provider/aws: Add support for ACM certificates to (#12592)
api_gateway_domain_name Fixes: #12566 ``` % make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAPIGatewayDomainName_' ✹ ==> Checking that code complies with gofmt requirements... go generate $(go list ./... | grep -v /terraform/vendor/) 2017/03/10 19:32:31 Generated command/internal_plugin_list.go TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAPIGatewayDomainName_ -timeout 120m === RUN TestAccAWSAPIGatewayDomainName_basic --- PASS: TestAccAWSAPIGatewayDomainName_basic (54.06s) PASS ok github.com/hashicorp/terraform/builtin/providers/aws 54.091s ```
This commit is contained in:
parent
61eb190b4e
commit
41c27082bb
|
@ -21,27 +21,30 @@ func resourceAwsApiGatewayDomainName() *schema.Resource {
|
||||||
|
|
||||||
Schema: map[string]*schema.Schema{
|
Schema: map[string]*schema.Schema{
|
||||||
|
|
||||||
|
//According to AWS Documentation, ACM will be the only way to add certificates
|
||||||
|
//to ApiGateway DomainNames. When this happens, we will be deprecating all certificate methods
|
||||||
|
//except certificate_arn. We are not quite sure when this will happen.
|
||||||
"certificate_body": {
|
"certificate_body": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
ForceNew: true,
|
ForceNew: true,
|
||||||
Required: true,
|
Optional: true,
|
||||||
},
|
},
|
||||||
|
|
||||||
"certificate_chain": {
|
"certificate_chain": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
ForceNew: true,
|
ForceNew: true,
|
||||||
Required: true,
|
Optional: true,
|
||||||
},
|
},
|
||||||
|
|
||||||
"certificate_name": {
|
"certificate_name": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Required: true,
|
Optional: true,
|
||||||
},
|
},
|
||||||
|
|
||||||
"certificate_private_key": {
|
"certificate_private_key": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
ForceNew: true,
|
ForceNew: true,
|
||||||
Required: true,
|
Optional: true,
|
||||||
},
|
},
|
||||||
|
|
||||||
"domain_name": {
|
"domain_name": {
|
||||||
|
@ -50,6 +53,11 @@ func resourceAwsApiGatewayDomainName() *schema.Resource {
|
||||||
ForceNew: true,
|
ForceNew: true,
|
||||||
},
|
},
|
||||||
|
|
||||||
|
"certificate_arn": {
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
},
|
||||||
|
|
||||||
"cloudfront_domain_name": {
|
"cloudfront_domain_name": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Computed: true,
|
Computed: true,
|
||||||
|
@ -72,13 +80,31 @@ func resourceAwsApiGatewayDomainNameCreate(d *schema.ResourceData, meta interfac
|
||||||
conn := meta.(*AWSClient).apigateway
|
conn := meta.(*AWSClient).apigateway
|
||||||
log.Printf("[DEBUG] Creating API Gateway Domain Name")
|
log.Printf("[DEBUG] Creating API Gateway Domain Name")
|
||||||
|
|
||||||
domainName, err := conn.CreateDomainName(&apigateway.CreateDomainNameInput{
|
params := &apigateway.CreateDomainNameInput{
|
||||||
CertificateBody: aws.String(d.Get("certificate_body").(string)),
|
|
||||||
CertificateChain: aws.String(d.Get("certificate_chain").(string)),
|
|
||||||
CertificateName: aws.String(d.Get("certificate_name").(string)),
|
|
||||||
CertificatePrivateKey: aws.String(d.Get("certificate_private_key").(string)),
|
|
||||||
DomainName: aws.String(d.Get("domain_name").(string)),
|
DomainName: aws.String(d.Get("domain_name").(string)),
|
||||||
})
|
}
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("certificate_arn"); ok {
|
||||||
|
params.CertificateArn = aws.String(v.(string))
|
||||||
|
}
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("certificate_name"); ok {
|
||||||
|
params.CertificateName = aws.String(v.(string))
|
||||||
|
}
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("certificate_body"); ok {
|
||||||
|
params.CertificateBody = aws.String(v.(string))
|
||||||
