Merge pull request #7611 from hashicorp/b-iam-policy-document-fixes

provider/aws: Fix data.aws_iam_policy_document IDs
2016-07-13 12:21:11 -06:00 · 2016-07-13 12:21:11 -06:00 · 30ff7df954
parent 821d9d8b13 28438daeb4
commit 30ff7df954
4 changed files with 25 additions and 16 deletions
--- a/builtin/providers/aws/data_source_aws_iam_policy_document.go
+++ b/builtin/providers/aws/data_source_aws_iam_policy_document.go
@ -24,20 +24,20 @@ func dataSourceAwsIamPolicyDocument() *schema.Resource {
 		Read: dataSourceAwsIamPolicyDocumentRead,

 		Schema: map[string]*schema.Schema{
-			"id": &schema.Schema{
+			"policy_id": {
 				Type:     schema.TypeString,
 				Optional: true,
 			},
-			"statement": &schema.Schema{
-				Type:     schema.TypeSet,
+			"statement": {
+				Type:     schema.TypeList,
 				Required: true,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
-						"id": &schema.Schema{
+						"sid": {
 							Type:     schema.TypeString,
 							Optional: true,
 						},
-						"effect": &schema.Schema{
+						"effect": {
 							Type:     schema.TypeString,
 							Optional: true,
 							Default:  "Allow",
@ -48,20 +48,20 @@ func dataSourceAwsIamPolicyDocument() *schema.Resource {
 						"not_resources":  setOfString,
 						"principals":     dataSourceAwsIamPolicyPrincipalSchema(),
 						"not_principals": dataSourceAwsIamPolicyPrincipalSchema(),
-						"condition": &schema.Schema{
+						"condition": {
 							Type:     schema.TypeSet,
 							Optional: true,
 							Elem: &schema.Resource{
 								Schema: map[string]*schema.Schema{
-									"test": &schema.Schema{
+									"test": {
 										Type:     schema.TypeString,
 										Required: true,
 									},
-									"variable": &schema.Schema{
+									"variable": {
 										Type:     schema.TypeString,
 										Required: true,
 									},
-									"values": &schema.Schema{
+									"values": {
 										Type:     schema.TypeSet,
 										Required: true,
 										Elem: &schema.Schema{
@ -74,7 +74,7 @@ func dataSourceAwsIamPolicyDocument() *schema.Resource {
 					},
 				},
 			},
-			"json": &schema.Schema{
+			"json": {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
@ -87,11 +87,11 @@ func dataSourceAwsIamPolicyDocumentRead(d *schema.ResourceData, meta interface{}
 		Version: "2012-10-17",
 	}

-	if policyId, hasPolicyId := d.GetOk("id"); hasPolicyId {
+	if policyId, hasPolicyId := d.GetOk("policy_id"); hasPolicyId {
 		doc.Id = policyId.(string)
 	}

-	var cfgStmts = d.Get("statement").(*schema.Set).List()
+	var cfgStmts = d.Get("statement").([]interface{})
 	stmts := make([]*IAMPolicyStatement, len(cfgStmts))
 	doc.Statements = stmts
 	for i, stmtI := range cfgStmts {
@ -100,6 +100,10 @@ func dataSourceAwsIamPolicyDocumentRead(d *schema.ResourceData, meta interface{}
 			Effect: cfgStmt["effect"].(string),
 		}

+		if sid, ok := cfgStmt["sid"]; ok {
+			stmt.Sid = sid.(string)
+		}
+
 		if actions := cfgStmt["actions"].(*schema.Set).List(); len(actions) > 0 {
 			stmt.Actions = iamPolicyDecodeConfigStringList(actions)
 		}
--- a/builtin/providers/aws/data_source_aws_iam_policy_document_test.go
+++ b/builtin/providers/aws/data_source_aws_iam_policy_document_test.go
@ -16,7 +16,7 @@ func TestAccAWSIAMPolicyDocument(t *testing.T) {
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
-			resource.TestStep{
+			{
 				Config: testAccAWSIAMPolicyDocumentConfig,
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckStateValue(
@ -52,7 +52,9 @@ func testAccCheckStateValue(id, name, value string) resource.TestCheckFunc {

 var testAccAWSIAMPolicyDocumentConfig = `
 data "aws_iam_policy_document" "test" {
+    policy_id = "policy_id"
    statement {
+    	sid = "1"
        actions = [
            "s3:ListAllMyBuckets",
            "s3:GetBucketLocation",
@ -110,8 +112,10 @@ data "aws_iam_policy_document" "test" {

 var testAccAWSIAMPolicyDocumentExpectedJSON = `{
  "Version": "2012-10-17",
+  "Id": "policy_id",
  "Statement": [
    {
+      "Sid": "1",
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
--- a/builtin/providers/aws/iam_policy_model.go
+++ b/builtin/providers/aws/iam_policy_model.go
@ -5,8 +5,8 @@ import (
 )

 type IAMPolicyDoc struct {
-	Id         string                `json:",omitempty"`
 	Version    string                `json:",omitempty"`
+	Id         string                `json:",omitempty"`
 	Statements []*IAMPolicyStatement `json:"Statement"`
 }

--- a/website/source/docs/providers/aws/d/iam_policy_document.html.markdown
+++ b/website/source/docs/providers/aws/d/iam_policy_document.html.markdown
@ -17,6 +17,7 @@ such as the `aws_iam_policy` resource.
 ```
 data "aws_iam_policy_document" "example" {
    statement {
+        sid = "1"
        actions = [
            "s3:ListAllMyBuckets",
            "s3:GetBucketLocation",
@ -71,14 +72,14 @@ valid to use literal JSON strings within your configuration, or to use the

 The following arguments are supported:

-* `id` (Optional) - An ID for the policy document.
+* `policy_id` (Optional) - An ID for the policy document.
 * `statement` (Required) - A nested configuration block (described below)
  configuring one *statement* to be included in the policy document.

 Each document configuration must have one or more `statement` blocks, which
 each accept the following arguments:

-* `id` (Optional) - An ID for the policy statement.
+* `sid` (Optional) - An ID for the policy statement.
 * `effect` (Optional) - Either "Allow" or "Deny", to specify whether this
  statement allows or denies the given actions. The default is "Allow".
 * `actions` (Optional) - A list of actions that this statement either allows