Move endpoint options into endpoints block
This commit is contained in:
parent
231604e8b7
commit
e41266e971
|
@ -11,6 +11,8 @@ import (
|
||||||
"github.com/hashicorp/go-cleanhttp"
|
"github.com/hashicorp/go-cleanhttp"
|
||||||
"github.com/hashicorp/go-multierror"
|
"github.com/hashicorp/go-multierror"
|
||||||
|
|
||||||
|
"crypto/tls"
|
||||||
|
|
||||||
"github.com/aws/aws-sdk-go/aws"
|
"github.com/aws/aws-sdk-go/aws"
|
||||||
"github.com/aws/aws-sdk-go/aws/awserr"
|
"github.com/aws/aws-sdk-go/aws/awserr"
|
||||||
awsCredentials "github.com/aws/aws-sdk-go/aws/credentials"
|
awsCredentials "github.com/aws/aws-sdk-go/aws/credentials"
|
||||||
|
@ -45,8 +47,6 @@ import (
|
||||||
"github.com/aws/aws-sdk-go/service/s3"
|
"github.com/aws/aws-sdk-go/service/s3"
|
||||||
"github.com/aws/aws-sdk-go/service/sns"
|
"github.com/aws/aws-sdk-go/service/sns"
|
||||||
"github.com/aws/aws-sdk-go/service/sqs"
|
"github.com/aws/aws-sdk-go/service/sqs"
|
||||||
"net/http"
|
|
||||||
"crypto/tls"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type Config struct {
|
type Config struct {
|
||||||
|
@ -63,10 +63,10 @@ type Config struct {
|
||||||
|
|
||||||
DynamoDBEndpoint string
|
DynamoDBEndpoint string
|
||||||
KinesisEndpoint string
|
KinesisEndpoint string
|
||||||
Ec2Endpoint string
|
Ec2Endpoint string
|
||||||
IamEndpoint string
|
IamEndpoint string
|
||||||
ElbEndpoint string
|
ElbEndpoint string
|
||||||
Insecure bool
|
Insecure bool
|
||||||
}
|
}
|
||||||
|
|
||||||
type AWSClient struct {
|
type AWSClient struct {
|
||||||
|
@ -142,21 +142,21 @@ func (c *Config) Client() (interface{}, error) {
|
||||||
HTTPClient: cleanhttp.DefaultClient(),
|
HTTPClient: cleanhttp.DefaultClient(),
|
||||||
}
|
}
|
||||||
|
|
||||||
if c.Insecure {
|
if c.Insecure {
|
||||||
transport := awsConfig.HTTPClient.Transport.(*http.Transport)
|
transport := awsConfig.HTTPClient.Transport.(*http.Transport)
|
||||||
transport.TLSClientConfig = &tls.Config{
|
transport.TLSClientConfig = &tls.Config{
|
||||||
InsecureSkipVerify:true,
|
InsecureSkipVerify: true,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Println("[INFO] Initializing IAM Connection")
|
log.Println("[INFO] Initializing IAM Connection")
|
||||||
sess := session.New(awsConfig)
|
sess := session.New(awsConfig)
|
||||||
|
|
||||||
awsIamConfig := *awsConfig
|
awsIamConfig := *awsConfig
|
||||||
awsIamConfig.Endpoint = aws.String(c.IamEndpoint)
|
awsIamConfig.Endpoint = aws.String(c.IamEndpoint)
|
||||||
|
|
||||||
awsIamSess := session.New(&awsIamConfig)
|
awsIamSess := session.New(&awsIamConfig)
|
||||||
client.iamconn = iam.New(awsIamSess)
|
client.iamconn = iam.New(awsIamSess)
|
||||||
|
|
||||||
err = c.ValidateCredentials(client.iamconn)
|
err = c.ValidateCredentials(client.iamconn)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -184,12 +184,12 @@ func (c *Config) Client() (interface{}, error) {
|
||||||
client.dynamodbconn = dynamodb.New(dynamoSess)
|
client.dynamodbconn = dynamodb.New(dynamoSess)
|
||||||
|
|
||||||
log.Println("[INFO] Initializing ELB connection")
|
log.Println("[INFO] Initializing ELB connection")
|
||||||
awsElbConfig := *awsConfig
|
awsElbConfig := *awsConfig
|
||||||
awsElbConfig.Endpoint = aws.String(c.ElbEndpoint)
|
awsElbConfig.Endpoint = aws.String(c.ElbEndpoint)
|
||||||
|
|
||||||
awsElbSess := session.New(&awsElbConfig)
|
awsElbSess := session.New(&awsElbConfig)
|
||||||
|
|
||||||
client.elbconn = elb.New(awsElbSess)
|
client.elbconn = elb.New(awsElbSess)
|
||||||
|
|
||||||
log.Println("[INFO] Initializing S3 connection")
|
log.Println("[INFO] Initializing S3 connection")
|
||||||
client.s3conn = s3.New(sess)
|
client.s3conn = s3.New(sess)
|
||||||
|
@ -223,11 +223,11 @@ func (c *Config) Client() (interface{}, error) {
|
||||||
|
|
||||||
log.Println("[INFO] Initializing EC2 Connection")
|
log.Println("[INFO] Initializing EC2 Connection")
|
||||||
|
|
||||||
awsEc2Config := *awsConfig
|
awsEc2Config := *awsConfig
|
||||||
awsEc2Config.Endpoint = aws.String(c.Ec2Endpoint)
|
awsEc2Config.Endpoint = aws.String(c.Ec2Endpoint)
|
||||||
|
|
||||||
awsEc2Sess := session.New(&awsEc2Config)
|
awsEc2Sess := session.New(&awsEc2Config)
|
||||||
client.ec2conn = ec2.New(awsEc2Sess)
|
client.ec2conn = ec2.New(awsEc2Sess)
|
||||||
|
|
||||||
log.Println("[INFO] Initializing ECR Connection")
|
log.Println("[INFO] Initializing ECR Connection")
|
||||||
client.ecrconn = ecr.New(sess)
|
client.ecrconn = ecr.New(sess)
|
||||||
|
|
|
@ -1,6 +1,10 @@
|
||||||
package aws
|
package aws
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
|
"fmt"
|
||||||
|
|
||||||
|
"github.com/hashicorp/terraform/helper/hashcode"
|
||||||
"github.com/hashicorp/terraform/helper/mutexkv"
|
"github.com/hashicorp/terraform/helper/mutexkv"
|
||||||
"github.com/hashicorp/terraform/helper/schema"
|
"github.com/hashicorp/terraform/helper/schema"
|
||||||
"github.com/hashicorp/terraform/terraform"
|
"github.com/hashicorp/terraform/terraform"
|
||||||
|
@ -96,31 +100,14 @@ func Provider() terraform.ResourceProvider {
|
||||||
Default: "",
|
Default: "",
|
||||||
Description: descriptions["kinesis_endpoint"],
|
Description: descriptions["kinesis_endpoint"],
|
||||||
},
|
},
|
||||||
"iam_endpoint": &schema.Schema{
|
"endpoints": endpointsSchema(),
|
||||||
Type: schema.TypeString,
|
|
||||||
Optional: true,
|
|
||||||
Default: "",
|
|
||||||
Description: descriptions["iam_endpoint"],
|
|
||||||
},
|
|
||||||
|
|
||||||
"ec2_endpoint": &schema.Schema{
|
"insecure": &schema.Schema{
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeBool,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
Default: "",
|
Default: false,
|
||||||
Description: descriptions["ec2_endpoint"],
|
Description: descriptions["insecure"],
|
||||||
},
|
},
|
||||||
"elb_endpoint": &schema.Schema{
|
|
||||||
Type: schema.TypeString,
|
|
||||||
Optional: true,
|
|
||||||
Default: "",
|
|
||||||
Description: descriptions["elb_endpoint"],
|
|
||||||
},
|
|
||||||
"insecure": &schema.Schema{
|
|
||||||
Type: schema.TypeBool,
|
|
||||||
Optional: true,
|
|
||||||
Default: false,
|
|
||||||
Description: descriptions["insecure"],
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
|
|
||||||
ResourcesMap: map[string]*schema.Resource{
|
ResourcesMap: map[string]*schema.Resource{
|
||||||
|
@ -275,14 +262,15 @@ func init() {
|
||||||
"kinesis_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n" +
|
"kinesis_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n" +
|
||||||
"It's typically used to connect to kinesalite.",
|
"It's typically used to connect to kinesalite.",
|
||||||
|
|
||||||
"iam_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n",
|
"iam_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n",
|
||||||
|
|
||||||
"ec2_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n",
|
"ec2_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n",
|
||||||
|
|
||||||
"elb_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n",
|
"elb_endpoint": "Use this to override the default endpoint URL constructed from the `region`.\n",
|
||||||
|
|
||||||
"insecure" : "Explicitly allow the provider to perform \"insecure\" SSL requests. If omitted," +
|
"insecure": "Explicitly allow the provider to perform \"insecure\" SSL requests. If omitted," +
|
||||||
