provider/aws: Filter acm certificates by type (#15064)

* Filter ACM certificates by type * Add schema tests for certificate types
2017-06-06 13:08:53 -07:00 · 2017-06-06 13:08:53 -07:00 · 677a418e78
parent 0c2020926f
commit 677a418e78
2 changed files with 43 additions and 0 deletions
--- a/builtin/providers/aws/data_source_aws_acm_certificate.go
+++ b/builtin/providers/aws/data_source_aws_acm_certificate.go
@ -27,6 +27,11 @@ func dataSourceAwsAcmCertificate() *schema.Resource {
 				Optional: true,
 				Elem:     &schema.Schema{Type: schema.TypeString},
 			},
+			"types": {
+				Type:     schema.TypeList,
+				Optional: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
 		},
 	}
 }
@ -59,6 +64,31 @@ func dataSourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) e
 		return errwrap.Wrapf("Error describing certificates: {{err}}", err)
 	}

+	// filter based on certificate type (imported or aws-issued)
+	types, ok := d.GetOk("types")
+	if ok {
+		typesStrings := expandStringList(types.([]interface{}))
+		var matchedArns []string
+		for _, arn := range arns {
+			params := &acm.DescribeCertificateInput{}
+			params.CertificateArn = &arn
+
+			description, err := conn.DescribeCertificate(params)
+			if err != nil {
+				return errwrap.Wrapf("Error describing certificates: {{err}}", err)
+			}
+
+			for _, certType := range typesStrings {
+				if *description.Certificate.Type == *certType {
+					matchedArns = append(matchedArns, arn)
+					break
+				}
+			}
+		}
+
+		arns = matchedArns
+	}
+
 	if len(arns) == 0 {
 		return fmt.Errorf("No certificate for domain %q found in this region.", target)
 	}
--- a/builtin/providers/aws/data_source_aws_acm_certificate_test.go
+++ b/builtin/providers/aws/data_source_aws_acm_certificate_test.go
@ -24,6 +24,10 @@ func TestAccAwsAcmCertificateDataSource_noMatchReturnsError(t *testing.T) {
 				Config:      testAccCheckAwsAcmCertificateDataSourceConfigWithStatus(domain),
 				ExpectError: regexp.MustCompile(`No certificate for domain`),
 			},
+			{
+				Config:      testAccCheckAwsAcmCertificateDataSourceConfigWithTypes(domain),
+				ExpectError: regexp.MustCompile(`No certificate for domain`),
+			},
 		},
 	})
 }
@ -44,3 +48,12 @@ data "aws_acm_certificate" "test" {
 }
 `, domain)
 }
+
+func testAccCheckAwsAcmCertificateDataSourceConfigWithTypes(domain string) string {
+	return fmt.Sprintf(`
+data "aws_acm_certificate" "test" {
+	domain = "%s"
+	types = ["IMPORTED"]
+}
+`, domain)
+}