Merge branch 'minamijoyo-add-iam-role-description'
This commit is contained in:
commit
10e8dd7964
|
@ -82,6 +82,11 @@ func resourceAwsIamRole() *schema.Resource {
|
||||||
ForceNew: true,
|
ForceNew: true,
|
||||||
},
|
},
|
||||||
|
|
||||||
|
"description": {
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
},
|
||||||
|
|
||||||
"assume_role_policy": {
|
"assume_role_policy": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Required: true,
|
Required: true,
|
||||||
|
@ -115,6 +120,10 @@ func resourceAwsIamRoleCreate(d *schema.ResourceData, meta interface{}) error {
|
||||||
AssumeRolePolicyDocument: aws.String(d.Get("assume_role_policy").(string)),
|
AssumeRolePolicyDocument: aws.String(d.Get("assume_role_policy").(string)),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("description"); ok {
|
||||||
|
request.Description = aws.String(v.(string))
|
||||||
|
}
|
||||||
|
|
||||||
var createResp *iam.CreateRoleOutput
|
var createResp *iam.CreateRoleOutput
|
||||||
err := resource.Retry(30*time.Second, func() *resource.RetryError {
|
err := resource.Retry(30*time.Second, func() *resource.RetryError {
|
||||||
var err error
|
var err error
|
||||||
|
@ -168,6 +177,20 @@ func resourceAwsIamRoleUpdate(d *schema.ResourceData, meta interface{}) error {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if d.HasChange("description") {
|
||||||
|
roleDescriptionInput := &iam.UpdateRoleDescriptionInput{
|
||||||
|
RoleName: aws.String(d.Id()),
|
||||||
|
Description: aws.String(d.Get("description").(string)),
|
||||||
|
}
|
||||||
|
_, err := iamconn.UpdateRoleDescription(roleDescriptionInput)
|
||||||
|
if err != nil {
|
||||||
|
if iamerr, ok := err.(awserr.Error); ok && iamerr.Code() == "NoSuchEntity" {
|
||||||
|
d.SetId("")
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
return fmt.Errorf("Error Updating IAM Role (%s) Description: %s", d.Id(), err)
|
||||||
|
}
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -189,6 +212,13 @@ func resourceAwsIamRoleReadResult(d *schema.ResourceData, role *iam.Role) error
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if role.Description != nil {
|
||||||
|
// the description isn't present in the response to CreateRole.
|
||||||
|
if err := d.Set("description", role.Description); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
assumRolePolicy, err := url.QueryUnescape(*role.AssumeRolePolicyDocument)
|
assumRolePolicy, err := url.QueryUnescape(*role.AssumeRolePolicyDocument)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
|
|
@ -178,6 +178,10 @@ func testAccCheckAWSRoleAttributes(role *iam.GetRoleOutput) resource.TestCheckFu
|
||||||
if *role.Role.Path != "/" {
|
if *role.Role.Path != "/" {
|
||||||
return fmt.Errorf("Bad path: %s", *role.Role.Path)
|
return fmt.Errorf("Bad path: %s", *role.Role.Path)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if *role.Role.Description != "Test Role" {
|
||||||
|
return fmt.Errorf("Bad description: %s", *role.Role.Description)
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -186,6 +190,7 @@ const testAccAWSRoleConfig = `
|
||||||
resource "aws_iam_role" "role" {
|
resource "aws_iam_role" "role" {
|
||||||
name = "test-role"
|
name = "test-role"
|
||||||
path = "/"
|
path = "/"
|
||||||
|
description = "Test Role"
|
||||||
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"
|
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"
|
||||||
}
|
}
|
||||||
`
|
`
|
||||||
|
|
|
@ -46,6 +46,7 @@ The following arguments are supported:
|
||||||
|
|
||||||
* `path` - (Optional) The path to the role.
|
* `path` - (Optional) The path to the role.
|
||||||
See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
|
See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
|
||||||
|
* `description` - (Optional) The description of the role.
|
||||||
|
|
||||||
## Attributes Reference
|
## Attributes Reference
|
||||||
|
|
||||||
|
@ -55,6 +56,7 @@ The following attributes are exported:
|
||||||
* `create_date` - The creation date of the IAM role.
|
* `create_date` - The creation date of the IAM role.
|
||||||
* `unique_id` - The stable and unique string identifying the role.
|
* `unique_id` - The stable and unique string identifying the role.
|
||||||
* `name` - The name of the role.
|
* `name` - The name of the role.
|
||||||
|
* `description` - The description of the role.
|
||||||
|
|
||||||
## Example of Using Data Source for Assume Role Policy
|
## Example of Using Data Source for Assume Role Policy
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue