provider/aws: Limit SNS Topic Subscription protocols
- update the ARN with the new ID
This commit is contained in:
clint shryock
parent
1890f6eb43
commit
ac60d6b959
|
|
@ -3,6 +3,7 @@ package aws
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/hashicorp/terraform/helper/schema"
|
"github.com/hashicorp/terraform/helper/schema"
|
||||||
|
|
||||||
|
|
@ -10,6 +11,8 @@ import (
|
||||||
"github.com/aws/aws-sdk-go/service/sns"
|
"github.com/aws/aws-sdk-go/service/sns"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const awsSNSPendingConfirmationMessage = "pending confirmation"
|
||||||
|
|
||||||
func resourceAwsSnsTopicSubscription() *schema.Resource {
|
func resourceAwsSnsTopicSubscription() *schema.Resource {
|
||||||
return &schema.Resource{
|
return &schema.Resource{
|
||||||
Create: resourceAwsSnsTopicSubscriptionCreate,
|
Create: resourceAwsSnsTopicSubscriptionCreate,
|
||||||
|
|
@ -22,6 +25,19 @@ func resourceAwsSnsTopicSubscription() *schema.Resource {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Required: true,
|
Required: true,
|
||||||
ForceNew: false,
|
ForceNew: false,
|
||||||
|
ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) {
|
||||||
|
value := v.(string)
|
||||||
|
forbidden := []string{"email", "sms", "http"}
|
||||||
|
for _, f := range forbidden {
|
||||||
|
if strings.Contains(value, f) {
|
||||||
|
errors = append(
|
||||||
|
errors,
|
||||||
|
fmt.Errorf("Unsupported protocol (%s) for SNS Topic", value),
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
},
|
||||||
},
|
},
|
||||||
"endpoint": &schema.Schema{
|
"endpoint": &schema.Schema{
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
|
|
@ -55,16 +71,17 @@ func resourceAwsSnsTopicSubscription() *schema.Resource {
|
||||||
func resourceAwsSnsTopicSubscriptionCreate(d *schema.ResourceData, meta interface{}) error {
|
func resourceAwsSnsTopicSubscriptionCreate(d *schema.ResourceData, meta interface{}) error {
|
||||||
snsconn := meta.(*AWSClient).snsconn
|
snsconn := meta.(*AWSClient).snsconn
|
||||||
|
|
||||||
if d.Get("protocol") == "email" {
|
|
||||||
return fmt.Errorf("Email endpoints are not supported!")
|
|
||||||
}
|
|
||||||
|
|
||||||
output, err := subscribeToSNSTopic(d, snsconn)
|
output, err := subscribeToSNSTopic(d, snsconn)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if output.SubscriptionArn != nil && *output.SubscriptionArn == awsSNSPendingConfirmationMessage {
|
||||||
|
log.Printf("[WARN] Invalid SNS Subscription, received a \"%s\" ARN", awsSNSPendingConfirmationMessage)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
log.Printf("New subscription ARN: %s", *output.SubscriptionArn)
|
log.Printf("New subscription ARN: %s", *output.SubscriptionArn)
|
||||||
d.SetId(*output.SubscriptionArn)
|
d.SetId(*output.SubscriptionArn)
|
||||||
|
|
||||||
|
|
@ -92,7 +109,7 @@ func resourceAwsSnsTopicSubscriptionUpdate(d *schema.ResourceData, meta interfac
|
||||||
// Re-subscribe and set id
|
// Re-subscribe and set id
|
||||||
output, err := subscribeToSNSTopic(d, snsconn)
|
output, err := subscribeToSNSTopic(d, snsconn)
|
||||||
d.SetId(*output.SubscriptionArn)
|
d.SetId(*output.SubscriptionArn)
|
||||||
|
d.Set("arn", *output.SubscriptionArn)
|
||||||
}
|
}
|
||||||
|
|
||||||
if d.HasChange("raw_message_delivery") {
|
if d.HasChange("raw_message_delivery") {
|
||||||
|
|
|
||||||
|
|
@ -49,7 +49,7 @@ resource "aws_sns_topic_subscription" "user_updates_sqs_target" {
|
||||||
The following arguments are supported:
|
The following arguments are supported:
|
||||||
|
|
||||||
* `topic_arn` - (Required) The ARN of the SNS topic to subscribe to
|
* `topic_arn` - (Required) The ARN of the SNS topic to subscribe to
|
||||||
* `protocol` - (Required) The protocol to use. The possible values for this are: `sqs`, `http`, `https`, `lambda`, `sms`, or `application`. (`email` is an option but unsupported, see below)
|
* `protocol` - (Required) The protocol to use. The possible values for this are: `sqs`, `lambda`, or `application`. (`email`, `http`, `https`, `sms`, are options but unsupported, see below)
|
||||||
* `endpoint` - (Required) The endpoint to send data to, the contents will vary with the protocol. (see below for more information)
|
* `endpoint` - (Required) The endpoint to send data to, the contents will vary with the protocol. (see below for more information)
|
||||||
* `raw_message_delivery` - (Optional) Boolean indicating whether or not to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property).
|
* `raw_message_delivery` - (Optional) Boolean indicating whether or not to enable raw message delivery (the original message is directly passed, not wrapped in JSON with the original message in the message property).
|
||||||
|
|
||||||
|
|
@ -57,10 +57,7 @@ The following arguments are supported:
|
||||||
|
|
||||||
Supported SNS protocols include:
|
Supported SNS protocols include:
|
||||||
|
|
||||||
* `http` -- delivery of JSON-encoded message via HTTP POST
|
|
||||||
* `https` -- delivery of JSON-encoded message via HTTPS POST
|
|
||||||
* `lambda` -- delivery of JSON-encoded message to a lambda function
|
* `lambda` -- delivery of JSON-encoded message to a lambda function
|
||||||
* `sms` -- delivery of message via SMS
|
|
||||||
* `sqs` -- delivery of JSON-encoded message to an Amazon SQS queue
|
* `sqs` -- delivery of JSON-encoded message to an Amazon SQS queue
|
||||||
* `application` -- delivery of JSON-encoded message to an EndpointArn for a mobile app and device
|
* `application` -- delivery of JSON-encoded message to an EndpointArn for a mobile app and device
|
||||||
|
|
||||||
|
|
@ -68,16 +65,18 @@ Unsupported protocols include the following:
|
||||||
|
|
||||||
* `email` -- delivery of message via SMTP
|
* `email` -- delivery of message via SMTP
|
||||||
* `email-json` -- delivery of JSON-encoded message via SMTP
|
* `email-json` -- delivery of JSON-encoded message via SMTP
|
||||||
|
* `http` -- delivery via HTTP
|
||||||
|
* `http(s)` -- delivery via HTTPS
|
||||||
|
* `sms` -- delivery text message
|
||||||
|
|
||||||
These are unsupported because the email address needs to be authorized and does not generate an ARN until the target email address has been validated. This breaks
|
These are unsupported because the endpoint needs to be authorized and does not
|
||||||
|
generate an ARN until the target email address has been validated. This breaks
|
||||||
the Terraform model and as a result are not currently supported.
|
the Terraform model and as a result are not currently supported.
|
||||||
|
|
||||||
### Specifying endpoints
|
### Specifying endpoints
|
||||||
|
|
||||||
Endpoints have different format requirements according to the protocol that is chosen.
|
Endpoints have different format requirements according to the protocol that is chosen.
|
||||||
|
|
||||||
* HTTP/HTTPS endpoints will require a URL to POST data to
|
|
||||||
* SMS endpoints are mobile numbers that are capable of receiving an SMS
|
|
||||||
* SQS endpoints come in the form of the SQS queue's ARN (not the URL of the queue) e.g: `arn:aws:sqs:us-west-2:432981146916:terraform-queue-too`
|
* SQS endpoints come in the form of the SQS queue's ARN (not the URL of the queue) e.g: `arn:aws:sqs:us-west-2:432981146916:terraform-queue-too`
|
||||||
* Application endpoints are also the endpoint ARN for the mobile app and device.
|
* Application endpoints are also the endpoint ARN for the mobile app and device.
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue