provider/aws: Support MFA delete for s3 bucket versioning (#10020)

Fixes #7902

```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSS3Bucket_'
% ✹
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/12/12 12:11:45 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSS3Bucket_
-timeout 120m
=== RUN   TestAccAWSS3Bucket_importBasic
--- PASS: TestAccAWSS3Bucket_importBasic (55.74s)
=== RUN   TestAccAWSS3Bucket_importWithPolicy
--- PASS: TestAccAWSS3Bucket_importWithPolicy (63.34s)
=== RUN   TestAccAWSS3Bucket_Notification
--- PASS: TestAccAWSS3Bucket_Notification (165.15s)
=== RUN   TestAccAWSS3Bucket_NotificationWithoutFilter
--- PASS: TestAccAWSS3Bucket_NotificationWithoutFilter (63.22s)
=== RUN   TestAccAWSS3Bucket_basic
--- PASS: TestAccAWSS3Bucket_basic (47.82s)
=== RUN   TestAccAWSS3Bucket_region
--- PASS: TestAccAWSS3Bucket_region (18.88s)
=== RUN   TestAccAWSS3Bucket_acceleration
--- PASS: TestAccAWSS3Bucket_acceleration (34.56s)
=== RUN   TestAccAWSS3Bucket_RequestPayer
--- PASS: TestAccAWSS3Bucket_RequestPayer (90.26s)
=== RUN   TestAccAWSS3Bucket_Policy
--- PASS: TestAccAWSS3Bucket_Policy (120.25s)
=== RUN   TestAccAWSS3Bucket_UpdateAcl
--- PASS: TestAccAWSS3Bucket_UpdateAcl (87.51s)
=== RUN   TestAccAWSS3Bucket_Website_Simple
--- PASS: TestAccAWSS3Bucket_Website_Simple (138.38s)
=== RUN   TestAccAWSS3Bucket_WebsiteRedirect
--- PASS: TestAccAWSS3Bucket_WebsiteRedirect (139.44s)
=== RUN   TestAccAWSS3Bucket_WebsiteRoutingRules
--- PASS: TestAccAWSS3Bucket_WebsiteRoutingRules (97.82s)
=== RUN   TestAccAWSS3Bucket_shouldFailNotFound
--- PASS: TestAccAWSS3Bucket_shouldFailNotFound (26.84s)
=== RUN   TestAccAWSS3Bucket_Versioning
--- PASS: TestAccAWSS3Bucket_Versioning (131.89s)
=== RUN   TestAccAWSS3Bucket_Cors
--- PASS: TestAccAWSS3Bucket_Cors (92.71s)
=== RUN   TestAccAWSS3Bucket_Logging
--- PASS: TestAccAWSS3Bucket_Logging (86.46s)
=== RUN   TestAccAWSS3Bucket_Lifecycle
--- PASS: TestAccAWSS3Bucket_Lifecycle (132.70s)
=== RUN   TestAccAWSS3Bucket_Replication
--- PASS: TestAccAWSS3Bucket_Replication (122.70s)
=== RUN   TestAccAWSS3Bucket_ReplicationExpectVersioningValidationError
--- PASS: TestAccAWSS3Bucket_ReplicationExpectVersioningValidationError (39.04s)
```
This commit is contained in:
Paul Stack 2016-12-12 22:34:03 +00:00 committed by GitHub
parent 7cbc9006a6
commit 1113ed5fc7
2 changed files with 26 additions and 12 deletions

View File

@ -147,8 +147,10 @@ func resourceAwsS3Bucket() *schema.Resource {
},
"versioning": {
Type: schema.TypeSet,
Type: schema.TypeList,
Optional: true,
Computed: true,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"enabled": {
@ -156,14 +158,12 @@ func resourceAwsS3Bucket() *schema.Resource {
Optional: true,
Default: false,
},
"mfa_delete": {
Type: schema.TypeBool,
Optional: true,
Default: false,
},
},
Set: func(v interface{}) int {
var buf bytes.Buffer
m := v.(map[string]interface{})
buf.WriteString(fmt.Sprintf("%t-", m["enabled"].(bool)))
return hashcode.String(buf.String())
},
},
@ -647,14 +647,20 @@ func resourceAwsS3BucketRead(d *schema.ResourceData, meta interface{}) error {
return err
}
log.Printf("[DEBUG] S3 Bucket: %s, versioning: %v", d.Id(), versioning)
if versioning.Status != nil && *versioning.Status == s3.BucketVersioningStatusEnabled {
if versioning != nil {
vcl := make([]map[string]interface{}, 0, 1)
vc := make(map[string]interface{})
if *versioning.Status == s3.BucketVersioningStatusEnabled {
if versioning.Status != nil && *versioning.Status == s3.BucketVersioningStatusEnabled {
vc["enabled"] = true
} else {
vc["enabled"] = false
}
if versioning.MFADelete != nil && *versioning.MFADelete == s3.MFADeleteEnabled {
vc["mfa_delete"] = true
} else {
vc["mfa_delete"] = false
}
vcl = append(vcl, vc)
if err := d.Set("versioning", vcl); err != nil {
return err
@ -1250,7 +1256,7 @@ func resourceAwsS3BucketAclUpdate(s3conn *s3.S3, d *schema.ResourceData) error {
}
func resourceAwsS3BucketVersioningUpdate(s3conn *s3.S3, d *schema.ResourceData) error {
v := d.Get("versioning").(*schema.Set).List()
v := d.Get("versioning").([]interface{})
bucket := d.Get("bucket").(string)
vc := &s3.VersioningConfiguration{}
@ -1262,6 +1268,13 @@ func resourceAwsS3BucketVersioningUpdate(s3conn *s3.S3, d *schema.ResourceData)
} else {
vc.Status = aws.String(s3.BucketVersioningStatusSuspended)
}
if c["mfa_delete"].(bool) {
vc.MFADelete = aws.String(s3.MFADeleteEnabled)
} else {
vc.MFADelete = aws.String(s3.MFADeleteDisabled)
}
} else {
vc.Status = aws.String(s3.BucketVersioningStatusSuspended)
}
@ -1377,7 +1390,7 @@ func resourceAwsS3BucketReplicationConfigurationUpdate(s3conn *s3.S3, d *schema.
hasVersioning := false
// Validate that bucket versioning is enabled
if versioning, ok := d.GetOk("versioning"); ok {
v := versioning.(*schema.Set).List()
v := versioning.([]interface{})
if v[0].(map[string]interface{})["enabled"].(bool) {
hasVersioning = true

View File

@ -316,6 +316,7 @@ The `CORS` object supports the following:
The `versioning` object supports the following:
* `enabled` - (Optional) Enable versioning. Once you version-enable a bucket, it can never return to an unversioned state. You can, however, suspend versioning on that bucket.
* `mfa_delete` - (Optional) Enable MFA delete for either `Change the versioning state of your bucket` or `Permanently delete an object version`. Default is `false`.
The `logging` object supports the following: