resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert "provider/aws: Added the ability to import aws_iam_role's" (#8112)

This commit is contained in:
Clint 2016-08-10 11:18:03 -05:00 committed by GitHub
parent 5d9fa90005
commit 3fc119923e
7 changed files with 155 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
builtin/providers/aws/import_aws_iam_role_test.go
View File

@ -1,28 +0,0 @@
package aws
import (
"testing"
"github.com/hashicorp/terraform/helper/resource"
)
func TestAccAWSRole_importBasic(t *testing.T) {
resourceName := "aws_iam_role.role"
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSRoleDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSRoleConfig,
},
resource.TestStep{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
},
},
})
}

8
builtin/providers/aws/resource_aws_iam_instance_profile_test.go
View File

@ -120,8 +120,8 @@ func testAccCheckAWSInstanceProfileExists(n string, res *iam.GetInstanceProfileO
const testAccAwsIamInstanceProfileConfig = ` const testAccAwsIamInstanceProfileConfig = `
resource "aws_iam_role" "test" { resource "aws_iam_role" "test" {
name = "test" name = "test"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"
} }
resource "aws_iam_instance_profile" "test" { resource "aws_iam_instance_profile" "test" {
@ -132,8 +132,8 @@ resource "aws_iam_instance_profile" "test" {
const testAccAWSInstanceProfilePrefixNameConfig = ` const testAccAWSInstanceProfilePrefixNameConfig = `
resource "aws_iam_role" "test" { resource "aws_iam_role" "test" {
name = "test" name = "test"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"
} }
resource "aws_iam_instance_profile" "test" { resource "aws_iam_instance_profile" "test" {

75
builtin/providers/aws/resource_aws_iam_policy_attachment_test.go
View File

@ -113,8 +113,22 @@ resource "aws_iam_user" "user" {
name = "test-user" name = "test-user"
} }
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name = "test-role" name = "test-role"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
} }
resource "aws_iam_group" "group" { resource "aws_iam_group" "group" {
@ -160,16 +174,61 @@ resource "aws_iam_user" "user3" {
name = "test-user3" name = "test-user3"
} }
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name = "test-role" name = "test-role"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
} }
EOF
}
resource "aws_iam_role" "role2" { resource "aws_iam_role" "role2" {
name = "test-role2" name = "test-role2"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
} }
resource "aws_iam_role" "role3" { resource "aws_iam_role" "role3" {
name = "test-role3" name = "test-role3"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
} }
resource "aws_iam_group" "group" { resource "aws_iam_group" "group" {
name = "test-group" name = "test-group"

9
builtin/providers/aws/resource_aws_iam_role.go
View File

@ -2,7 +2,6 @@ package aws
import ( import (
"fmt" "fmt"
"net/url"
"regexp" "regexp"
"time" "time"
@ -21,10 +20,6 @@ func resourceAwsIamRole() *schema.Resource {
Update: resourceAwsIamRoleUpdate, Update: resourceAwsIamRoleUpdate,
Delete: resourceAwsIamRoleDelete, Delete: resourceAwsIamRoleDelete,
Importer: &schema.ResourceImporter{
State: schema.ImportStatePassthrough,
},
Schema: map[string]*schema.Schema{ Schema: map[string]*schema.Schema{
"arn": &schema.Schema{ "arn": &schema.Schema{
Type: schema.TypeString, Type: schema.TypeString,
@ -179,10 +174,6 @@ func resourceAwsIamRoleReadResult(d *schema.ResourceData, role *iam.Role) error
if err := d.Set("unique_id", role.RoleId); err != nil { if err := d.Set("unique_id", role.RoleId); err != nil {
return err return err
} }
policy, _ := url.QueryUnescape(*role.AssumeRolePolicyDocument)
if err := d.Set("assume_role_policy", aws.String(policy)); err != nil {
return err
}
return nil return nil
} }

36
builtin/providers/aws/resource_aws_iam_role_policy_attachment_test.go
View File

@ -90,8 +90,22 @@ func testAccCheckAWSRolePolicyAttachmentAttributes(policies []string, out *iam.L
const testAccAWSRolePolicyAttachConfig = ` const testAccAWSRolePolicyAttachConfig = `
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name = "test-role" name = "test-role"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
} }
resource "aws_iam_policy" "policy" { resource "aws_iam_policy" "policy" {
@ -121,8 +135,22 @@ resource "aws_iam_role_policy_attachment" "test-attach" {
const testAccAWSRolePolicyAttachConfigUpdate = ` const testAccAWSRolePolicyAttachConfigUpdate = `
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name = "test-role" name = "test-role"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
} }
resource "aws_iam_policy" "policy" { resource "aws_iam_policy" "policy" {

30
builtin/providers/aws/resource_aws_iam_role_policy_test.go
View File

@ -113,15 +113,15 @@ func testAccCheckIAMRolePolicy(
func testAccIAMRolePolicyConfig(role, policy1 string) string { func testAccIAMRolePolicyConfig(role, policy1 string) string {
return fmt.Sprintf(` return fmt.Sprintf(`
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name = "tf_test_role_%s" name = "tf_test_role_%s"
path = "/" path = "/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Effect\":\"Allow\",\"Sid\":\"\"}]}"
} }
resource "aws_iam_role_policy" "foo" { resource "aws_iam_role_policy" "foo" {
name = "tf_test_policy_%s" name = "tf_test_policy_%s"
role = "${aws_iam_role.role.name}" role = "${aws_iam_role.role.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}" policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
} }
`, role, policy1) `, role, policy1)
} }
@ -129,21 +129,21 @@ resource "aws_iam_role_policy" "foo" {
func testAccIAMRolePolicyConfigUpdate(role, policy1, policy2 string) string { func testAccIAMRolePolicyConfigUpdate(role, policy1, policy2 string) string {
return fmt.Sprintf(` return fmt.Sprintf(`
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name = "tf_test_role_%s" name = "tf_test_role_%s"
path = "/" path = "/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Action\":\"sts:AssumeRole\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Effect\":\"Allow\",\"Sid\":\"\"}]}"
} }
resource "aws_iam_role_policy" "foo" { resource "aws_iam_role_policy" "foo" {
name = "tf_test_policy_%s" name = "tf_test_policy_%s"
role = "${aws_iam_role.role.name}" role = "${aws_iam_role.role.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}" policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
} }
resource "aws_iam_role_policy" "bar" { resource "aws_iam_role_policy" "bar" {
name = "tf_test_policy_2_%s" name = "tf_test_policy_2_%s"
role = "${aws_iam_role.role.name}" role = "${aws_iam_role.role.name}"
policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}" policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
} }
`, role, policy1, policy2) `, role, policy1, policy2)
} }

45
builtin/providers/aws/resource_aws_iam_role_test.go
View File

@ -165,24 +165,39 @@ func testAccCheckAWSRoleAttributes(role *iam.GetRoleOutput) resource.TestCheckFu
const testAccAWSRoleConfig = ` const testAccAWSRoleConfig = `
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name = "test-role" name = "test-role"
path = "/" path = "/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"
} }
` `
const testAccAWSRolePrefixNameConfig = ` const testAccAWSRolePrefixNameConfig = `
resource "aws_iam_role" "role" { resource "aws_iam_role" "role" {
name_prefix = "test-role-" name_prefix = "test-role-"
path = "/" path = "/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"
} }
` `
const testAccAWSRolePre = ` const testAccAWSRolePre = `
resource "aws_iam_role" "role_update_test" { resource "aws_iam_role" "role_update_test" {
name = "tf_old_name" name = "tf_old_name"
path = "/test/" path = "/test/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
} }
resource "aws_iam_role_policy" "role_update_test" { resource "aws_iam_role_policy" "role_update_test" {
@ -217,7 +232,21 @@ const testAccAWSRolePost = `
resource "aws_iam_role" "role_update_test" { resource "aws_iam_role" "role_update_test" {
name = "tf_new_name" name = "tf_new_name"
path = "/test/" path = "/test/"
assume_role_policy = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}" assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
} }
resource "aws_iam_role_policy" "role_update_test" { resource "aws_iam_role_policy" "role_update_test" {