-
Notifications
You must be signed in to change notification settings - Fork 9.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
- Loading branch information
alex.mabry
committed
Jun 28, 2017
1 parent
ad23e21
commit 106b7ea
Showing
9 changed files
with
12,828 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,131 @@ | ||
| package aws | ||
|
|
||
| import ( | ||
| "log" | ||
|
|
||
| "github.com/aws/aws-sdk-go/aws" | ||
| "github.com/aws/aws-sdk-go/service/iot" | ||
| "github.com/hashicorp/terraform/helper/schema" | ||
| ) | ||
|
|
||
| func resourceAwsIotPolicy() *schema.Resource { | ||
| return &schema.Resource{ | ||
| Create: resourceAwsIotPolicyCreate, | ||
| Read: resourceAwsIotPolicyRead, | ||
| Update: resourceAwsIotPolicyUpdate, | ||
| Delete: resourceAwsIotPolicyDelete, | ||
| Schema: map[string]*schema.Schema{ | ||
| "name": &schema.Schema{ | ||
| Type: schema.TypeString, | ||
| Required: true, | ||
| }, | ||
| "policy": &schema.Schema{ | ||
| Type: schema.TypeString, | ||
| Required: true, | ||
| }, | ||
| "arn": &schema.Schema{ | ||
| Type: schema.TypeString, | ||
| Computed: true, | ||
| }, | ||
| "default_version_id": &schema.Schema{ | ||
| Type: schema.TypeString, | ||
| Computed: true, | ||
| }, | ||
| }, | ||
| } | ||
| } | ||
|
|
||
| func resourceAwsIotPolicyCreate(d *schema.ResourceData, meta interface{}) error { | ||
|
|
||
| conn := meta.(*AWSClient).iotconn | ||
|
|
||
| out, err := conn.CreatePolicy(&iot.CreatePolicyInput{ | ||
| PolicyName: aws.String(d.Get("name").(string)), | ||
| PolicyDocument: aws.String(d.Get("policy").(string)), | ||
| }) | ||
|
|
||
| if err != nil { | ||
| log.Printf("[ERROR] %s", err) | ||
| return err | ||
| } | ||
|
|
||
| d.SetId(*out.PolicyName) | ||
|
|
||
| return resourceAwsIotPolicyRead(d, meta) | ||
| } | ||
|
|
||
| func resourceAwsIotPolicyRead(d *schema.ResourceData, meta interface{}) error { | ||
| conn := meta.(*AWSClient).iotconn | ||
|
|
||
| out, err := conn.GetPolicy(&iot.GetPolicyInput{ | ||
| PolicyName: aws.String(d.Id()), | ||
| }) | ||
|
|
||
| if err != nil { | ||
| log.Printf("[ERROR] %s", err) | ||
| return err | ||
| } | ||
|
|
||
| d.Set("arn", out.PolicyArn) | ||
| d.Set("defaultVersionId", out.DefaultVersionId) | ||
|
|
||
| return nil | ||
| } | ||
|
|
||
| func resourceAwsIotPolicyUpdate(d *schema.ResourceData, meta interface{}) error { | ||
| conn := meta.(*AWSClient).iotconn | ||
|
|
||
| if d.HasChange("policy") { | ||
| _, err := conn.CreatePolicyVersion(&iot.CreatePolicyVersionInput{ | ||
| PolicyName: aws.String(d.Id()), | ||
| PolicyDocument: aws.String(d.Get("policy").(string)), | ||
| SetAsDefault: aws.Bool(true), | ||
| }) | ||
|
|
||
| if err != nil { | ||
| log.Printf("[ERROR] %s", err) | ||
| return err | ||
| } | ||
| } | ||
|
|
||
| return resourceAwsIotPolicyRead(d, meta) | ||
| } | ||
|
|
||
| func resourceAwsIotPolicyDelete(d *schema.ResourceData, meta interface{}) error { | ||
|
|
||
| conn := meta.(*AWSClient).iotconn | ||
|
|
||
| out, err := conn.ListPolicyVersions(&iot.ListPolicyVersionsInput{ | ||
| PolicyName: aws.String(d.Id()), | ||
| }) | ||
|
|
||
| if err != nil { | ||
| return err | ||
| } | ||
|
|
||
| // Delete all non-default versions of the policy | ||
| for _, ver := range out.PolicyVersions { | ||
| if !*ver.IsDefaultVersion { | ||
| _, err = conn.DeletePolicyVersion(&iot.DeletePolicyVersionInput{ | ||
| PolicyName: aws.String(d.Id()), | ||
| PolicyVersionId: ver.VersionId, | ||
| }) | ||
| if err != nil { | ||
| log.Printf("[ERROR] %s", err) | ||
| return err | ||
| } | ||
| } | ||
| } | ||
|
|
||
| //Delete default policy version | ||
| _, err = conn.DeletePolicy(&iot.DeletePolicyInput{ | ||
| PolicyName: aws.String(d.Id()), | ||
| }) | ||
|
|
||
| if err != nil { | ||
| log.Printf("[ERROR] %s", err) | ||
| return err | ||
| } | ||
|
|
||
| return nil | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,109 @@ | ||
| package aws | ||
|
|
||
| import ( | ||
| "fmt" | ||
| "testing" | ||
|
|
||
| "github.com/aws/aws-sdk-go/service/iot" | ||
| "github.com/hashicorp/terraform/helper/resource" | ||
| "github.com/hashicorp/terraform/terraform" | ||
| "regexp" | ||
| ) | ||
|
|
||
| func TestAccAWSIoTPolicy_basic(t *testing.T) { | ||
| resource.Test(t, resource.TestCase{ | ||
| PreCheck: func() { testAccPreCheck(t) }, | ||
| Providers: testAccProviders, | ||
| CheckDestroy: testAccCheckAWSIoTPolicyDestroy_basic, | ||
| Steps: []resource.TestStep{ | ||
| resource.TestStep{ | ||
| Config: testAccAWSIoTPolicy_basic, | ||
| Check: resource.ComposeTestCheckFunc( | ||
| testAccCheckAWSIoTPolicyExists_basic("aws_iot_policy.pubsub"), | ||
| ), | ||
| }, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func TestAccAWSIoTPolicy_invalidJson(t *testing.T) { | ||
| resource.Test(t, resource.TestCase{ | ||
| PreCheck: func() { testAccPreCheck(t) }, | ||
| Providers: testAccProviders, | ||
| CheckDestroy: testAccCheckAWSIoTPolicyDestroy_basic, | ||
| Steps: []resource.TestStep{ | ||
| { | ||
| Config: testAccAWSIoTPolicyInvalidJsonConfig, | ||
| ExpectError: regexp.MustCompile("MalformedPolicyException.*"), | ||
| }, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func testAccCheckAWSIoTPolicyDestroy_basic(s *terraform.State) error { | ||
| conn := testAccProvider.Meta().(*AWSClient).iotconn | ||
|
|
||
| for _, rs := range s.RootModule().Resources { | ||
| if rs.Type != "aws_iot_policy" { | ||
| continue | ||
| } | ||
|
|
||
| out, err := conn.ListPolicies(&iot.ListPoliciesInput{}) | ||
|
|
||
| if err != nil { | ||
| return err | ||
| } | ||
|
|
||
| for _, t := range out.Policies { | ||
| if *t.PolicyName == rs.Primary.ID { | ||
| return fmt.Errorf("IoT policy still exists:\n%s", t) | ||
| } | ||
| } | ||
|
|
||
| } | ||
|
|
||
| return nil | ||
| } | ||
|
|
||
| func testAccCheckAWSIoTPolicyExists_basic(name string) resource.TestCheckFunc { | ||
| return func(s *terraform.State) error { | ||
| _, ok := s.RootModule().Resources[name] | ||
| if !ok { | ||
| return fmt.Errorf("Not found: %s", name) | ||
| } | ||
|
|
||
| return nil | ||
| } | ||
| } | ||
|
|
||
| var testAccAWSIoTPolicy_basic = ` | ||
| resource "aws_iot_policy" "pubsub" { | ||
| name = "PubSubToAnyTopic" | ||
| policy = <<EOF | ||
| { | ||
| "Version": "2012-10-17", | ||
| "Statement": [{ | ||
| "Effect": "Allow", | ||
| "Action": ["iot:*"], | ||
| "Resource": ["*"] | ||
| }] | ||
| } | ||
| EOF | ||
| } | ||
| ` | ||
|
|
||
| var testAccAWSIoTPolicyInvalidJsonConfig = ` | ||
| resource "aws_iot_policy" "pubsub" { | ||
| name = "PubSubToAnyTopic" | ||
| policy = <<EOF | ||
| { | ||
| "Version": "2012-10-17", | ||
| "Statement": [{ | ||
| "Effect": "Allow", | ||
| "Action": ["iot:*"], | ||
| "Resource": ["*"] | ||
| }] | ||
| } | ||
| EOF | ||
| } | ||
| ` |
Oops, something went wrong.