"default value is `false`",
|
"default value is `false`",
|
||||||
|
"default value is `false`",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -297,10 +285,16 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
|
||||||
MaxRetries: d.Get("max_retries").(int),
|
MaxRetries: d.Get("max_retries").(int),
|
||||||
DynamoDBEndpoint: d.Get("dynamodb_endpoint").(string),
|
DynamoDBEndpoint: d.Get("dynamodb_endpoint").(string),
|
||||||
KinesisEndpoint: d.Get("kinesis_endpoint").(string),
|
KinesisEndpoint: d.Get("kinesis_endpoint").(string),
|
||||||
IamEndpoint: d.Get("iam_endpoint").(string),
|
Insecure: d.Get("insecure").(bool),
|
||||||
Ec2Endpoint: d.Get("ec2_endpoint").(string),
|
}
|
||||||
ElbEndpoint: d.Get("elb_endpoint").(string),
|
|
||||||
Insecure: d.Get("insecure").(bool),
|
endpointsSet := d.Get("endpoints").(*schema.Set)
|
||||||
|
|
||||||
|
for _, endpointsSetI := range endpointsSet.List() {
|
||||||
|
endpoints := endpointsSetI.(map[string]interface{})
|
||||||
|
config.IamEndpoint = endpoints["iam"].(string)
|
||||||
|
config.Ec2Endpoint = endpoints["ec2"].(string)
|
||||||
|
config.ElbEndpoint = endpoints["elb"].(string)
|
||||||
}
|
}
|
||||||
|
|
||||||
if v, ok := d.GetOk("allowed_account_ids"); ok {
|
if v, ok := d.GetOk("allowed_account_ids"); ok {
|
||||||
|
@ -316,3 +310,45 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
|
||||||
|
|
||||||
// This is a global MutexKV for use within this plugin.
|
// This is a global MutexKV for use within this plugin.
|
||||||
var awsMutexKV = mutexkv.NewMutexKV()
|
var awsMutexKV = mutexkv.NewMutexKV()
|
||||||
|
|
||||||
|
func endpointsSchema() *schema.Schema {
|
||||||
|
return &schema.Schema{
|
||||||
|
Type: schema.TypeSet,
|
||||||
|
Optional: true,
|
||||||
|
Elem: &schema.Resource{
|
||||||
|
Schema: map[string]*schema.Schema{
|
||||||
|
"iam": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
Default: "",
|
||||||
|
Description: descriptions["iam_endpoint"],
|
||||||
|
},
|
||||||
|
|
||||||
|
"ec2": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
Default: "",
|
||||||
|
Description: descriptions["ec2_endpoint"],
|
||||||
|
},
|
||||||
|
|
||||||
|
"elb": &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
Default: "",
|
||||||
|
Description: descriptions["elb_endpoint"],
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Set: endpointsToHash,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func endpointsToHash(v interface{}) int {
|
||||||
|
var buf bytes.Buffer
|
||||||
|
m := v.(map[string]interface{})
|
||||||
|
buf.WriteString(fmt.Sprintf("%s-", m["iam"].(string)))
|
||||||
|
buf.WriteString(fmt.Sprintf("%s-", m["ec2"].(string)))
|
||||||
|
buf.WriteString(fmt.Sprintf("%s-", m["elb"].(string)))
|
||||||
|
|
||||||
|
return hashcode.String(buf.String())
|
||||||
|
}
|
||||||
|
|
|
@ -149,9 +149,6 @@ The following arguments are supported in the `provider` block:
|
||||||
URL constructed from the `region`. It's typically used to connect to
|
URL constructed from the `region`. It's typically used to connect to
|
||||||
custom ec2 endpoints.
|
custom ec2 endpoints.
|
||||||
|
|
||||||
* `elb_endpoint` - (Optional) Use this to override the default endpoint
|
|
||||||
URL constructed from the `region`. It's typically used to connect to
|
|
||||||
custom elb endpoints.
|
|
||||||
|
|
||||||
* `token` - (Optional) Use this to set an MFA token. It can also be
|
* `token` - (Optional) Use this to set an MFA token. It can also be
|
||||||
sourced from the `AWS_SECURITY_TOKEN` environment variable.
|
sourced from the `AWS_SECURITY_TOKEN` environment variable.
|
||||||
|
|
Loading…
Reference in New Issue