-
Notifications
You must be signed in to change notification settings - Fork 9.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
provider/aws: New Data Source: aws_acm_certificate
Use this data source to get the ARN of a certificate in AWS Certificate Manager (ACM). The process of requesting and verifying a certificate in ACM requires some manual steps, which means that Terraform cannot automate the creation of ACM certificates. But using this data source, you can reference them by domain without having to hard code the ARNs as input. The acceptance test included requires an ACM certificate be pre-created in and information about it passed in via environment variables. It's a bit sad but there's really no other way to do it.
- Loading branch information
Showing
5 changed files
with
144 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| package aws | ||
|
|
||
| import ( | ||
| "fmt" | ||
| "time" | ||
|
|
||
| "github.com/aws/aws-sdk-go/service/acm" | ||
| "github.com/hashicorp/errwrap" | ||
| "github.com/hashicorp/terraform/helper/schema" | ||
| ) | ||
|
|
||
| func dataSourceAwsAcmCertificate() *schema.Resource { | ||
| return &schema.Resource{ | ||
| Read: dataSourceAwsAcmCertificateRead, | ||
| Schema: map[string]*schema.Schema{ | ||
| "domain": &schema.Schema{ | ||
| Type: schema.TypeString, | ||
| Required: true, | ||
| }, | ||
| "arn": &schema.Schema{ | ||
| Type: schema.TypeString, | ||
| Computed: true, | ||
| }, | ||
| }, | ||
| } | ||
| } | ||
|
|
||
| func dataSourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) error { | ||
| conn := meta.(*AWSClient).acmconn | ||
| params := &acm.ListCertificatesInput{} | ||
| resp, err := conn.ListCertificates(params) | ||
| if err != nil { | ||
| return errwrap.Wrapf("Error describing certificates: {{err}}", err) | ||
| } | ||
|
|
||
| target := d.Get("domain") | ||
| for _, cert := range resp.CertificateSummaryList { | ||
| if *cert.DomainName == target { | ||
| // Need to call SetId with a value or state won't be written. | ||
| d.SetId(time.Now().UTC().String()) | ||
| return d.Set("arn", cert.CertificateArn) | ||
| } | ||
| } | ||
|
|
||
| return fmt.Errorf("No certificate with domain %s found in this region", target) | ||
| } |
63 changes: 63 additions & 0 deletions
63
builtin/providers/aws/data_source_aws_acm_certificate_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| package aws | ||
|
|
||
| import ( | ||
| "fmt" | ||
| "os" | ||
| "testing" | ||
|
|
||
| "github.com/hashicorp/terraform/helper/resource" | ||
| "github.com/hashicorp/terraform/terraform" | ||
| ) | ||
|
|
||
| func TestAccAwsAcmCertificateDataSource_basic(t *testing.T) { | ||
| region := os.Getenv("AWS_ACM_TEST_REGION") | ||
| domain := os.Getenv("AWS_ACM_TEST_DOMAIN") | ||
| certArn := os.Getenv("AWS_ACM_TEST_CERT_ARN") | ||
| resource.Test(t, resource.TestCase{ | ||
| PreCheck: func() { | ||
| testAccPreCheck(t) | ||
| if region == "" { | ||
| t.Skip("AWS_ACM_TEST_REGION must be set to a region an ACM certificate pre-created for this test.") | ||
| } | ||
| if domain == "" { | ||
| t.Skip("AWS_ACM_TEST_DOMAIN must be set to a domain with an ACM certificate pre-created for this test.") | ||
| } | ||
| if certArn == "" { | ||
| t.Skip("AWS_ACM_TEST_CERT_ARN must be set to the ARN of an ACM cert pre-created for this test.") | ||
| } | ||
| }, | ||
| Providers: testAccProviders, | ||
| Steps: []resource.TestStep{ | ||
| resource.TestStep{ | ||
| Config: testAccCheckAwsAcmCertificateDataSourceConfig(region, domain), | ||
| Check: testAccCheckAcmArnMatches("data.aws_acm_certificate.test", certArn), | ||
| }, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func testAccCheckAcmArnMatches(name, expectArn string) resource.TestCheckFunc { | ||
| return func(s *terraform.State) error { | ||
| ms := s.RootModule() | ||
| rs, ok := ms.Resources[name] | ||
| if !ok { | ||
| return fmt.Errorf("Not found: %s", name) | ||
| } | ||
| gotArn := rs.Primary.Attributes["arn"] | ||
| if gotArn != expectArn { | ||
| return fmt.Errorf("Expected cert to have arn: %s, got: %s", expectArn, gotArn) | ||
| } | ||
| return nil | ||
| } | ||
| } | ||
|
|
||
| func testAccCheckAwsAcmCertificateDataSourceConfig(region, domain string) string { | ||
| return fmt.Sprintf(` | ||
| provider "aws" { | ||
| region = "%s" | ||
| } | ||
| data "aws_acm_certificate" "test" { | ||
| domain = "%s" | ||
| } | ||
| `, region, domain) | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
31 changes: 31 additions & 0 deletions
31
website/source/docs/providers/aws/d/acm_certificate.html.markdown
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,31 @@ | ||
| --- | ||
| layout: "aws" | ||
| page_title: "AWS: aws_acm_certificate" | ||
| sidebar_current: "docs-aws-datasource-acm-certificate" | ||
| description: |- | ||
| Get information on a Amazon Certificate Manager (ACM) Certificate | ||
| --- | ||
|
|
||
| # aws\_acm\_certificate | ||
|
|
||
| Use this data source to get the ARN of a certificate in AWS Certificate | ||
| Manager (ACM). The process of requesting and verifying a certificate in ACM | ||
| requires some manual steps, which means that Terraform cannot automate the | ||
| creation of ACM certificates. But using this data source, you can reference | ||
| them by domain without having to hard code the ARNs as input. | ||
|
|
||
| ## Example Usage | ||
|
|
||
| ``` | ||
| data "aws_acm_certificate" "example" { | ||
| domain = "tf.example.com" | ||
| } | ||
| ``` | ||
|
|
||
| ## Argument Reference | ||
|
|
||
| * `domain` - (Required) The domain of the certificate to look up. If no certificate is found with this name, an error will be returned. | ||
|
|
||
| ## Attributes Reference | ||
|
|
||
| * `arn` - Set to the ARN of the found certificate, suitable for referencing in other resources that support ACM certificates. |