2016-08-22 00:17:19 +02:00
|
|
|
package aws
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"time"
|
|
|
|
|
2016-11-04 00:53:56 +01:00
|
|
|
"github.com/aws/aws-sdk-go/aws"
|
2016-08-22 00:17:19 +02:00
|
|
|
"github.com/aws/aws-sdk-go/service/acm"
|
|
|
|
"github.com/hashicorp/errwrap"
|
|
|
|
"github.com/hashicorp/terraform/helper/schema"
|
|
|
|
)
|
|
|
|
|
|
|
|
func dataSourceAwsAcmCertificate() *schema.Resource {
|
|
|
|
return &schema.Resource{
|
|
|
|
Read: dataSourceAwsAcmCertificateRead,
|
|
|
|
Schema: map[string]*schema.Schema{
|
2016-11-04 00:53:56 +01:00
|
|
|
"domain": {
|
2016-08-22 00:17:19 +02:00
|
|
|
Type: schema.TypeString,
|
|
|
|
Required: true,
|
|
|
|
},
|
2016-11-04 00:53:56 +01:00
|
|
|
"arn": {
|
2016-08-22 00:17:19 +02:00
|
|
|
Type: schema.TypeString,
|
|
|
|
Computed: true,
|
|
|
|
},
|
2016-11-04 00:53:56 +01:00
|
|
|
"statuses": {
|
|
|
|
Type: schema.TypeList,
|
|
|
|
Optional: true,
|
|
|
|
Elem: &schema.Schema{Type: schema.TypeString},
|
|
|
|
},
|
2017-06-06 22:08:53 +02:00
|
|
|
"types": {
|
|
|
|
Type: schema.TypeList,
|
|
|
|
Optional: true,
|
|
|
|
Elem: &schema.Schema{Type: schema.TypeString},
|
|
|
|
},
|
2016-08-22 00:17:19 +02:00
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func dataSourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) error {
|
|
|
|
conn := meta.(*AWSClient).acmconn
|
|
|
|
params := &acm.ListCertificatesInput{}
|
2016-11-04 00:53:56 +01:00
|
|
|
|
|
|
|
target := d.Get("domain")
|
|
|
|
|
|
|
|
statuses, ok := d.GetOk("statuses")
|
|
|
|
if ok {
|
2016-11-09 16:53:36 +01:00
|
|
|
statusStrings := statuses.([]interface{})
|
2016-11-11 15:07:50 +01:00
|
|
|
params.CertificateStatuses = expandStringList(statusStrings)
|
2016-11-04 00:53:56 +01:00
|
|
|
} else {
|
|
|
|
params.CertificateStatuses = []*string{aws.String("ISSUED")}
|
|
|
|
}
|
|
|
|
|
|
|
|
var arns []string
|
|
|
|
err := conn.ListCertificatesPages(params, func(page *acm.ListCertificatesOutput, lastPage bool) bool {
|
|
|
|
for _, cert := range page.CertificateSummaryList {
|
|
|
|
if *cert.DomainName == target {
|
|
|
|
arns = append(arns, *cert.CertificateArn)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
})
|
2016-08-22 00:17:19 +02:00
|
|
|
if err != nil {
|
|
|
|
return errwrap.Wrapf("Error describing certificates: {{err}}", err)
|
|
|
|
}
|
|
|
|
|
2017-06-06 22:08:53 +02:00
|
|
|
// filter based on certificate type (imported or aws-issued)
|
|
|
|
types, ok := d.GetOk("types")
|
|
|
|
if ok {
|
|
|
|
typesStrings := expandStringList(types.([]interface{}))
|
|
|
|
var matchedArns []string
|
|
|
|
for _, arn := range arns {
|
|
|
|
params := &acm.DescribeCertificateInput{}
|
|
|
|
params.CertificateArn = &arn
|
|
|
|
|
|
|
|
description, err := conn.DescribeCertificate(params)
|
|
|
|
if err != nil {
|
|
|
|
return errwrap.Wrapf("Error describing certificates: {{err}}", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, certType := range typesStrings {
|
|
|
|
if *description.Certificate.Type == *certType {
|
|
|
|
matchedArns = append(matchedArns, arn)
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
arns = matchedArns
|
|
|
|
}
|
|
|
|
|
2016-11-04 00:53:56 +01:00
|
|
|
if len(arns) == 0 {
|
2016-11-11 15:07:50 +01:00
|
|
|
return fmt.Errorf("No certificate for domain %q found in this region.", target)
|
2016-11-04 00:53:56 +01:00
|
|
|
}
|
|
|
|
if len(arns) > 1 {
|
2016-11-11 15:07:50 +01:00
|
|
|
return fmt.Errorf("Multiple certificates for domain %q found in this region.", target)
|
2016-08-22 00:17:19 +02:00
|
|
|
}
|
|
|
|
|
2016-11-04 00:53:56 +01:00
|
|
|
d.SetId(time.Now().UTC().String())
|
|
|
|
d.Set("arn", arns[0])
|
|
|
|
|
|
|
|
return nil
|
2016-08-22 00:17:19 +02:00
|
|
|
}
|