Add support for creating Managed Microsoft Active Directory in AWS
This action is almost exactly the same as creating a SimpleAD so we reuse this resource and allow the user to specify the type when creating the directory (ignoring the size if the type is MicrosoftAD).
This commit is contained in:
parent
3ff7635b64
commit
82fe67f7fc
|
@ -32,7 +32,7 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource {
|
|||
},
|
||||
"size": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
"alias": &schema.Schema{
|
||||
|
@ -89,14 +89,41 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource {
|
|||
},
|
||||
"type": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Computed: true,
|
||||
Optional: true,
|
||||
Default: "SimpleAD",
|
||||
ForceNew: true,
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta interface{}) error {
|
||||
dsconn := meta.(*AWSClient).dsconn
|
||||
func buildVpcSettings(d *schema.ResourceData) (vpcSettings *directoryservice.DirectoryVpcSettings, err error) {
|
||||
if v, ok := d.GetOk("vpc_settings"); ok {
|
||||
settings := v.([]interface{})
|
||||
|
||||
if len(settings) > 1 {
|
||||
return nil, fmt.Errorf("Only a single vpc_settings block is expected")
|
||||
} else if len(settings) == 1 {
|
||||
s := settings[0].(map[string]interface{})
|
||||
var subnetIds []*string
|
||||
for _, id := range s["subnet_ids"].(*schema.Set).List() {
|
||||
subnetIds = append(subnetIds, aws.String(id.(string)))
|
||||
}
|
||||
|
||||
vpcSettings = &directoryservice.DirectoryVpcSettings{
|
||||
SubnetIds: subnetIds,
|
||||
VpcId: aws.String(s["vpc_id"].(string)),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return vpcSettings, nil
|
||||
}
|
||||
|
||||
func createSimpleDirectoryService(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (directoryId string, err error) {
|
||||
if _, ok := d.GetOk("size"); !ok {
|
||||
return "", fmt.Errorf("size is required for type = SimpleAD")
|
||||
}
|
||||
|
||||
input := directoryservice.CreateDirectoryInput{
|
||||
Name: aws.String(d.Get("name").(string)),
|
||||
|
@ -111,33 +138,70 @@ func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta int
|
|||
input.ShortName = aws.String(v.(string))
|
||||
}
|
||||
|
||||
if v, ok := d.GetOk("vpc_settings"); ok {
|
||||
settings := v.([]interface{})
|
||||
|
||||
if len(settings) > 1 {
|
||||
return fmt.Errorf("Only a single vpc_settings block is expected")
|
||||
} else if len(settings) == 1 {
|
||||
s := settings[0].(map[string]interface{})
|
||||
var subnetIds []*string
|
||||
for _, id := range s["subnet_ids"].(*schema.Set).List() {
|
||||
subnetIds = append(subnetIds, aws.String(id.(string)))
|
||||
input.VpcSettings, err = buildVpcSettings(d)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
vpcSettings := directoryservice.DirectoryVpcSettings{
|
||||
SubnetIds: subnetIds,
|
||||
VpcId: aws.String(s["vpc_id"].(string)),
|
||||
}
|
||||
input.VpcSettings = &vpcSettings
|
||||
}
|
||||
}
|
||||
|
||||
log.Printf("[DEBUG] Creating Directory Service: %s", input)
|
||||
log.Printf("[DEBUG] Creating Simple Directory Service: %s", input)
|
||||
out, err := dsconn.CreateDirectory(&input)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
log.Printf("[DEBUG] Simple Directory Service created: %s", out)
|
||||
|
||||
return *out.DirectoryId, nil
|
||||
}
|
||||
|
||||
func createActiveDirectoryService(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (directoryId string, err error) {
|
||||
input := directoryservice.CreateMicrosoftADInput{
|
||||
Name: aws.String(d.Get("name").(string)),
|
||||
Password: aws.String(d.Get("password").(string)),
|
||||
}
|
||||
|
||||
if v, ok := d.GetOk("description"); ok {
|
||||
input.Description = aws.String(v.(string))
|
||||
}
|
||||
if v, ok := d.GetOk("short_name"); ok {
|
||||
input.ShortName = aws.String(v.(string))
|
||||
}
|
||||
|
||||
input.VpcSettings, err = buildVpcSettings(d)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
log.Printf("[DEBUG] Creating Microsoft AD Directory Service: %s", input)
|
||||
out, err := dsconn.CreateMicrosoftAD(&input)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
log.Printf("[DEBUG] Microsoft AD Directory Service created: %s", out)
|
||||
|
||||
return *out.DirectoryId, nil
|
||||
}
|
||||
|
||||
func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta interface{}) error {
|
||||
dsconn := meta.(*AWSClient).dsconn
|
||||
|
||||
var (
|
