diff --git a/builtin/providers/aws/resource_aws_elb.go b/builtin/providers/aws/resource_aws_elb.go index 036968c62..6c5989e27 100644 --- a/builtin/providers/aws/resource_aws_elb.go +++ b/builtin/providers/aws/resource_aws_elb.go @@ -325,6 +325,7 @@ func resource_aws_elb_validation() *config.Validator { }, Optional: []string{ "instances.*", + "listener.*.ssl_certificate_id", "availability_zones.*", "health_check.#", "health_check.0.healthy_threshold", diff --git a/builtin/providers/aws/resource_aws_elb_test.go b/builtin/providers/aws/resource_aws_elb_test.go index 7edeb6d85..ac93d56c0 100644 --- a/builtin/providers/aws/resource_aws_elb_test.go +++ b/builtin/providers/aws/resource_aws_elb_test.go @@ -35,6 +35,8 @@ func TestAccAWSELB_basic(t *testing.T) { "aws_elb.bar", "listener.0.instance_port", "8000"), resource.TestCheckResourceAttr( "aws_elb.bar", "listener.0.instance_protocol", "http"), + resource.TestCheckResourceAttr( + "aws_elb.bar", "listener.0.ssl_certificate_id", "arn:aws:iam::123456789012:server-certificate/certName"), resource.TestCheckResourceAttr( "aws_elb.bar", "listener.0.lb_port", "80"), resource.TestCheckResourceAttr( @@ -277,6 +279,22 @@ resource "aws_instance" "foo" { } ` + +const testAccAWSELBConfigListenerSSLCertificateId = ` +resource "aws_elb" "bar" { + name = "foobar-terraform-test" + availability_zones = ["us-west-2a"] + + listener { + instance_port = 8000 + instance_protocol = "http" + ssl_certificate_id = "arn:aws:iam::123456789012:server-certificate/certName" + lb_port = 443 + lb_protocol = "https" + } +} +` + const testAccAWSELBConfigHealthCheck = ` resource "aws_elb" "bar" { name = "foobar-terraform-test" diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go index a8be14675..e952d3158 100644 --- a/builtin/providers/aws/structure.go +++ b/builtin/providers/aws/structure.go @@ -33,6 +33,11 @@ func expandListeners(configured []interface{}) ([]elb.Listener, error) { Protocol: newL["lb_protocol"].(string), } + if attr, ok := newL["ssl_certificate_id"].(string); ok { + l.SSLCertificateId = attr + } + + listeners = append(listeners, l) } diff --git a/builtin/providers/aws/structure_test.go b/builtin/providers/aws/structure_test.go index 9d438da2c..e071df616 100644 --- a/builtin/providers/aws/structure_test.go +++ b/builtin/providers/aws/structure_test.go @@ -12,22 +12,22 @@ import ( // Returns test configuration func testConf() map[string]string { return map[string]string{ - "listener.#": "1", - "listener.0.lb_port": "80", - "listener.0.lb_protocol": "http", - "listener.0.instance_port": "8000", - "listener.0.instance_protocol": "http", - "availability_zones.#": "2", - "availability_zones.0": "us-east-1a", - "availability_zones.1": "us-east-1b", - "ingress.#": "1", - "ingress.0.protocol": "icmp", - "ingress.0.from_port": "1", - "ingress.0.to_port": "-1", - "ingress.0.cidr_blocks.#": "1", - "ingress.0.cidr_blocks.0": "0.0.0.0/0", - "ingress.0.security_groups.#": "1", - "ingress.0.security_groups.0": "sg-11111", + "listener.#": "1", + "listener.0.lb_port": "80", + "listener.0.lb_protocol": "http", + "listener.0.instance_port": "8000", + "listener.0.instance_protocol": "http", + "availability_zones.#": "2", + "availability_zones.0": "us-east-1a", + "availability_zones.1": "us-east-1b", + "ingress.#": "1", + "ingress.0.protocol": "icmp", + "ingress.0.from_port": "1", + "ingress.0.to_port": "-1", + "ingress.0.cidr_blocks.#": "1", + "ingress.0.cidr_blocks.0": "0.0.0.0/0", + "ingress.0.security_groups.#": "1", + "ingress.0.security_groups.0": "sg-11111", } } diff --git a/website/source/docs/providers/aws/r/elb.html.markdown b/website/source/docs/providers/aws/r/elb.html.markdown index b2b4a699a..93ce707bc 100644 --- a/website/source/docs/providers/aws/r/elb.html.markdown +++ b/website/source/docs/providers/aws/r/elb.html.markdown @@ -23,6 +23,14 @@ resource "aws_elb" "bar" { lb_protocol = "http" } + listener { + instance_port = 8000 + instance_protocol = "http" + lb_port = 443 + lb_protocol = "https" + ssl_certificate_id = "arn:aws:iam::123456789012:server-certificate/certName" + } + health_check { healthy_threshold = 2 unhealthy_threshold = 2 @@ -51,6 +59,7 @@ Listeners support the following: * `instance_protocol` - (Required) The the protocol to use to the instance. * `lb_port` - (Required) The port to listen on for the load balancer * `lb_protocol` - (Required) The protocol to listen on. +* `ssl_certificate_id` - (Optional) The id of an SSL certificate you have uploaded to AWS IAM. Health Check supports the following: