diff --git a/.changelog/19361.txt b/.changelog/19361.txt new file mode 100644 index 00000000000..2233e399f0d --- /dev/null +++ b/.changelog/19361.txt @@ -0,0 +1,3 @@ +```release-note:bug +resource/aws_pinpoint_email_channel: `role_arn` argument is optional +``` \ No newline at end of file diff --git a/aws/resource_aws_pinpoint_email_channel.go b/aws/resource_aws_pinpoint_email_channel.go index c87d53f67b1..d0988a2ba68 100644 --- a/aws/resource_aws_pinpoint_email_channel.go +++ b/aws/resource_aws_pinpoint_email_channel.go @@ -46,7 +46,7 @@ func resourceAwsPinpointEmailChannel() *schema.Resource { }, "role_arn": { Type: schema.TypeString, - Required: true, + Optional: true, ValidateFunc: validateArn, }, "messages_per_second": { @@ -67,7 +67,10 @@ func resourceAwsPinpointEmailChannelUpsert(d *schema.ResourceData, meta interfac params.Enabled = aws.Bool(d.Get("enabled").(bool)) params.FromAddress = aws.String(d.Get("from_address").(string)) params.Identity = aws.String(d.Get("identity").(string)) - params.RoleArn = aws.String(d.Get("role_arn").(string)) + + if v, ok := d.GetOk("role_arn"); ok { + params.RoleArn = aws.String(v.(string)) + } if v, ok := d.GetOk("configuration_set"); ok { params.ConfigurationSet = aws.String(v.(string)) diff --git a/aws/resource_aws_pinpoint_email_channel_test.go b/aws/resource_aws_pinpoint_email_channel_test.go index 39718eb837d..8aa78756a02 100644 --- a/aws/resource_aws_pinpoint_email_channel_test.go +++ b/aws/resource_aws_pinpoint_email_channel_test.go @@ -74,6 +74,34 @@ func TestAccAWSPinpointEmailChannel_configurationSet(t *testing.T) { }, }) } + +func TestAccAWSPinpointEmailChannel_noRole(t *testing.T) { + var channel pinpoint.EmailChannelResponse + resourceName := "aws_pinpoint_email_channel.test" + rName := acctest.RandomWithPrefix("tf-acc-test") + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSPinpointApp(t) }, + ErrorCheck: testAccErrorCheck(t, pinpoint.EndpointsID), + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSPinpointEmailChannelDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSPinpointEmailChannelConfigNoRole("user@example.com", rName), + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSPinpointEmailChannelExists(resourceName, &channel), + resource.TestCheckResourceAttrPair(resourceName, "configuration_set", "aws_ses_configuration_set.test", "arn"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func TestAccAWSPinpointEmailChannel_disappears(t *testing.T) { var channel pinpoint.EmailChannelResponse resourceName := "aws_pinpoint_email_channel.test" @@ -244,6 +272,28 @@ EOF `, fromAddress, rName) } +func testAccAWSPinpointEmailChannelConfigNoRole(fromAddress, rName string) string { + return fmt.Sprintf(` +resource "aws_pinpoint_app" "test" {} + +resource "aws_ses_configuration_set" "test" { + name = %[2]q +} + +resource "aws_pinpoint_email_channel" "test" { + application_id = aws_pinpoint_app.test.application_id + enabled = "false" + from_address = %[1]q + identity = aws_ses_domain_identity.test.arn + configuration_set = aws_ses_configuration_set.test.arn +} + +resource "aws_ses_domain_identity" "test" { + domain = "example.com" +} +`, fromAddress, rName) +} + func testAccCheckAWSPinpointEmailChannelDestroy(s *terraform.State) error { conn := testAccProvider.Meta().(*AWSClient).pinpointconn diff --git a/website/docs/r/pinpoint_email_channel.markdown b/website/docs/r/pinpoint_email_channel.markdown index a96011ea233..95a43627952 100644 --- a/website/docs/r/pinpoint_email_channel.markdown +++ b/website/docs/r/pinpoint_email_channel.markdown @@ -76,7 +76,7 @@ The following arguments are supported: * `configuration_set` - (Optional) The ARN of the Amazon SES configuration set that you want to apply to messages that you send through the channel. * `from_address` - (Required) The email address used to send emails from. * `identity` - (Required) The ARN of an identity verified with SES. -* `role_arn` - (Required) The ARN of an IAM Role used to submit events to Mobile Analytics' event ingestion service. +* `role_arn` - (Optional) The ARN of an IAM Role used to submit events to Mobile Analytics' event ingestion service. ## Attributes Reference