-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ACM PCA: add resource to issue certificates from private CA and import CA certificates #17850
Conversation
thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. Just a couple of questions and comments.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAwsAcmpca -timeout 120m
=== RUN TestAccAwsAcmpcaCertificateAuthorityCertificate_RootCA
=== PAUSE TestAccAwsAcmpcaCertificateAuthorityCertificate_RootCA
=== RUN TestAccAwsAcmpcaCertificateAuthorityCertificate_UpdateRootCA
=== PAUSE TestAccAwsAcmpcaCertificateAuthorityCertificate_UpdateRootCA
=== RUN TestAccAwsAcmpcaCertificateAuthorityCertificate_SubordinateCA
=== PAUSE TestAccAwsAcmpcaCertificateAuthorityCertificate_SubordinateCA
=== RUN TestAccAwsAcmpcaCertificateAuthority_basic
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_basic
=== RUN TestAccAwsAcmpcaCertificateAuthority_disappears
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_disappears
=== RUN TestAccAwsAcmpcaCertificateAuthority_Enabled
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_Enabled
=== RUN TestAccAwsAcmpcaCertificateAuthority_DeleteFromActiveState
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_DeleteFromActiveState
=== RUN TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_CustomCname
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_CustomCname
=== RUN TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_Enabled
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_Enabled
=== RUN TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_ExpirationInDays
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_ExpirationInDays
=== RUN TestAccAwsAcmpcaCertificateAuthority_Tags
=== PAUSE TestAccAwsAcmpcaCertificateAuthority_Tags
=== RUN TestAccAwsAcmpcaCertificate_RootCertificate
=== PAUSE TestAccAwsAcmpcaCertificate_RootCertificate
=== RUN TestAccAwsAcmpcaCertificate_SubordinateCertificate
=== PAUSE TestAccAwsAcmpcaCertificate_SubordinateCertificate
=== RUN TestAccAwsAcmpcaCertificate_EndEntityCertificate
=== PAUSE TestAccAwsAcmpcaCertificate_EndEntityCertificate
=== RUN TestAccAwsAcmpcaCertificate_Validity_EndDate
=== PAUSE TestAccAwsAcmpcaCertificate_Validity_EndDate
=== RUN TestAccAwsAcmpcaCertificate_Validity_Absolute
=== PAUSE TestAccAwsAcmpcaCertificate_Validity_Absolute
=== CONT TestAccAwsAcmpcaCertificateAuthorityCertificate_RootCA
=== CONT TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_ExpirationInDays
=== CONT TestAccAwsAcmpcaCertificate_Validity_Absolute
=== CONT TestAccAwsAcmpcaCertificate_Validity_EndDate
=== CONT TestAccAwsAcmpcaCertificate_EndEntityCertificate
=== CONT TestAccAwsAcmpcaCertificate_SubordinateCertificate
=== CONT TestAccAwsAcmpcaCertificate_RootCertificate
=== CONT TestAccAwsAcmpcaCertificateAuthority_Tags
=== CONT TestAccAwsAcmpcaCertificateAuthority_Enabled
=== CONT TestAccAwsAcmpcaCertificateAuthorityCertificate_UpdateRootCA
=== CONT TestAccAwsAcmpcaCertificateAuthority_DeleteFromActiveState
=== CONT TestAccAwsAcmpcaCertificateAuthorityCertificate_SubordinateCA
=== CONT TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_CustomCname
=== CONT TestAccAwsAcmpcaCertificateAuthority_disappears
=== CONT TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_Enabled
=== CONT TestAccAwsAcmpcaCertificateAuthority_basic
--- PASS: TestAccAwsAcmpcaCertificateAuthority_disappears (15.31s)
--- PASS: TestAccAwsAcmpcaCertificate_RootCertificate (22.02s)
--- PASS: TestAccAwsAcmpcaCertificate_Validity_Absolute (25.52s)
--- PASS: TestAccAwsAcmpcaCertificate_SubordinateCertificate (26.06s)
--- PASS: TestAccAwsAcmpcaCertificate_Validity_EndDate (27.92s)
--- PASS: TestAccAwsAcmpcaCertificateAuthorityCertificate_SubordinateCA (29.04s)
--- PASS: TestAccAwsAcmpcaCertificateAuthority_DeleteFromActiveState (30.66s)
--- PASS: TestAccAwsAcmpcaCertificateAuthorityCertificate_RootCA (34.78s)
--- PASS: TestAccAwsAcmpcaCertificateAuthorityCertificate_UpdateRootCA (35.05s)
--- PASS: TestAccAwsAcmpcaCertificate_EndEntityCertificate (39.07s)
--- PASS: TestAccAwsAcmpcaCertificateAuthority_basic (39.72s)
--- PASS: TestAccAwsAcmpcaCertificateAuthority_Enabled (42.82s)
--- PASS: TestAccAwsAcmpcaCertificateAuthority_Tags (49.94s)
--- PASS: TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_ExpirationInDays (52.08s)
--- PASS: TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_Enabled (64.80s)
--- PASS: TestAccAwsAcmpcaCertificateAuthority_RevocationConfiguration_CrlConfiguration_CustomCname (82.29s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 85.299s
This has been released in version 3.32.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
This PR extends the contribution by @dvdliao in #10213.
In addition to issuing certificates using
aws_acmpca_certificate
, it also allows importing a certificate into a private CA usingaws_acmpca_certificate_authority_certificate
. This is required to enable a CA to issue certificates.Community Note
Closes #10183
Closes #5552
Output from acceptance testing: