139 lines
3.4 KiB
Go
139 lines
3.4 KiB
Go
package aws
|
|
|
|
import (
|
|
"fmt"
|
|
"log"
|
|
|
|
"github.com/aws/aws-sdk-go/aws"
|
|
"github.com/aws/aws-sdk-go/aws/awserr"
|
|
dms "github.com/aws/aws-sdk-go/service/databasemigrationservice"
|
|
"github.com/hashicorp/terraform/helper/schema"
|
|
)
|
|
|
|
func resourceAwsDmsCertificate() *schema.Resource {
|
|
return &schema.Resource{
|
|
Create: resourceAwsDmsCertificateCreate,
|
|
Read: resourceAwsDmsCertificateRead,
|
|
Delete: resourceAwsDmsCertificateDelete,
|
|
|
|
Importer: &schema.ResourceImporter{
|
|
State: schema.ImportStatePassthrough,
|
|
},
|
|
|
|
Schema: map[string]*schema.Schema{
|
|
"certificate_arn": {
|
|
Type: schema.TypeString,
|
|
Computed: true,
|
|
},
|
|
"certificate_id": {
|
|
Type: schema.TypeString,
|
|
Required: true,
|
|
ForceNew: true,
|
|
ValidateFunc: validateDmsCertificateId,
|
|
},
|
|
"certificate_pem": {
|
|
Type: schema.TypeString,
|
|
Optional: true,
|
|
ForceNew: true,
|
|
Sensitive: true,
|
|
},
|
|
"certificate_wallet": {
|
|
Type: schema.TypeString,
|
|
Optional: true,
|
|
ForceNew: true,
|
|
Sensitive: true,
|
|
},
|
|
},
|
|
}
|
|
}
|
|
|
|
func resourceAwsDmsCertificateCreate(d *schema.ResourceData, meta interface{}) error {
|
|
conn := meta.(*AWSClient).dmsconn
|
|
|
|
request := &dms.ImportCertificateInput{
|
|
CertificateIdentifier: aws.String(d.Get("certificate_id").(string)),
|
|
}
|
|
|
|
pem, pemSet := d.GetOk("certificate_pem")
|
|
wallet, walletSet := d.GetOk("certificate_wallet")
|
|
|
|
if !pemSet && !walletSet {
|
|
return fmt.Errorf("Must set either certificate_pem and certificate_wallet.")
|
|
}
|
|
if pemSet && walletSet {
|
|
return fmt.Errorf("Cannot set both certificate_pem and certificate_wallet.")
|
|
}
|
|
|
|
if pemSet {
|
|
request.CertificatePem = aws.String(pem.(string))
|
|
}
|
|
if walletSet {
|
|
request.CertificateWallet = []byte(wallet.(string))
|
|
}
|
|
|
|
log.Println("[DEBUG] DMS import certificate:", request)
|
|
|
|
_, err := conn.ImportCertificate(request)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
d.SetId(d.Get("certificate_id").(string))
|
|
return resourceAwsDmsCertificateRead(d, meta)
|
|
}
|
|
|
|
func resourceAwsDmsCertificateRead(d *schema.ResourceData, meta interface{}) error {
|
|
conn := meta.(*AWSClient).dmsconn
|
|
|
|
response, err := conn.DescribeCertificates(&dms.DescribeCertificatesInput{
|
|
Filters: []*dms.Filter{
|
|
{
|
|
Name: aws.String("certificate-id"),
|
|
Values: []*string{aws.String(d.Id())}, // Must use d.Id() to work with import.
|
|
},
|
|
},
|
|
})
|
|
if err != nil {
|
|
if dmserr, ok := err.(awserr.Error); ok && dmserr.Code() == "ResourceNotFoundFault" {
|
|
d.SetId("")
|
|
return nil
|
|
}
|
|
return err
|
|
}
|
|
|
|
return resourceAwsDmsCertificateSetState(d, response.Certificates[0])
|
|
}
|
|
|
|
func resourceAwsDmsCertificateDelete(d *schema.ResourceData, meta interface{}) error {
|
|
conn := meta.(*AWSClient).dmsconn
|
|
|
|
request := &dms.DeleteCertificateInput{
|
|
CertificateArn: aws.String(d.Get("certificate_arn").(string)),
|
|
}
|
|
|
|
log.Printf("[DEBUG] DMS delete certificate: %#v", request)
|
|
|
|
_, err := conn.DeleteCertificate(request)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func resourceAwsDmsCertificateSetState(d *schema.ResourceData, cert *dms.Certificate) error {
|
|
d.SetId(*cert.CertificateIdentifier)
|
|
|
|
d.Set("certificate_id", cert.CertificateIdentifier)
|
|
d.Set("certificate_arn", cert.CertificateArn)
|
|
|
|
if cert.CertificatePem != nil && *cert.CertificatePem != "" {
|
|
d.Set("certificate_pem", cert.CertificatePem)
|
|
}
|
|
if cert.CertificateWallet != nil && len(cert.CertificateWallet) == 0 {
|
|
d.Set("certificate_wallet", cert.CertificateWallet)
|
|
}
|
|
|
|
return nil
|
|
}
|