resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
terraform/builtin/providers/aws/resource_aws_ssm_document.go

482 lines
12 KiB
Go
Raw Normal View History

provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
package aws
import (
provider/aws: Add retry to the `aws_ssm_document` delete func As noticed in the acceptance tests, we were expecting the document to be deleted but it was still found ``` === RUN TestAccAWSSSMDocument_permission --- FAIL: TestAccAWSSSMDocument_permission (5.60s) testing.go:329: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: Expected AWS SSM Document to be gone, but was still found State: <no state> ```
2016-10-03 17:14:15 +02:00
"fmt"
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"log"
provider/aws Add support for updating SSM documents (#13491) * Add schema_version as computed ssm document attribute * Update the SSM document itself if the content has changed and it has a schema >= 2.0 * Add default_version as DocumentVersion in SSM doc update * Acceptance test for updating an SSM document * Better error handling in updating SSM documents * Add SSM document update documentation * Better names for SSM input params
2017-04-10 13:13:43 +02:00
"strconv"
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"strings"
provider/aws: Add retry to the `aws_ssm_document` delete func As noticed in the acceptance tests, we were expecting the document to be deleted but it was still found ``` === RUN TestAccAWSSSMDocument_permission --- FAIL: TestAccAWSSSMDocument_permission (5.60s) testing.go:329: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: Expected AWS SSM Document to be gone, but was still found State: <no state> ```
2016-10-03 17:14:15 +02:00
"time"
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"github.com/aws/aws-sdk-go/aws"
provider/aws: Add retry to the `aws_ssm_document` delete func As noticed in the acceptance tests, we were expecting the document to be deleted but it was still found ``` === RUN TestAccAWSSSMDocument_permission --- FAIL: TestAccAWSSSMDocument_permission (5.60s) testing.go:329: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: Expected AWS SSM Document to be gone, but was still found State: <no state> ```
2016-10-03 17:14:15 +02:00
"github.com/aws/aws-sdk-go/aws/awserr"
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"github.com/aws/aws-sdk-go/service/ssm"
"github.com/hashicorp/errwrap"
provider/aws: Add retry to the `aws_ssm_document` delete func As noticed in the acceptance tests, we were expecting the document to be deleted but it was still found ``` === RUN TestAccAWSSSMDocument_permission --- FAIL: TestAccAWSSSMDocument_permission (5.60s) testing.go:329: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: Expected AWS SSM Document to be gone, but was still found State: <no state> ```
2016-10-03 17:14:15 +02:00
"github.com/hashicorp/terraform/helper/resource"
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"github.com/hashicorp/terraform/helper/schema"
)
provider/aws Add support for updating SSM documents (#13491) * Add schema_version as computed ssm document attribute * Update the SSM document itself if the content has changed and it has a schema >= 2.0 * Add default_version as DocumentVersion in SSM doc update * Acceptance test for updating an SSM document * Better error handling in updating SSM documents * Add SSM document update documentation * Better names for SSM input params
2017-04-10 13:13:43 +02:00
const (
MINIMUM_VERSIONED_SCHEMA = 2.0
)
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
func resourceAwsSsmDocument() *schema.Resource {
return &schema.Resource{
Create: resourceAwsSsmDocumentCreate,
Read: resourceAwsSsmDocumentRead,
Update: resourceAwsSsmDocumentUpdate,
Delete: resourceAwsSsmDocumentDelete,
Schema: map[string]*schema.Schema{
provider/aws: Support run_command_parameters in aws_cloudwatch_event_target (#14067) ``` % make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchEventTarget_' ==> Checking that code complies with gofmt requirements... go generate $(go list ./... | grep -v /terraform/vendor/) 2017/04/29 11:00:09 Generated command/internal_plugin_list.go TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchEventTarget_ -timeout 120m === RUN TestAccAWSCloudWatchEventTarget_basic --- PASS: TestAccAWSCloudWatchEventTarget_basic (58.75s) === RUN TestAccAWSCloudWatchEventTarget_missingTargetId --- PASS: TestAccAWSCloudWatchEventTarget_missingTargetId (36.11s) === RUN TestAccAWSCloudWatchEventTarget_full --- PASS: TestAccAWSCloudWatchEventTarget_full (90.30s) === RUN TestAccAWSCloudWatchEventTarget_ssmDocument --- PASS: TestAccAWSCloudWatchEventTarget_ssmDocument (38.64s) PASS ok github.com/hashicorp/terraform/builtin/providers/aws 223.833s ```
2017-05-04 19:46:11 +02:00
"arn": {
Type: schema.TypeString,
Computed: true,
},
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"name": {
Type: schema.TypeString,
Required: true,
},
"content": {
Type: schema.TypeString,
Required: true,
},
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
"document_type": {
Type: schema.TypeString,
Required: true,
ValidateFunc: validateAwsSSMDocumentType,
},
provider/aws Add support for updating SSM documents (#13491) * Add schema_version as computed ssm document attribute * Update the SSM document itself if the content has changed and it has a schema >= 2.0 * Add default_version as DocumentVersion in SSM doc update * Acceptance test for updating an SSM document * Better error handling in updating SSM documents * Add SSM document update documentation * Better names for SSM input params
2017-04-10 13:13:43 +02:00
"schema_version": {
Type: schema.TypeString,
Computed: true,
},
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"created_date": {
Type: schema.TypeString,
Computed: true,
},
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
"default_version": {
Type: schema.TypeString,
Computed: true,
},
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"description": {
Type: schema.TypeString,
Computed: true,
},
"hash": {
Type: schema.TypeString,
Computed: true,
},
"hash_type": {
Type: schema.TypeString,
Computed: true,
},
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
"latest_version": {
Type: schema.TypeString,
Computed: true,
},
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
"owner": {
Type: schema.TypeString,
Computed: true,
},
"status": {
Type: schema.TypeString,
Computed: true,
},
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
"platform_types": {
Type: schema.TypeList,
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
Computed: true,
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
Elem: &schema.Schema{Type: schema.TypeString},
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
},
"parameter": {
Type: schema.TypeList,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"name": {
Type: schema.TypeString,
Optional: true,
},
"default_value": {
Type: schema.TypeString,
Optional: true,
},
"description": {
Type: schema.TypeString,
Optional: true,
},
"type": {
Type: schema.TypeString,
Optional: true,
},
},
},
},
"permissions": {
Type: schema.TypeMap,
Optional: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"type": {
Type: schema.TypeString,
Required: true,
},
"account_ids": {
Type: schema.TypeString,
Required: true,
},
},
},
},
},
}
}
func resourceAwsSsmDocumentCreate(d *schema.ResourceData, meta interface{}) error {
ssmconn := meta.(*AWSClient).ssmconn
log.Printf("[INFO] Creating SSM Document: %s", d.Get("name").(string))
docInput := &ssm.CreateDocumentInput{
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
Name: aws.String(d.Get("name").(string)),
Content: aws.String(d.Get("content").(string)),
DocumentType: aws.String(d.Get("document_type").(string)),
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
}
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
log.Printf("[DEBUG] Waiting for SSM Document %q to be created", d.Get("name").(string))
err := resource.Retry(5*time.Minute, func() *resource.RetryError {
resp, err := ssmconn.CreateDocument(docInput)
if err != nil {
return resource.NonRetryableError(err)
}
d.SetId(*resp.DocumentDescription.Name)
return nil
})
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
if err != nil {
return errwrap.Wrapf("[ERROR] Error creating SSM document: {{err}}", err)
}
if v, ok := d.GetOk("permissions"); ok && v != nil {
provider/aws: Run errcheck in tests (#8579) * provider/aws: Add errcheck to Makefile, error on unchecked errors * more exceptions * updates for errcheck to pass * reformat and spilt out the ignore statements * narrow down ignores * fix typo, only ignore Close and Write, instead of close or write
2016-09-02 16:24:17 +02:00
if err := setDocumentPermissions(d, meta); err != nil {
return err
}
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
} else {
log.Printf("[DEBUG] Not setting permissions for %q", d.Id())
}
return resourceAwsSsmDocumentRead(d, meta)
}
func resourceAwsSsmDocumentRead(d *schema.ResourceData, meta interface{}) error {
ssmconn := meta.(*AWSClient).ssmconn
log.Printf("[DEBUG] Reading SSM Document: %s", d.Id())
docInput := &ssm.DescribeDocumentInput{
Name: aws.String(d.Get("name").(string)),
}
resp, err := ssmconn.DescribeDocument(docInput)
if err != nil {
provider/aws: Refresh ssm document from state on 404 (#14279) * provider/aws: Refresh ssm document from state on 404 Originally reported in #13976 When an SSM Document was deleted outside of Terraform, a terraform refresh would return the following: ``` % terraform plan Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. aws_ssm_document.foo: Refreshing state... (ID: test_document-stack72) Error refreshing state: 1 error(s) occurred: * aws_ssm_document.foo: aws_ssm_document.foo: [ERROR] Error describing SSM document: InvalidDocument: status code: 400, request id: 70c9bed1-33bb-11e7-99aa-697e9b0914e9 ``` On applying this patch, it now looks as follows: ``` % terraform plan [WARN] /Users/stacko/Code/go/bin/terraform-provider-aws overrides an internal plugin for aws-provider. If you did not expect to see this message you will need to remove the old plugin. See https://www.terraform.io/docs/internals/internal-plugins.html Refreshing Terraform state in-memory prior to plan... The refreshed state will be used to calculate this plan, but will not be persisted to local or remote state storage. aws_ssm_document.foo: Refreshing state... (ID: test_document-stack72) The Terraform execution plan has been generated and is shown below. Resources are shown in alphabetical order for quick scanning. Green resources will be created (or destroyed and then created if an existing resource exists), yellow resources are being changed in-place, and red resources will be destroyed. Cyan entries are data sources to be read. Note: You didn't specify an "-out" parameter to save this plan, so when "apply" is called, Terraform can't guarantee this is what will execute. + aws_ssm_document.foo arn: "<computed>" content: " {\n \"schemaVersion\": \"1.2\",\n \"description\": \"Check ip configuration of a Linux instance.\",\n \"parameters\": {\n\n },\n \"runtimeConfig\": {\n \"aws:runShellScript\": {\n \"properties\": [\n {\n \"id\": \"0.aws:runShellScript\",\n \"runCommand\": [\"ifconfig\"]\n }\n ]\n }\n }\n }\n" created_date: "<computed>" default_version: "<computed>" description: "<computed>" document_type: "Command" hash: "<computed>" hash_type: "<computed>" latest_version: "<computed>" name: "test_document-stack72" owner: "<computed>" parameter.#: "<computed>" platform_types.#: "<computed>" schema_version: "<computed>" status: "<computed>" Plan: 1 to add, 0 to change, 0 to destroy. ``` * Update resource_aws_ssm_document.go
2017-05-08 12:50:16 +02:00
if ssmErr, ok := err.(awserr.Error); ok && ssmErr.Code() == "InvalidDocument" {
log.Printf("[WARN] SSM Document not found so removing from state")
d.SetId("")
return nil
}
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
return errwrap.Wrapf("[ERROR] Error describing SSM document: {{err}}", err)
}
doc := resp.Document
d.Set("created_date", doc.CreatedDate)
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
d.Set("default_version", doc.DefaultVersion)
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
d.Set("description", doc.Description)
provider/aws Add support for updating SSM documents (#13491) * Add schema_version as computed ssm document attribute * Update the SSM document itself if the content has changed and it has a schema >= 2.0 * Add default_version as DocumentVersion in SSM doc update * Acceptance test for updating an SSM document * Better error handling in updating SSM documents * Add SSM document update documentation * Better names for SSM input params
2017-04-10 13:13:43 +02:00
d.Set("schema_version", doc.SchemaVersion)
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
if _, ok := d.GetOk("document_type"); ok {
d.Set("document_type", doc.DocumentType)
}
d.Set("document_version", doc.DocumentVersion)
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
d.Set("hash", doc.Hash)
d.Set("hash_type", doc.HashType)
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
d.Set("latest_version", doc.LatestVersion)
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
d.Set("name", doc.Name)
d.Set("owner", doc.Owner)
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
d.Set("platform_types", flattenStringList(doc.PlatformTypes))
provider/aws: Support run_command_parameters in aws_cloudwatch_event_target (#14067) ``` % make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchEventTarget_' ==> Checking that code complies with gofmt requirements... go generate $(go list ./... | grep -v /terraform/vendor/) 2017/04/29 11:00:09 Generated command/internal_plugin_list.go TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchEventTarget_ -timeout 120m === RUN TestAccAWSCloudWatchEventTarget_basic --- PASS: TestAccAWSCloudWatchEventTarget_basic (58.75s) === RUN TestAccAWSCloudWatchEventTarget_missingTargetId --- PASS: TestAccAWSCloudWatchEventTarget_missingTargetId (36.11s) === RUN TestAccAWSCloudWatchEventTarget_full --- PASS: TestAccAWSCloudWatchEventTarget_full (90.30s) === RUN TestAccAWSCloudWatchEventTarget_ssmDocument --- PASS: TestAccAWSCloudWatchEventTarget_ssmDocument (38.64s) PASS ok github.com/hashicorp/terraform/builtin/providers/aws 223.833s ```
2017-05-04 19:46:11 +02:00
if err := d.Set("arn", flattenAwsSsmDocumentArn(meta, doc.Name)); err != nil {
return fmt.Errorf("[DEBUG] Error setting arn error: %#v", err)
}
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
d.Set("status", doc.Status)
gp, err := getDocumentPermissions(d, meta)
if err != nil {
return errwrap.Wrapf("[ERROR] Error reading SSM document permissions: {{err}}", err)
}
d.Set("permissions", gp)
params := make([]map[string]interface{}, 0)
for i := 0; i < len(doc.Parameters); i++ {
dp := doc.Parameters[i]
param := make(map[string]interface{})
if dp.DefaultValue != nil {
param["default_value"] = *dp.DefaultValue
}
nil checks when assigning to param map in resourceAwsSsmDocumentRead (#12891) * add nil check when assingment from a doc parameter to the param map * remove println
2017-03-20 19:24:13 +01:00
if dp.Description != nil {
param["description"] = *dp.Description
}
if dp.Name != nil {
param["name"] = *dp.Name
}
if dp.Type != nil {
param["type"] = *dp.Type
}
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
params = append(params, param)
}
if len(params) == 0 {
params = make([]map[string]interface{}, 1)
}
if err := d.Set("parameter", params); err != nil {
return err
}
return nil
}
provider/aws: Support run_command_parameters in aws_cloudwatch_event_target (#14067) ``` % make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchEventTarget_' ==> Checking that code complies with gofmt requirements... go generate $(go list ./... | grep -v /terraform/vendor/) 2017/04/29 11:00:09 Generated command/internal_plugin_list.go TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchEventTarget_ -timeout 120m === RUN TestAccAWSCloudWatchEventTarget_basic --- PASS: TestAccAWSCloudWatchEventTarget_basic (58.75s) === RUN TestAccAWSCloudWatchEventTarget_missingTargetId --- PASS: TestAccAWSCloudWatchEventTarget_missingTargetId (36.11s) === RUN TestAccAWSCloudWatchEventTarget_full --- PASS: TestAccAWSCloudWatchEventTarget_full (90.30s) === RUN TestAccAWSCloudWatchEventTarget_ssmDocument --- PASS: TestAccAWSCloudWatchEventTarget_ssmDocument (38.64s) PASS ok github.com/hashicorp/terraform/builtin/providers/aws 223.833s ```
2017-05-04 19:46:11 +02:00
func flattenAwsSsmDocumentArn(meta interface{}, docName *string) string {
region := meta.(*AWSClient).region
return fmt.Sprintf("arn:aws:ssm:%s::document/%s", region, *docName)
}
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
func resourceAwsSsmDocumentUpdate(d *schema.ResourceData, meta interface{}) error {
if _, ok := d.GetOk("permissions"); ok {
provider/aws: Run errcheck in tests (#8579) * provider/aws: Add errcheck to Makefile, error on unchecked errors * more exceptions * updates for errcheck to pass * reformat and spilt out the ignore statements * narrow down ignores * fix typo, only ignore Close and Write, instead of close or write
2016-09-02 16:24:17 +02:00
if err := setDocumentPermissions(d, meta); err != nil {
return err
}
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
} else {
log.Printf("[DEBUG] Not setting document permissions on %q", d.Id())
}
provider/aws Add support for updating SSM documents (#13491) * Add schema_version as computed ssm document attribute * Update the SSM document itself if the content has changed and it has a schema >= 2.0 * Add default_version as DocumentVersion in SSM doc update * Acceptance test for updating an SSM document * Better error handling in updating SSM documents * Add SSM document update documentation * Better names for SSM input params
2017-04-10 13:13:43 +02:00
if !d.HasChange("content") {
return nil
}
if schemaVersion, ok := d.GetOk("schemaVersion"); ok {
schemaNumber, _ := strconv.ParseFloat(schemaVersion.(string), 64)
if schemaNumber < MINIMUM_VERSIONED_SCHEMA {
log.Printf("[DEBUG] Skipping document update because document version is not 2.0 %q", d.Id())
return nil
}
}
if err := updateAwsSSMDocument(d, meta); err != nil {
return err
}
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
return resourceAwsSsmDocumentRead(d, meta)
}
func resourceAwsSsmDocumentDelete(d *schema.ResourceData, meta interface{}) error {
ssmconn := meta.(*AWSClient).ssmconn
provider/aws: Run errcheck in tests (#8579) * provider/aws: Add errcheck to Makefile, error on unchecked errors * more exceptions * updates for errcheck to pass * reformat and spilt out the ignore statements * narrow down ignores * fix typo, only ignore Close and Write, instead of close or write
2016-09-02 16:24:17 +02:00
if err := deleteDocumentPermissions(d, meta); err != nil {
return err
}
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
log.Printf("[INFO] Deleting SSM Document: %s", d.Id())
params := &ssm.DeleteDocumentInput{
Name: aws.String(d.Get("name").(string)),
}
_, err := ssmconn.DeleteDocument(params)
provider/aws: Add retry to the `aws_ssm_document` delete func As noticed in the acceptance tests, we were expecting the document to be deleted but it was still found ``` === RUN TestAccAWSSSMDocument_permission --- FAIL: TestAccAWSSSMDocument_permission (5.60s) testing.go:329: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: Expected AWS SSM Document to be gone, but was still found State: <no state> ```
2016-10-03 17:14:15 +02:00
if err != nil {
return err
}
log.Printf("[DEBUG] Waiting for SSM Document %q to be deleted", d.Get("name").(string))
err = resource.Retry(10*time.Minute, func() *resource.RetryError {
_, err := ssmconn.DescribeDocument(&ssm.DescribeDocumentInput{
Name: aws.String(d.Get("name").(string)),
})
if err != nil {
awsErr, ok := err.(awserr.Error)
if !ok {
return resource.NonRetryableError(err)
}
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
provider/aws: Add retry to the `aws_ssm_document` delete func As noticed in the acceptance tests, we were expecting the document to be deleted but it was still found ``` === RUN TestAccAWSSSMDocument_permission --- FAIL: TestAccAWSSSMDocument_permission (5.60s) testing.go:329: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: Expected AWS SSM Document to be gone, but was still found State: <no state> ```
2016-10-03 17:14:15 +02:00
if awsErr.Code() == "InvalidDocument" {
return nil
}
return resource.NonRetryableError(err)
}
return resource.RetryableError(
fmt.Errorf("%q: Timeout while waiting for the document to be deleted", d.Id()))
})
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
if err != nil {
return err
}
provider/aws: Add retry to the `aws_ssm_document` delete func As noticed in the acceptance tests, we were expecting the document to be deleted but it was still found ``` === RUN TestAccAWSSSMDocument_permission --- FAIL: TestAccAWSSSMDocument_permission (5.60s) testing.go:329: Error destroying resource! WARNING: Dangling resources may exist. The full state and error is shown below. Error: Check failed: Expected AWS SSM Document to be gone, but was still found State: <no state> ```
2016-10-03 17:14:15 +02:00
d.SetId("")
provider/aws: Adding `aws_ssm_document` resource (#8460) * provider/aws: add `aws_ssm_document` resource * provider/aws: Changes to `aws_ssm_document` post code review The changes are things like using d.Id rather than d.Get("name").(string) and errwrap.Wrapf rather than fmt.Errorf
2016-08-25 10:47:24 +02:00
return nil
}
func setDocumentPermissions(d *schema.ResourceData, meta interface{}) error {
ssmconn := meta.(*AWSClient).ssmconn
log.Printf("[INFO] Setting permissions for document: %s", d.Id())
permission := d.Get("permissions").(map[string]interface{})
ids := aws.StringSlice([]string{permission["account_ids"].(string)})
if strings.Contains(permission["account_ids"].(string), ",") {
ids = aws.StringSlice(strings.Split(permission["account_ids"].(string), ","))
}
permInput := &ssm.ModifyDocumentPermissionInput{
Name: aws.String(d.Get("name").(string)),
PermissionType: aws.String(permission["type"].(string)),
AccountIdsToAdd: ids,
}
_, err := ssmconn.ModifyDocumentPermission(permInput)
if err != nil {
return errwrap.Wrapf("[ERROR] Error setting permissions for SSM document: {{err}}", err)
}
return nil
}
func getDocumentPermissions(d *schema.ResourceData, meta interface{}) (map[string]interface{}, error) {
ssmconn := meta.(*AWSClient).ssmconn
log.Printf("[INFO] Getting permissions for document: %s", d.Id())
//How to get from nested scheme resource?
permissionType := "Share"
permInput := &ssm.DescribeDocumentPermissionInput{
Name: aws.String(d.Get("name").(string)),
PermissionType: aws.String(permissionType),
}
resp, err := ssmconn.DescribeDocumentPermission(permInput)
if err != nil {
return nil, errwrap.Wrapf("[ERROR] Error setting permissions for SSM document: {{err}}", err)
}
var account_ids = make([]string, len(resp.AccountIds))
for i := 0; i < len(resp.AccountIds); i++ {
account_ids[i] = *resp.AccountIds[i]
}
var ids = ""
if len(account_ids) == 1 {
ids = account_ids[0]
} else if len(account_ids) > 1 {
ids = strings.Join(account_ids, ",")
} else {
ids = ""
}
if ids == "" {
return nil, nil
}
perms := make(map[string]interface{})
perms["type"] = permissionType
perms["account_ids"] = ids
return perms, nil
}
func deleteDocumentPermissions(d *schema.ResourceData, meta interface{}) error {
ssmconn := meta.(*AWSClient).ssmconn
log.Printf("[INFO] Removing permissions from document: %s", d.Id())
permInput := &ssm.ModifyDocumentPermissionInput{
Name: aws.String(d.Get("name").(string)),
PermissionType: aws.String("Share"),
AccountIdsToRemove: aws.StringSlice(strings.Split("all", ",")),
}
_, err := ssmconn.ModifyDocumentPermission(permInput)
if err != nil {
return errwrap.Wrapf("[ERROR] Error removing permissions for SSM document: {{err}}", err)
}
return nil
}
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
provider/aws Add support for updating SSM documents (#13491) * Add schema_version as computed ssm document attribute * Update the SSM document itself if the content has changed and it has a schema >= 2.0 * Add default_version as DocumentVersion in SSM doc update * Acceptance test for updating an SSM document * Better error handling in updating SSM documents * Add SSM document update documentation * Better names for SSM input params
2017-04-10 13:13:43 +02:00
func updateAwsSSMDocument(d *schema.ResourceData, meta interface{}) error {
log.Printf("[INFO] Updating SSM Document: %s", d.Id())
name := d.Get("name").(string)
updateDocInput := &ssm.UpdateDocumentInput{
Name: aws.String(name),
Content: aws.String(d.Get("content").(string)),
DocumentVersion: aws.String(d.Get("default_version").(string)),
}
newDefaultVersion := d.Get("default_version").(string)
ssmconn := meta.(*AWSClient).ssmconn
updated, err := ssmconn.UpdateDocument(updateDocInput)
if isAWSErr(err, "DuplicateDocumentContent", "") {
log.Printf("[DEBUG] Content is a duplicate of the latest version so update is not necessary: %s", d.Id())
log.Printf("[INFO] Updating the default version to the latest version %s: %s", newDefaultVersion, d.Id())
newDefaultVersion = d.Get("latest_version").(string)
} else if err != nil {
return errwrap.Wrapf("Error updating SSM document: {{err}}", err)
} else {
log.Printf("[INFO] Updating the default version to the new version %s: %s", newDefaultVersion, d.Id())
newDefaultVersion = *updated.DocumentDescription.DocumentVersion
}
updateDefaultInput := &ssm.UpdateDocumentDefaultVersionInput{
Name: aws.String(name),
DocumentVersion: aws.String(newDefaultVersion),
}
_, err = ssmconn.UpdateDocumentDefaultVersion(updateDefaultInput)
if err != nil {
return errwrap.Wrapf("Error updating the default document version to that of the updated document: {{err}}", err)
}
return nil
}
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
func validateAwsSSMDocumentType(v interface{}, k string) (ws []string, errors []error) {
value := v.(string)
types := map[string]bool{
"Command": true,
"Policy": true,
"Automation": true,
}
if !types[value] {
provider/aws: Fix error message returned when an invalid SSM document type is provided. The original error appears to have been copied from the CodeBuild resource and provides incorrect information about valid types.
2017-02-25 04:34:09 +01:00
errors = append(errors, fmt.Errorf("Document type %s is invalid. Valid types are Command, Policy or Automation", value))
Latest updates to aws_ssm_document resource. (#11671) A parameter `document_type` and a few more attributes returned based upon the new API.
2017-02-08 13:45:38 +01:00
}
return
}