String(d.Id()), 83 Encoding: aws.String(d.Get("encoding").(string)), 84 } 85 86 getResp, err := iamconn.GetSSHPublicKey(request) 87 if err != nil { 88 if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" { // XXX test me 89 log.Printf("[WARN] No IAM user ssh key (%s) found", d.Id()) 90 d.SetId("") 91 return nil 92 } 93 return fmt.Errorf("Error reading IAM User SSH Key %s: %s", d.Id(), err) 94 } 95 96 d.Set("fingerprint", getResp.SSHPublicKey.Fingerprint) 97 d.Set("status", getResp.SSHPublicKey.Status) 98 99 return nil 100 } 101 102 func resourceAwsIamUserSshKeyUpdate(d *schema.ResourceData, meta interface{}) error { 103 if d.HasChange("status") { 104 iamconn := meta.(*AWSClient).iamconn 105 106 request := &iam.UpdateSSHPublicKeyInput{ 107 UserName: aws.String(d.Get("username").(string)), 108 SSHPublicKeyId: aws.String(d.Id()), 109 Status: aws.String(d.Get("status").(string)), 110 } 111 112 log.Println("[DEBUG] Update IAM User SSH Key request:", request) 113 _, err := iamconn.UpdateSSHPublicKey(request) 114 if err != nil { 115 if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" { 116 log.Printf("[WARN] No IAM user ssh key by ID (%s) found", d.Id()) 117 d.SetId("") 118 return nil 119 } 120 return fmt.Errorf("Error updating IAM User SSH Key %s: %s", d.Id(), err) 121 } 122 return resourceAwsIamUserRead(d, meta) 123 } 124 return nil 125 } 126 127 func resourceAwsIamUserSshKeyDelete(d *schema.ResourceData, meta interface{}) error { 128 iamconn := meta.(*AWSClient).iamconn 129 130 request := &iam.DeleteSSHPublicKeyInput{ 131 UserName: aws.String(d.Get("username").(string)), 132 SSHPublicKeyId: aws.String(d.Id()), 133 } 134 135 log.Println("[DEBUG] Delete IAM User SSH Key request:", request) 136 if _, err := iamconn.DeleteSSHPublicKey(request); err != nil { 137 return fmt.Errorf("Error deleting IAM User SSH Key %s: %s", d.Id(), err) 138 } 139 return nil 140 } 141 142 func validateIamUserSSHKeyEncoding(v interface{}, k string) (ws []string, errors []error) { 143 value := v.(string) 144 encodingTypes := map[string]bool{ 145 "PEM": true, 146 "SSH": true, 147 } 148 149 if !encodingTypes[value] { 150 errors = append(errors, fmt.Errorf("IAM User SSH Key Encoding can only be PEM or SSH")) 151 } 152 return 153 }