||||
directoryId string
|
||||
err error
|
||||
)
|
||||
|
||||
switch d.Get("type").(string) {
|
||||
case "SimpleAD":
|
||||
directoryId, err = createSimpleDirectoryService(dsconn, d)
|
||||
case "MicrosoftAD":
|
||||
directoryId, err = createActiveDirectoryService(dsconn, d)
|
||||
default:
|
||||
return fmt.Errorf("Unsupported directory type: %s", d.Get("type"))
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
log.Printf("[DEBUG] Directory Service created: %s", out)
|
||||
d.SetId(*out.DirectoryId)
|
||||
|
||||
d.SetId(directoryId)
|
||||
|
||||
// Wait for creation
|
||||
log.Printf("[DEBUG] Waiting for DS (%q) to become available", d.Id())
|
||||
|
@ -238,7 +302,9 @@ func resourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta inter
|
|||
if dir.ShortName != nil {
|
||||
d.Set("short_name", *dir.ShortName)
|
||||
}
|
||||
if dir.Size != nil {
|
||||
d.Set("size", *dir.Size)
|
||||
}
|
||||
d.Set("type", *dir.Type)
|
||||
d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings))
|
||||
d.Set("enable_sso", *dir.SsoEnabled)
|
||||
|
|
|
@ -27,6 +27,22 @@ func TestAccAWSDirectoryServiceDirectory_basic(t *testing.T) {
|
|||
})
|
||||
}
|
||||
|
||||
func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) {
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: testAccDirectoryServiceDirectoryConfig_microsoft,
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckServiceDirectoryExists("aws_directory_service_directory.bar"),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) {
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() { testAccPreCheck(t) },
|
||||
|
@ -192,6 +208,34 @@ resource "aws_subnet" "bar" {
|
|||
}
|
||||
`
|
||||
|
||||
const testAccDirectoryServiceDirectoryConfig_microsoft = `
|
||||
resource "aws_directory_service_directory" "bar" {
|
||||
name = "corp.notexample.com"
|
||||
password = "SuperSecretPassw0rd"
|
||||
type = "MicrosoftAD"
|
||||
|
||||
vpc_settings {
|
||||
vpc_id = "${aws_vpc.main.id}"
|
||||
subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"]
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_vpc" "main" {
|
||||
cidr_block = "10.0.0.0/16"
|
||||
}
|
||||
|
||||
resource "aws_subnet" "foo" {
|
||||
vpc_id = "${aws_vpc.main.id}"
|
||||
availability_zone = "us-west-2a"
|
||||
cidr_block = "10.0.1.0/24"
|
||||
}
|
||||
resource "aws_subnet" "bar" {
|
||||
vpc_id = "${aws_vpc.main.id}"
|
||||
availability_zone = "us-west-2b"
|
||||
cidr_block = "10.0.2.0/24"
|
||||
}
|
||||
`
|
||||
|
||||
var randomInteger = genRandInt()
|
||||
var testAccDirectoryServiceDirectoryConfig_withAlias = fmt.Sprintf(`
|
||||
resource "aws_directory_service_directory" "bar_a" {
|
||||
|
|
|
@ -8,7 +8,7 @@ description: |-
|
|||
|
||||
# aws\_directory\_service\_directory
|
||||
|
||||
Provides a directory in AWS Directory Service.
|
||||
Provides a Simple or Managed Microsoft directory in AWS Directory Service.
|
||||
|
||||
## Example Usage
|
||||
|
||||
|
@ -46,12 +46,13 @@ The following arguments are supported:
|
|||
|
||||
* `name` - (Required) The fully qualified name for the directory, such as `corp.example.com`
|
||||
* `password` - (Required) The password for the directory administrator.
|
||||
* `size` - (Required) The size of the directory (`Small` or `Large` are accepted values).
|
||||
* `size` - (Required) The size of the directory (`Small` or `Large` are accepted values). Only used when `type` is `SimpleAD`.
|
||||
* `vpc_settings` - (Required) VPC related information about the directory. Fields documented below.
|
||||
* `alias` - (Optional) The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.
|
||||
* `description` - (Optional) A textual description for the directory.
|
||||
* `short_name` - (Optional) The short name of the directory, such as `CORP`.
|
||||
* `enable_sso` - (Optional) Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`.
|
||||
* `type` (Optional) - The directory type (`SimpleAD` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`.
|
||||
|
||||
**vpc\_settings** supports the following:
|
||||
|
||||
|
@ -65,4 +66,3 @@ The following attributes are exported:
|
|||
* `id` - The directory identifier.
|
||||
* `access_url` - The access URL for the directory, such as `http://alias.awsapps.com`.
|
||||
* `dns_ip_addresses` - A list of IP addresses of the DNS servers for the directory.
|
||||
* `type` - The directory type.
|
||||
|
|
Loading…
Reference in New Issue