|
}
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("certificate_chain"); ok {
|
||||||
|
params.CertificateChain = aws.String(v.(string))
|
||||||
|
}
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("certificate_private_key"); ok {
|
||||||
|
params.CertificatePrivateKey = aws.String(v.(string))
|
||||||
|
}
|
||||||
|
|
||||||
|
domainName, err := conn.CreateDomainName(params)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("Error creating API Gateway Domain Name: %s", err)
|
return fmt.Errorf("Error creating API Gateway Domain Name: %s", err)
|
||||||
}
|
}
|
||||||
|
@ -113,6 +139,7 @@ func resourceAwsApiGatewayDomainNameRead(d *schema.ResourceData, meta interface{
|
||||||
}
|
}
|
||||||
d.Set("cloudfront_domain_name", domainName.DistributionDomainName)
|
d.Set("cloudfront_domain_name", domainName.DistributionDomainName)
|
||||||
d.Set("domain_name", domainName.DomainName)
|
d.Set("domain_name", domainName.DomainName)
|
||||||
|
d.Set("certificate_arn", domainName.CertificateArn)
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -128,6 +155,14 @@ func resourceAwsApiGatewayDomainNameUpdateOperations(d *schema.ResourceData) []*
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if d.HasChange("certificate_arn") {
|
||||||
|
operations = append(operations, &apigateway.PatchOperation{
|
||||||
|
Op: aws.String("replace"),
|
||||||
|
Path: aws.String("/certificateArn"),
|
||||||
|
Value: aws.String(d.Get("certificate_arn").(string)),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
return operations
|
return operations
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -139,6 +174,7 @@ func resourceAwsApiGatewayDomainNameUpdate(d *schema.ResourceData, meta interfac
|
||||||
DomainName: aws.String(d.Id()),
|
DomainName: aws.String(d.Id()),
|
||||||
PatchOperations: resourceAwsApiGatewayDomainNameUpdateOperations(d),
|
PatchOperations: resourceAwsApiGatewayDomainNameUpdateOperations(d),
|
||||||
})
|
})
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -55,15 +55,16 @@ resource "aws_route53_record" "example" {
|
||||||
The following arguments are supported:
|
The following arguments are supported:
|
||||||
|
|
||||||
* `domain_name` - (Required) The fully-qualified domain name to register
|
* `domain_name` - (Required) The fully-qualified domain name to register
|
||||||
* `certificate_name` - (Required) The unique name to use when registering this
|
* `certificate_name` - (Optional) The unique name to use when registering this
|
||||||
cert as an IAM server certificate
|
cert as an IAM server certificate
|
||||||
* `certificate_body` - (Required) The certificate issued for the domain name
|
* `certificate_body` - (Optional) The certificate issued for the domain name
|
||||||
being registered, in PEM format
|
being registered, in PEM format
|
||||||
* `certificate_chain` - (Required) The certificate for the CA that issued the
|
* `certificate_chain` - (Optional) The certificate for the CA that issued the
|
||||||
certificate, along with any intermediate CA certificates required to
|
certificate, along with any intermediate CA certificates required to
|
||||||
create an unbroken chain to a certificate trusted by the intended API clients.
|
create an unbroken chain to a certificate trusted by the intended API clients.
|
||||||
* `certificate_private_key` - (Required) The private key associated with the
|
* `certificate_private_key` - (Optional) The private key associated with the
|
||||||
domain certificate given in `certificate_body`.
|
domain certificate given in `certificate_body`.
|
||||||
|
* `certificate_arn` - (Optional) The ARN for an AWS-managed certificate.
|
||||||
|
|
||||||
## Attributes Reference
|
## Attributes Reference
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue