diff --git a/.github/workflows/pull_requests.yml b/.github/workflows/pull_requests.yml deleted file mode 100644 index dd1a7bca8e2..00000000000 --- a/.github/workflows/pull_requests.yml +++ /dev/null @@ -1,15 +0,0 @@ -name: PR triage -on: - pull_request: - types: [opened] -jobs: - labelPRsForTriage: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1.0.0 - - name: Apply PR Triage Label - uses: actions/github@v1.0.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - args: label needs-triage diff --git a/.hashibot.hcl b/.hashibot.hcl index 2e07c9db8f1..759457f725a 100644 --- a/.hashibot.hcl +++ b/.hashibot.hcl @@ -134,7 +134,7 @@ behavior "regexp_issue_labeler_v2" "service_labels" { "aws_cloudsearch_", ], "service/cloudtrail" = [ - "aws_cloudtrail_", + "aws_cloudtrail", ], "service/cloudwatch" = [ "aws_cloudwatch_([^e]|e[^v]|ev[^e]|eve[^n]|even[^t]|event[^_]|[^l]|l[^o]|lo[^g]|log[^_])", @@ -536,7 +536,9 @@ behavior "pull_request_path_labeler" "service_labels" { ] "service/apigateway" = [ "**/*_api_gateway_[^v][^2][^_]*", - "**/api_gateway_[^v][^2][^_]*" + "**/*_api_gateway_vpc_link*", + "**/api_gateway_[^v][^2][^_]*", + "**/api_gateway_vpc_link*" ] "service/apigatewayv2" = [ "**/*_api_gateway_v2_*", @@ -567,7 +569,7 @@ behavior "pull_request_path_labeler" "service_labels" { "**/appsync_*" ] "service/athena" = [ - "service/athena", + "**/*_athena_*", "**/athena_*" ] "service/autoscaling" = [ @@ -617,8 +619,8 @@ behavior "pull_request_path_labeler" "service_labels" { "**/cloudsearch_*" ] "service/cloudtrail" = [ - "**/*_cloudtrail_*", - "**/cloudtrail_*" + "**/*_cloudtrail*", + "**/cloudtrail*" ] "service/cloudwatch" = [ "**/*_cloudwatch_dashboard*", @@ -977,6 +979,10 @@ behavior "pull_request_path_labeler" "service_labels" { "**/*_pricing_*", "**/pricing_*" ] + "service/qldb" = [ + "**/*_qldb_*", + "**/qldb_*" + ] "service/quicksight" = [ "**/*_quicksight_*", "**/quicksight_*" @@ -1020,8 +1026,8 @@ behavior "pull_request_path_labeler" "service_labels" { "**/route53_domains_*" ] "service/route53resolver" = [ - "**/*_route53resolver_*", - "**/route53resolver_*" + "**/*_route53_resolver_*", + "**/route53_resolver_*" ] "service/s3" = [ "**/*_s3_bucket*", diff --git a/CHANGELOG.md b/CHANGELOG.md index ea1470dbc5c..38b3b57399b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ ENHANCEMENTS: * data-source/aws_db_instance: Add `tags` attribute [GH-10550] * data-source/aws_vpc_endpoint: Add `filter` and `tags` arguments [GH-10503] * provider: Add `ignore_tag_prefixes` and `ignore_tags` arguments (in public preview, see note above) [GH-10418] +* resource/aws_acmpca_certificate_authority: Support tagging on creation [GH-10736] * resource/aws_api_gateway_api_key: Add `tags` argument and `arn` attribute [GH-10568] * resource/aws_api_gateway_client_certificate: Add `tags` argument and `arn` attribute [GH-10569] * resource/aws_api_gateway_domain_name: Add `tags` argument and `arn` attribute [GH-10567] diff --git a/aws/data_source_aws_ami.go b/aws/data_source_aws_ami.go index 716ea6e4a00..5cfd3c464e6 100644 --- a/aws/data_source_aws_ami.go +++ b/aws/data_source_aws_ami.go @@ -13,6 +13,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/hashcode" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) func dataSourceAwsAmi() *schema.Resource { @@ -290,8 +291,8 @@ func amiDescriptionAttributes(d *schema.ResourceData, image *ec2.Image) error { if err := d.Set("state_reason", amiStateReason(image.StateReason)); err != nil { return err } - if err := d.Set("tags", tagsToMap(image.Tags)); err != nil { - return err + if err := d.Set("tags", keyvaluetags.Ec2KeyValueTags(image.Tags).IgnoreAws().Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) } return nil } diff --git a/aws/data_source_aws_ami_test.go b/aws/data_source_aws_ami_test.go index bfc0c7a0113..a5d06a3b78b 100644 --- a/aws/data_source_aws_ami_test.go +++ b/aws/data_source_aws_ami_test.go @@ -10,6 +10,7 @@ import ( ) func TestAccAWSAmiDataSource_natInstance(t *testing.T) { + resourceName := "data.aws_ami.nat_ami" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -17,7 +18,7 @@ func TestAccAWSAmiDataSource_natInstance(t *testing.T) { { Config: testAccCheckAwsAmiDataSourceConfig, Check: resource.ComposeTestCheckFunc( - testAccCheckAwsAmiDataSourceID("data.aws_ami.nat_ami"), + testAccCheckAwsAmiDataSourceID(resourceName), // Check attributes. Some attributes are tough to test - any not contained here should not be considered // stable and should not be used in interpolation. Exception to block_device_mappings which should both // show up consistently and break if certain references are not available. However modification of the @@ -25,35 +26,36 @@ func TestAccAWSAmiDataSource_natInstance(t *testing.T) { // deep inspection is not included, simply the count is checked. // Tags and product codes may need more testing, but I'm having a hard time finding images with // these attributes set. - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "architecture", "x86_64"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "block_device_mappings.#", "1"), - resource.TestMatchResourceAttr("data.aws_ami.nat_ami", "creation_date", regexp.MustCompile("^20[0-9]{2}-")), - resource.TestMatchResourceAttr("data.aws_ami.nat_ami", "description", regexp.MustCompile("^Amazon Linux AMI")), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "hypervisor", "xen"), - resource.TestMatchResourceAttr("data.aws_ami.nat_ami", "image_id", regexp.MustCompile("^ami-")), - resource.TestMatchResourceAttr("data.aws_ami.nat_ami", "image_location", regexp.MustCompile("^amazon/")), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "image_owner_alias", "amazon"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "image_type", "machine"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "most_recent", "true"), - resource.TestMatchResourceAttr("data.aws_ami.nat_ami", "name", regexp.MustCompile("^amzn-ami-vpc-nat")), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "owner_id", "137112412989"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "public", "true"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "product_codes.#", "0"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "root_device_name", "/dev/xvda"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "root_device_type", "ebs"), - resource.TestMatchResourceAttr("data.aws_ami.nat_ami", "root_snapshot_id", regexp.MustCompile("^snap-")), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "sriov_net_support", "simple"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "state", "available"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "state_reason.code", "UNSET"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "state_reason.message", "UNSET"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "tags.%", "0"), - resource.TestCheckResourceAttr("data.aws_ami.nat_ami", "virtualization_type", "hvm"), + resource.TestCheckResourceAttr(resourceName, "architecture", "x86_64"), + resource.TestCheckResourceAttr(resourceName, "block_device_mappings.#", "1"), + resource.TestMatchResourceAttr(resourceName, "creation_date", regexp.MustCompile("^20[0-9]{2}-")), + resource.TestMatchResourceAttr(resourceName, "description", regexp.MustCompile("^Amazon Linux AMI")), + resource.TestCheckResourceAttr(resourceName, "hypervisor", "xen"), + resource.TestMatchResourceAttr(resourceName, "image_id", regexp.MustCompile("^ami-")), + resource.TestMatchResourceAttr(resourceName, "image_location", regexp.MustCompile("^amazon/")), + resource.TestCheckResourceAttr(resourceName, "image_owner_alias", "amazon"), + resource.TestCheckResourceAttr(resourceName, "image_type", "machine"), + resource.TestCheckResourceAttr(resourceName, "most_recent", "true"), + resource.TestMatchResourceAttr(resourceName, "name", regexp.MustCompile("^amzn-ami-vpc-nat")), + resource.TestCheckResourceAttr(resourceName, "owner_id", "137112412989"), + resource.TestCheckResourceAttr(resourceName, "public", "true"), + resource.TestCheckResourceAttr(resourceName, "product_codes.#", "0"), + resource.TestCheckResourceAttr(resourceName, "root_device_name", "/dev/xvda"), + resource.TestCheckResourceAttr(resourceName, "root_device_type", "ebs"), + resource.TestMatchResourceAttr(resourceName, "root_snapshot_id", regexp.MustCompile("^snap-")), + resource.TestCheckResourceAttr(resourceName, "sriov_net_support", "simple"), + resource.TestCheckResourceAttr(resourceName, "state", "available"), + resource.TestCheckResourceAttr(resourceName, "state_reason.code", "UNSET"), + resource.TestCheckResourceAttr(resourceName, "state_reason.message", "UNSET"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), + resource.TestCheckResourceAttr(resourceName, "virtualization_type", "hvm"), ), }, }, }) } func TestAccAWSAmiDataSource_windowsInstance(t *testing.T) { + resourceName := "data.aws_ami.windows_ami" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -61,31 +63,31 @@ func TestAccAWSAmiDataSource_windowsInstance(t *testing.T) { { Config: testAccCheckAwsAmiDataSourceWindowsConfig, Check: resource.ComposeTestCheckFunc( - testAccCheckAwsAmiDataSourceID("data.aws_ami.windows_ami"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "architecture", "x86_64"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "block_device_mappings.#", "27"), - resource.TestMatchResourceAttr("data.aws_ami.windows_ami", "creation_date", regexp.MustCompile("^20[0-9]{2}-")), - resource.TestMatchResourceAttr("data.aws_ami.windows_ami", "description", regexp.MustCompile("^Microsoft Windows Server")), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "hypervisor", "xen"), - resource.TestMatchResourceAttr("data.aws_ami.windows_ami", "image_id", regexp.MustCompile("^ami-")), - resource.TestMatchResourceAttr("data.aws_ami.windows_ami", "image_location", regexp.MustCompile("^amazon/")), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "image_owner_alias", "amazon"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "image_type", "machine"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "most_recent", "true"), - resource.TestMatchResourceAttr("data.aws_ami.windows_ami", "name", regexp.MustCompile("^Windows_Server-2012-R2")), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "owner_id", "801119661308"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "platform", "windows"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "public", "true"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "product_codes.#", "0"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "root_device_name", "/dev/sda1"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "root_device_type", "ebs"), - resource.TestMatchResourceAttr("data.aws_ami.windows_ami", "root_snapshot_id", regexp.MustCompile("^snap-")), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "sriov_net_support", "simple"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "state", "available"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "state_reason.code", "UNSET"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "state_reason.message", "UNSET"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "tags.%", "0"), - resource.TestCheckResourceAttr("data.aws_ami.windows_ami", "virtualization_type", "hvm"), + testAccCheckAwsAmiDataSourceID(resourceName), + resource.TestCheckResourceAttr(resourceName, "architecture", "x86_64"), + resource.TestCheckResourceAttr(resourceName, "block_device_mappings.#", "27"), + resource.TestMatchResourceAttr(resourceName, "creation_date", regexp.MustCompile("^20[0-9]{2}-")), + resource.TestMatchResourceAttr(resourceName, "description", regexp.MustCompile("^Microsoft Windows Server")), + resource.TestCheckResourceAttr(resourceName, "hypervisor", "xen"), + resource.TestMatchResourceAttr(resourceName, "image_id", regexp.MustCompile("^ami-")), + resource.TestMatchResourceAttr(resourceName, "image_location", regexp.MustCompile("^amazon/")), + resource.TestCheckResourceAttr(resourceName, "image_owner_alias", "amazon"), + resource.TestCheckResourceAttr(resourceName, "image_type", "machine"), + resource.TestCheckResourceAttr(resourceName, "most_recent", "true"), + resource.TestMatchResourceAttr(resourceName, "name", regexp.MustCompile("^Windows_Server-2012-R2")), + resource.TestCheckResourceAttr(resourceName, "owner_id", "801119661308"), + resource.TestCheckResourceAttr(resourceName, "platform", "windows"), + resource.TestCheckResourceAttr(resourceName, "public", "true"), + resource.TestCheckResourceAttr(resourceName, "product_codes.#", "0"), + resource.TestCheckResourceAttr(resourceName, "root_device_name", "/dev/sda1"), + resource.TestCheckResourceAttr(resourceName, "root_device_type", "ebs"), + resource.TestMatchResourceAttr(resourceName, "root_snapshot_id", regexp.MustCompile("^snap-")), + resource.TestCheckResourceAttr(resourceName, "sriov_net_support", "simple"), + resource.TestCheckResourceAttr(resourceName, "state", "available"), + resource.TestCheckResourceAttr(resourceName, "state_reason.code", "UNSET"), + resource.TestCheckResourceAttr(resourceName, "state_reason.message", "UNSET"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), + resource.TestCheckResourceAttr(resourceName, "virtualization_type", "hvm"), ), }, }, @@ -93,6 +95,7 @@ func TestAccAWSAmiDataSource_windowsInstance(t *testing.T) { } func TestAccAWSAmiDataSource_instanceStore(t *testing.T) { + resourceName := "data.aws_ami.instance_store_ami" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -100,27 +103,27 @@ func TestAccAWSAmiDataSource_instanceStore(t *testing.T) { { Config: testAccCheckAwsAmiDataSourceInstanceStoreConfig, Check: resource.ComposeTestCheckFunc( - testAccCheckAwsAmiDataSourceID("data.aws_ami.instance_store_ami"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "architecture", "x86_64"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "block_device_mappings.#", "0"), - resource.TestMatchResourceAttr("data.aws_ami.instance_store_ami", "creation_date", regexp.MustCompile("^20[0-9]{2}-")), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "hypervisor", "xen"), - resource.TestMatchResourceAttr("data.aws_ami.instance_store_ami", "image_id", regexp.MustCompile("^ami-")), - resource.TestMatchResourceAttr("data.aws_ami.instance_store_ami", "image_location", regexp.MustCompile("ubuntu-trusty-14.04-amd64-server")), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "image_type", "machine"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "most_recent", "true"), - resource.TestMatchResourceAttr("data.aws_ami.instance_store_ami", "name", regexp.MustCompile("^ubuntu/images/hvm-instance/ubuntu-trusty-14.04-amd64-server")), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "owner_id", "099720109477"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "public", "true"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "product_codes.#", "0"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "root_device_type", "instance-store"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "root_snapshot_id", ""), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "sriov_net_support", "simple"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "state", "available"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "state_reason.code", "UNSET"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "state_reason.message", "UNSET"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "tags.%", "0"), - resource.TestCheckResourceAttr("data.aws_ami.instance_store_ami", "virtualization_type", "hvm"), + testAccCheckAwsAmiDataSourceID(resourceName), + resource.TestCheckResourceAttr(resourceName, "architecture", "x86_64"), + resource.TestCheckResourceAttr(resourceName, "block_device_mappings.#", "0"), + resource.TestMatchResourceAttr(resourceName, "creation_date", regexp.MustCompile("^20[0-9]{2}-")), + resource.TestCheckResourceAttr(resourceName, "hypervisor", "xen"), + resource.TestMatchResourceAttr(resourceName, "image_id", regexp.MustCompile("^ami-")), + resource.TestMatchResourceAttr(resourceName, "image_location", regexp.MustCompile("ubuntu-trusty-14.04-amd64-server")), + resource.TestCheckResourceAttr(resourceName, "image_type", "machine"), + resource.TestCheckResourceAttr(resourceName, "most_recent", "true"), + resource.TestMatchResourceAttr(resourceName, "name", regexp.MustCompile("^ubuntu/images/hvm-instance/ubuntu-trusty-14.04-amd64-server")), + resource.TestCheckResourceAttr(resourceName, "owner_id", "099720109477"), + resource.TestCheckResourceAttr(resourceName, "public", "true"), + resource.TestCheckResourceAttr(resourceName, "product_codes.#", "0"), + resource.TestCheckResourceAttr(resourceName, "root_device_type", "instance-store"), + resource.TestCheckResourceAttr(resourceName, "root_snapshot_id", ""), + resource.TestCheckResourceAttr(resourceName, "sriov_net_support", "simple"), + resource.TestCheckResourceAttr(resourceName, "state", "available"), + resource.TestCheckResourceAttr(resourceName, "state_reason.code", "UNSET"), + resource.TestCheckResourceAttr(resourceName, "state_reason.message", "UNSET"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), + resource.TestCheckResourceAttr(resourceName, "virtualization_type", "hvm"), ), }, }, diff --git a/aws/internal/keyvaluetags/generators/listtags/main.go b/aws/internal/keyvaluetags/generators/listtags/main.go index 172834073ba..92c0a8ca642 100644 --- a/aws/internal/keyvaluetags/generators/listtags/main.go +++ b/aws/internal/keyvaluetags/generators/listtags/main.go @@ -28,6 +28,7 @@ var serviceNames = []string{ "cloudhsmv2", "cloudwatch", "cloudwatchevents", + "cloudwatchlogs", "codecommit", "codedeploy", "codepipeline", @@ -79,6 +80,7 @@ var serviceNames = []string{ "securityhub", "sfn", "sns", + "sqs", "ssm", "storagegateway", "swf", @@ -192,6 +194,8 @@ func ServiceListTagsFunction(serviceName string) string { return "ListTags" case "cloudhsmv2": return "ListTags" + case "cloudwatchlogs": + return "ListTagsLogGroup" case "dax": return "ListTags" case "dynamodb": @@ -220,6 +224,8 @@ func ServiceListTagsFunction(serviceName string) string { return "GetTags" case "sagemaker": return "ListTags" + case "sqs": + return "ListQueueTags" case "workspaces": return "DescribeTags" default: @@ -242,6 +248,8 @@ func ServiceListTagsInputIdentifierField(serviceName string) string { return "ResourceARN" case "cloudwatchevents": return "ResourceARN" + case "cloudwatchlogs": + return "LogGroupName" case "dax": return "ResourceName" case "devicefarm": @@ -282,6 +290,8 @@ func ServiceListTagsInputIdentifierField(serviceName string) string { return "ResourceName" case "resourcegroups": return "Arn" + case "sqs": + return "QueueUrl" case "ssm": return "ResourceId" case "storagegateway": diff --git a/aws/internal/keyvaluetags/generators/updatetags/main.go b/aws/internal/keyvaluetags/generators/updatetags/main.go index fa30e9a8595..524f2549916 100644 --- a/aws/internal/keyvaluetags/generators/updatetags/main.go +++ b/aws/internal/keyvaluetags/generators/updatetags/main.go @@ -30,6 +30,7 @@ var serviceNames = []string{ "cloudhsmv2", "cloudwatch", "cloudwatchevents", + "cloudwatchlogs", "codecommit", "codedeploy", "codepipeline", @@ -87,6 +88,7 @@ var serviceNames = []string{ "securityhub", "sfn", "sns", + "sqs", "ssm", "storagegateway", "swf", @@ -231,6 +233,8 @@ func ServiceTagFunction(serviceName string) string { return "AddTagsToCertificate" case "acmpca": return "TagCertificateAuthority" + case "cloudwatchlogs": + return "TagLogGroup" case "databasemigrationservice": return "AddTagsToResource" case "datapipeline": @@ -267,6 +271,8 @@ func ServiceTagFunction(serviceName string) string { return "Tag" case "sagemaker": return "AddTags" + case "sqs": + return "TagQueue" case "ssm": return "AddTagsToResource" case "storagegateway": @@ -293,6 +299,8 @@ func ServiceTagInputIdentifierField(serviceName string) string { return "ResourceARN" case "cloudwatchevents": return "ResourceARN" + case "cloudwatchlogs": + return "LogGroupName" case "datapipeline": return "PipelineId" case "dax": @@ -347,6 +355,8 @@ func ServiceTagInputIdentifierField(serviceName string) string { return "Arn" case "secretsmanager": return "SecretId" + case "sqs": + return "QueueUrl" case "ssm": return "ResourceId" case "storagegateway": @@ -405,6 +415,8 @@ func ServiceUntagFunction(serviceName string) string { return "RemoveTagsFromCertificate" case "acmpca": return "UntagCertificateAuthority" + case "cloudwatchlogs": + return "UntagLogGroup" case "databasemigrationservice": return "RemoveTagsFromResource" case "datapipeline": @@ -441,6 +453,8 @@ func ServiceUntagFunction(serviceName string) string { return "Untag" case "sagemaker": return "DeleteTags" + case "sqs": + return "UntagQueue" case "ssm": return "RemoveTagsFromResource" case "storagegateway": @@ -477,6 +491,8 @@ func ServiceUntagInputTagsField(serviceName string) string { return "TagKeyList" case "cloudhsmv2": return "TagKeyList" + case "cloudwatchlogs": + return "Tags" case "datasync": return "Keys" case "ec2": diff --git a/aws/internal/keyvaluetags/list_tags_gen.go b/aws/internal/keyvaluetags/list_tags_gen.go index 52a03874a94..5765d2b3268 100644 --- a/aws/internal/keyvaluetags/list_tags_gen.go +++ b/aws/internal/keyvaluetags/list_tags_gen.go @@ -15,6 +15,7 @@ import ( "github.com/aws/aws-sdk-go/service/cloudhsmv2" "github.com/aws/aws-sdk-go/service/cloudwatch" "github.com/aws/aws-sdk-go/service/cloudwatchevents" + "github.com/aws/aws-sdk-go/service/cloudwatchlogs" "github.com/aws/aws-sdk-go/service/codecommit" "github.com/aws/aws-sdk-go/service/codedeploy" "github.com/aws/aws-sdk-go/service/codepipeline" @@ -66,6 +67,7 @@ import ( "github.com/aws/aws-sdk-go/service/securityhub" "github.com/aws/aws-sdk-go/service/sfn" "github.com/aws/aws-sdk-go/service/sns" + "github.com/aws/aws-sdk-go/service/sqs" "github.com/aws/aws-sdk-go/service/ssm" "github.com/aws/aws-sdk-go/service/storagegateway" "github.com/aws/aws-sdk-go/service/swf" @@ -261,6 +263,23 @@ func CloudwatcheventsListTags(conn *cloudwatchevents.CloudWatchEvents, identifie return CloudwatcheventsKeyValueTags(output.Tags), nil } +// CloudwatchlogsListTags lists cloudwatchlogs service tags. +// The identifier is typically the Amazon Resource Name (ARN), although +// it may also be a different identifier depending on the service. +func CloudwatchlogsListTags(conn *cloudwatchlogs.CloudWatchLogs, identifier string) (KeyValueTags, error) { + input := &cloudwatchlogs.ListTagsLogGroupInput{ + LogGroupName: aws.String(identifier), + } + + output, err := conn.ListTagsLogGroup(input) + + if err != nil { + return New(nil), err + } + + return CloudwatchlogsKeyValueTags(output.Tags), nil +} + // CodecommitListTags lists codecommit service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. @@ -1128,6 +1147,23 @@ func SnsListTags(conn *sns.SNS, identifier string) (KeyValueTags, error) { return SnsKeyValueTags(output.Tags), nil } +// SqsListTags lists sqs service tags. +// The identifier is typically the Amazon Resource Name (ARN), although +// it may also be a different identifier depending on the service. +func SqsListTags(conn *sqs.SQS, identifier string) (KeyValueTags, error) { + input := &sqs.ListQueueTagsInput{ + QueueUrl: aws.String(identifier), + } + + output, err := conn.ListQueueTags(input) + + if err != nil { + return New(nil), err + } + + return SqsKeyValueTags(output.Tags), nil +} + // SsmListTags lists ssm service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. diff --git a/aws/internal/keyvaluetags/service_generation_customizations.go b/aws/internal/keyvaluetags/service_generation_customizations.go index 60eea88b476..0b3c2eca82e 100644 --- a/aws/internal/keyvaluetags/service_generation_customizations.go +++ b/aws/internal/keyvaluetags/service_generation_customizations.go @@ -20,6 +20,7 @@ import ( "github.com/aws/aws-sdk-go/service/cloudhsmv2" "github.com/aws/aws-sdk-go/service/cloudwatch" "github.com/aws/aws-sdk-go/service/cloudwatchevents" + "github.com/aws/aws-sdk-go/service/cloudwatchlogs" "github.com/aws/aws-sdk-go/service/codecommit" "github.com/aws/aws-sdk-go/service/codedeploy" "github.com/aws/aws-sdk-go/service/codepipeline" @@ -81,6 +82,7 @@ import ( "github.com/aws/aws-sdk-go/service/securityhub" "github.com/aws/aws-sdk-go/service/sfn" "github.com/aws/aws-sdk-go/service/sns" + "github.com/aws/aws-sdk-go/service/sqs" "github.com/aws/aws-sdk-go/service/ssm" "github.com/aws/aws-sdk-go/service/storagegateway" "github.com/aws/aws-sdk-go/service/swf" @@ -124,6 +126,8 @@ func ServiceClientType(serviceName string) string { funcType = reflect.TypeOf(cloudwatch.New) case "cloudwatchevents": funcType = reflect.TypeOf(cloudwatchevents.New) + case "cloudwatchlogs": + funcType = reflect.TypeOf(cloudwatchlogs.New) case "codecommit": funcType = reflect.TypeOf(codecommit.New) case "codedeploy": @@ -246,6 +250,8 @@ func ServiceClientType(serviceName string) string { funcType = reflect.TypeOf(sfn.New) case "sns": funcType = reflect.TypeOf(sns.New) + case "sqs": + funcType = reflect.TypeOf(sqs.New) case "ssm": funcType = reflect.TypeOf(ssm.New) case "storagegateway": diff --git a/aws/internal/keyvaluetags/update_tags_gen.go b/aws/internal/keyvaluetags/update_tags_gen.go index 8570c0aa3ae..6b10dccda20 100644 --- a/aws/internal/keyvaluetags/update_tags_gen.go +++ b/aws/internal/keyvaluetags/update_tags_gen.go @@ -19,6 +19,7 @@ import ( "github.com/aws/aws-sdk-go/service/cloudhsmv2" "github.com/aws/aws-sdk-go/service/cloudwatch" "github.com/aws/aws-sdk-go/service/cloudwatchevents" + "github.com/aws/aws-sdk-go/service/cloudwatchlogs" "github.com/aws/aws-sdk-go/service/codecommit" "github.com/aws/aws-sdk-go/service/codedeploy" "github.com/aws/aws-sdk-go/service/codepipeline" @@ -76,6 +77,7 @@ import ( "github.com/aws/aws-sdk-go/service/securityhub" "github.com/aws/aws-sdk-go/service/sfn" "github.com/aws/aws-sdk-go/service/sns" + "github.com/aws/aws-sdk-go/service/sqs" "github.com/aws/aws-sdk-go/service/ssm" "github.com/aws/aws-sdk-go/service/storagegateway" "github.com/aws/aws-sdk-go/service/swf" @@ -552,6 +554,42 @@ func CloudwatcheventsUpdateTags(conn *cloudwatchevents.CloudWatchEvents, identif return nil } +// CloudwatchlogsUpdateTags updates cloudwatchlogs service tags. +// The identifier is typically the Amazon Resource Name (ARN), although +// it may also be a different identifier depending on the service. +func CloudwatchlogsUpdateTags(conn *cloudwatchlogs.CloudWatchLogs, identifier string, oldTagsMap interface{}, newTagsMap interface{}) error { + oldTags := New(oldTagsMap) + newTags := New(newTagsMap) + + if removedTags := oldTags.Removed(newTags); len(removedTags) > 0 { + input := &cloudwatchlogs.UntagLogGroupInput{ + LogGroupName: aws.String(identifier), + Tags: aws.StringSlice(removedTags.Keys()), + } + + _, err := conn.UntagLogGroup(input) + + if err != nil { + return fmt.Errorf("error untagging resource (%s): %w", identifier, err) + } + } + + if updatedTags := oldTags.Updated(newTags); len(updatedTags) > 0 { + input := &cloudwatchlogs.TagLogGroupInput{ + LogGroupName: aws.String(identifier), + Tags: updatedTags.IgnoreAws().CloudwatchlogsTags(), + } + + _, err := conn.TagLogGroup(input) + + if err != nil { + return fmt.Errorf("error tagging resource (%s): %w", identifier, err) + } + } + + return nil +} + // CodecommitUpdateTags updates codecommit service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. @@ -2604,6 +2642,42 @@ func SnsUpdateTags(conn *sns.SNS, identifier string, oldTagsMap interface{}, new return nil } +// SqsUpdateTags updates sqs service tags. +// The identifier is typically the Amazon Resource Name (ARN), although +// it may also be a different identifier depending on the service. +func SqsUpdateTags(conn *sqs.SQS, identifier string, oldTagsMap interface{}, newTagsMap interface{}) error { + oldTags := New(oldTagsMap) + newTags := New(newTagsMap) + + if removedTags := oldTags.Removed(newTags); len(removedTags) > 0 { + input := &sqs.UntagQueueInput{ + QueueUrl: aws.String(identifier), + TagKeys: aws.StringSlice(removedTags.Keys()), + } + + _, err := conn.UntagQueue(input) + + if err != nil { + return fmt.Errorf("error untagging resource (%s): %w", identifier, err) + } + } + + if updatedTags := oldTags.Updated(newTags); len(updatedTags) > 0 { + input := &sqs.TagQueueInput{ + QueueUrl: aws.String(identifier), + Tags: updatedTags.IgnoreAws().SqsTags(), + } + + _, err := conn.TagQueue(input) + + if err != nil { + return fmt.Errorf("error tagging resource (%s): %w", identifier, err) + } + } + + return nil +} + // SsmUpdateTags updates ssm service tags. // The identifier is typically the Amazon Resource Name (ARN), although // it may also be a different identifier depending on the service. diff --git a/aws/resource_aws_acm_certificate.go b/aws/resource_aws_acm_certificate.go index c20764e4ae7..4c1eaad56d5 100644 --- a/aws/resource_aws_acm_certificate.go +++ b/aws/resource_aws_acm_certificate.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) func resourceAwsAcmCertificate() *schema.Resource { @@ -174,15 +175,9 @@ func resourceAwsAcmCertificateCreateImported(d *schema.ResourceData, meta interf } d.SetId(*resp.CertificateArn) - if v, ok := d.GetOk("tags"); ok { - params := &acm.AddTagsToCertificateInput{ - CertificateArn: resp.CertificateArn, - Tags: tagsFromMapACM(v.(map[string]interface{})), - } - _, err := acmconn.AddTagsToCertificate(params) - - if err != nil { - return fmt.Errorf("Error requesting certificate: %s", err) + if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { + if err := keyvaluetags.AcmUpdateTags(acmconn, d.Id(), nil, v); err != nil { + return fmt.Errorf("error adding tags: %s", err) } } @@ -221,15 +216,9 @@ func resourceAwsAcmCertificateCreateRequested(d *schema.ResourceData, meta inter } d.SetId(*resp.CertificateArn) - if v, ok := d.GetOk("tags"); ok { - params := &acm.AddTagsToCertificateInput{ - CertificateArn: resp.CertificateArn, - Tags: tagsFromMapACM(v.(map[string]interface{})), - } - _, err := acmconn.AddTagsToCertificate(params) - - if err != nil { - return fmt.Errorf("Error requesting certificate: %s", err) + if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { + if err := keyvaluetags.AcmUpdateTags(acmconn, d.Id(), nil, v); err != nil { + return fmt.Errorf("error adding tags: %s", err) } } @@ -281,16 +270,14 @@ func resourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) err return resource.NonRetryableError(fmt.Errorf("error setting certificate options: %s", err)) } - params := &acm.ListTagsForCertificateInput{ - CertificateArn: aws.String(d.Id()), - } + tags, err := keyvaluetags.AcmListTags(acmconn, d.Id()) - tagResp, err := acmconn.ListTagsForCertificate(params) if err != nil { - return resource.NonRetryableError(fmt.Errorf("error listing tags for certificate (%s): %s", d.Id(), err)) + return resource.NonRetryableError(fmt.Errorf("error listing tags for ACM Certificate (%s): %s", d.Id(), err)) } - if err := d.Set("tags", tagsToMapACM(tagResp.Tags)); err != nil { - return resource.NonRetryableError(err) + + if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil { + return resource.NonRetryableError(fmt.Errorf("error setting tags: %s", err)) } return nil @@ -319,9 +306,9 @@ func resourceAwsAcmCertificateUpdate(d *schema.ResourceData, meta interface{}) e } if d.HasChange("tags") { - err := setTagsACM(acmconn, d) - if err != nil { - return err + o, n := d.GetChange("tags") + if err := keyvaluetags.AcmUpdateTags(acmconn, d.Id(), o, n); err != nil { + return fmt.Errorf("error updating tags: %s", err) } } return resourceAwsAcmCertificateRead(d, meta) diff --git a/aws/resource_aws_acm_certificate_test.go b/aws/resource_aws_acm_certificate_test.go index 694d02c30ec..0705c37800e 100644 --- a/aws/resource_aws_acm_certificate_test.go +++ b/aws/resource_aws_acm_certificate_test.go @@ -52,6 +52,7 @@ func testAccAwsAcmCertificateRandomSubDomain(rootDomain string) string { } func TestAccAWSAcmCertificate_emailValidation(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -63,16 +64,16 @@ func TestAccAWSAcmCertificate_emailValidation(t *testing.T) { { Config: testAccAcmCertificateConfig(domain, acm.ValidationMethodEmail), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", domain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "validation_emails.0", regexp.MustCompile(`^[^@]+@.+$`)), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodEmail), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", domain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "0"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestMatchResourceAttr(resourceName, "validation_emails.0", regexp.MustCompile(`^[^@]+@.+$`)), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodEmail), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -82,6 +83,7 @@ func TestAccAWSAcmCertificate_emailValidation(t *testing.T) { } func TestAccAWSAcmCertificate_dnsValidation(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -93,20 +95,20 @@ func TestAccAWSAcmCertificate_dnsValidation(t *testing.T) { { Config: testAccAcmCertificateConfig(domain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", domain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", domain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", domain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", domain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -115,6 +117,7 @@ func TestAccAWSAcmCertificate_dnsValidation(t *testing.T) { } func TestAccAWSAcmCertificate_root(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) resource.ParallelTest(t, resource.TestCase{ @@ -125,20 +128,20 @@ func TestAccAWSAcmCertificate_root(t *testing.T) { { Config: testAccAcmCertificateConfig(rootDomain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", rootDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", rootDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", rootDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", rootDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -212,6 +215,7 @@ func TestAccAWSAcmCertificate_root_TrailingPeriod(t *testing.T) { } func TestAccAWSAcmCertificate_rootAndWildcardSan(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) wildcardDomain := fmt.Sprintf("*.%s", rootDomain) @@ -223,25 +227,25 @@ func TestAccAWSAcmCertificate_rootAndWildcardSan(t *testing.T) { { Config: testAccAcmCertificateConfig_subjectAlternativeNames(rootDomain, strconv.Quote(wildcardDomain), acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", rootDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", rootDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.domain_name", wildcardDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.0", wildcardDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", rootDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "2"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", rootDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.domain_name", wildcardDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", wildcardDomain), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -250,6 +254,7 @@ func TestAccAWSAcmCertificate_rootAndWildcardSan(t *testing.T) { } func TestAccAWSAcmCertificate_san_single(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) sanDomain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -262,25 +267,25 @@ func TestAccAWSAcmCertificate_san_single(t *testing.T) { { Config: testAccAcmCertificateConfig_subjectAlternativeNames(domain, strconv.Quote(sanDomain), acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", domain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", domain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.domain_name", sanDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.0", sanDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", domain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "2"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", domain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.domain_name", sanDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", sanDomain), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -289,6 +294,7 @@ func TestAccAWSAcmCertificate_san_single(t *testing.T) { } func TestAccAWSAcmCertificate_san_multiple(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) sanDomain1 := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -302,30 +308,30 @@ func TestAccAWSAcmCertificate_san_multiple(t *testing.T) { { Config: testAccAcmCertificateConfig_subjectAlternativeNames(domain, fmt.Sprintf("%q, %q", sanDomain1, sanDomain2), acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", domain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "3"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", domain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.domain_name", sanDomain1), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.2.domain_name", sanDomain2), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.2.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.2.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.2.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.0", sanDomain1), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.1", sanDomain2), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", domain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "3"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", domain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.domain_name", sanDomain1), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.2.domain_name", sanDomain2), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.2.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.2.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.2.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "2"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", sanDomain1), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.1", sanDomain2), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -374,6 +380,7 @@ func TestAccAWSAcmCertificate_san_TrailingPeriod(t *testing.T) { } func TestAccAWSAcmCertificate_wildcard(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) wildcardDomain := fmt.Sprintf("*.%s", rootDomain) @@ -385,20 +392,20 @@ func TestAccAWSAcmCertificate_wildcard(t *testing.T) { { Config: testAccAcmCertificateConfig(wildcardDomain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", wildcardDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", wildcardDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", wildcardDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", wildcardDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -407,6 +414,7 @@ func TestAccAWSAcmCertificate_wildcard(t *testing.T) { } func TestAccAWSAcmCertificate_wildcardAndRootSan(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) wildcardDomain := fmt.Sprintf("*.%s", rootDomain) @@ -418,25 +426,25 @@ func TestAccAWSAcmCertificate_wildcardAndRootSan(t *testing.T) { { Config: testAccAcmCertificateConfig_subjectAlternativeNames(wildcardDomain, strconv.Quote(rootDomain), acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", wildcardDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", wildcardDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.domain_name", rootDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.0", rootDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", wildcardDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "2"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", wildcardDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.domain_name", rootDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", rootDomain), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -445,6 +453,7 @@ func TestAccAWSAcmCertificate_wildcardAndRootSan(t *testing.T) { } func TestAccAWSAcmCertificate_disableCTLogging(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) resource.ParallelTest(t, resource.TestCase{ @@ -455,22 +464,22 @@ func TestAccAWSAcmCertificate_disableCTLogging(t *testing.T) { { Config: testAccAcmCertificateConfig_disableCTLogging(rootDomain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", rootDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", rootDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "options.0.certificate_transparency_logging_preference", acm.CertificateTransparencyLoggingPreferenceDisabled), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", rootDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", rootDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), + resource.TestCheckResourceAttr(resourceName, "options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.certificate_transparency_logging_preference", acm.CertificateTransparencyLoggingPreferenceDisabled), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -479,6 +488,7 @@ func TestAccAWSAcmCertificate_disableCTLogging(t *testing.T) { } func TestAccAWSAcmCertificate_tags(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -490,34 +500,34 @@ func TestAccAWSAcmCertificate_tags(t *testing.T) { { Config: testAccAcmCertificateConfig(domain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.%", "0"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, { Config: testAccAcmCertificateConfig_twoTags(domain, acm.ValidationMethodDns, "Hello", "World", "Foo", "Bar"), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.%", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Hello", "World"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Foo", "Bar"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.Hello", "World"), + resource.TestCheckResourceAttr(resourceName, "tags.Foo", "Bar"), ), }, { Config: testAccAcmCertificateConfig_twoTags(domain, acm.ValidationMethodDns, "Hello", "World", "Foo", "Baz"), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.%", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Hello", "World"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Foo", "Baz"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.Hello", "World"), + resource.TestCheckResourceAttr(resourceName, "tags.Foo", "Baz"), ), }, { Config: testAccAcmCertificateConfig_oneTag(domain, acm.ValidationMethodDns, "Environment", "Test"), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.%", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Environment", "Test"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.Environment", "Test"), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, diff --git a/aws/resource_aws_acmpca_certificate_authority.go b/aws/resource_aws_acmpca_certificate_authority.go index c140b2c0193..755475daae4 100644 --- a/aws/resource_aws_acmpca_certificate_authority.go +++ b/aws/resource_aws_acmpca_certificate_authority.go @@ -10,6 +10,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) func resourceAwsAcmpcaCertificateAuthority() *schema.Resource { @@ -268,6 +269,7 @@ func resourceAwsAcmpcaCertificateAuthority() *schema.Resource { func resourceAwsAcmpcaCertificateAuthorityCreate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).acmpcaconn + tags := keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().AcmpcaTags() input := &acmpca.CreateCertificateAuthorityInput{ CertificateAuthorityConfiguration: expandAcmpcaCertificateAuthorityConfiguration(d.Get("certificate_authority_configuration").([]interface{})), @@ -276,6 +278,10 @@ func resourceAwsAcmpcaCertificateAuthorityCreate(d *schema.ResourceData, meta in RevocationConfiguration: expandAcmpcaRevocationConfiguration(d.Get("revocation_configuration").([]interface{})), } + if len(tags) > 0 { + input.Tags = tags + } + log.Printf("[DEBUG] Creating ACMPCA Certificate Authority: %s", input) var output *acmpca.CreateCertificateAuthorityOutput err := resource.Retry(1*time.Minute, func() *resource.RetryError { @@ -299,19 +305,6 @@ func resourceAwsAcmpcaCertificateAuthorityCreate(d *schema.ResourceData, meta in d.SetId(aws.StringValue(output.CertificateAuthorityArn)) - if v, ok := d.GetOk("tags"); ok { - input := &acmpca.TagCertificateAuthorityInput{ - CertificateAuthorityArn: aws.String(d.Id()), - Tags: tagsFromMapACMPCA(v.(map[string]interface{})), - } - - log.Printf("[DEBUG] Tagging ACMPCA Certificate Authority: %s", input) - _, err := conn.TagCertificateAuthority(input) - if err != nil { - return fmt.Errorf("error tagging ACMPCA Certificate Authority %q: %s", d.Id(), input) - } - } - stateConf := &resource.StateChangeConf{ Pending: []string{ "", @@ -427,12 +420,13 @@ func resourceAwsAcmpcaCertificateAuthorityRead(d *schema.ResourceData, meta inte d.Set("certificate_signing_request", getCertificateAuthorityCsrOutput.Csr) } - tags, err := listAcmpcaTags(conn, d.Id()) + tags, err := keyvaluetags.AcmpcaListTags(conn, d.Id()) + if err != nil { - return fmt.Errorf("error reading ACMPCA Certificate Authority %q tags: %s", d.Id(), err) + return fmt.Errorf("error listing tags for ACMPCA Certificate Authority (%s): %s", d.Id(), err) } - if err := d.Set("tags", tagsToMapACMPCA(tags)); err != nil { + if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil { return fmt.Errorf("error setting tags: %s", err) } @@ -469,30 +463,10 @@ func resourceAwsAcmpcaCertificateAuthorityUpdate(d *schema.ResourceData, meta in } if d.HasChange("tags") { - oraw, nraw := d.GetChange("tags") - o := oraw.(map[string]interface{}) - n := nraw.(map[string]interface{}) - create, remove := diffTagsACMPCA(tagsFromMapACMPCA(o), tagsFromMapACMPCA(n)) - - if len(remove) > 0 { - log.Printf("[DEBUG] Removing ACMPCA Certificate Authority %q tags: %#v", d.Id(), remove) - _, err := conn.UntagCertificateAuthority(&acmpca.UntagCertificateAuthorityInput{ - CertificateAuthorityArn: aws.String(d.Id()), - Tags: remove, - }) - if err != nil { - return fmt.Errorf("error updating ACMPCA Certificate Authority %q tags: %s", d.Id(), err) - } - } - if len(create) > 0 { - log.Printf("[DEBUG] Creating ACMPCA Certificate Authority %q tags: %#v", d.Id(), create) - _, err := conn.TagCertificateAuthority(&acmpca.TagCertificateAuthorityInput{ - CertificateAuthorityArn: aws.String(d.Id()), - Tags: create, - }) - if err != nil { - return fmt.Errorf("error updating ACMPCA Certificate Authority %q tags: %s", d.Id(), err) - } + o, n := d.GetChange("tags") + + if err := keyvaluetags.AcmpcaUpdateTags(conn, d.Id(), o, n); err != nil { + return fmt.Errorf("error updating ACMPCA Certificate Authority (%s) tags: %s", d.Id(), err) } } @@ -714,24 +688,3 @@ func flattenAcmpcaRevocationConfiguration(config *acmpca.RevocationConfiguration return []interface{}{m} } - -func listAcmpcaTags(conn *acmpca.ACMPCA, certificateAuthorityArn string) ([]*acmpca.Tag, error) { - tags := []*acmpca.Tag{} - input := &acmpca.ListTagsInput{ - CertificateAuthorityArn: aws.String(certificateAuthorityArn), - } - - for { - output, err := conn.ListTags(input) - if err != nil { - return tags, err - } - tags = append(tags, output.Tags...) - if output.NextToken == nil { - break - } - input.NextToken = output.NextToken - } - - return tags, nil -} diff --git a/aws/resource_aws_acmpca_certificate_authority_test.go b/aws/resource_aws_acmpca_certificate_authority_test.go index 4aa153c14d3..14740120886 100644 --- a/aws/resource_aws_acmpca_certificate_authority_test.go +++ b/aws/resource_aws_acmpca_certificate_authority_test.go @@ -73,7 +73,7 @@ func TestAccAwsAcmpcaCertificateAuthority_Basic(t *testing.T) { Config: testAccAwsAcmpcaCertificateAuthorityConfig_Required, Check: resource.ComposeTestCheckFunc( testAccCheckAwsAcmpcaCertificateAuthorityExists(resourceName, &certificateAuthority), - resource.TestMatchResourceAttr(resourceName, "arn", regexp.MustCompile(`^arn:[^:]+:acm-pca:[^:]+:[^:]+:certificate-authority/.+$`)), + testAccMatchResourceAttrRegionalARN(resourceName, "arn", "acm-pca", regexp.MustCompile(`certificate-authority/.+`)), resource.TestCheckResourceAttr(resourceName, "certificate_authority_configuration.#", "1"), resource.TestCheckResourceAttr(resourceName, "certificate_authority_configuration.0.key_algorithm", "RSA_4096"), resource.TestCheckResourceAttr(resourceName, "certificate_authority_configuration.0.signing_algorithm", "SHA512WITHRSA"), diff --git a/aws/tagsACM.go b/aws/tagsACM.go deleted file mode 100644 index 2cddba0fef6..00000000000 --- a/aws/tagsACM.go +++ /dev/null @@ -1,88 +0,0 @@ -package aws - -import ( - "log" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/acm" - "github.com/hashicorp/terraform-plugin-sdk/helper/schema" -) - -func setTagsACM(conn *acm.ACM, d *schema.ResourceData) error { - if d.HasChange("tags") { - oraw, nraw := d.GetChange("tags") - o := oraw.(map[string]interface{}) - n := nraw.(map[string]interface{}) - create, remove := diffTagsACM(tagsFromMapACM(o), tagsFromMapACM(n)) - - // Set tags - if len(remove) > 0 { - input := acm.RemoveTagsFromCertificateInput{ - CertificateArn: aws.String(d.Get("arn").(string)), - Tags: remove, - } - log.Printf("[DEBUG] Removing ACM tags: %s", input) - _, err := conn.RemoveTagsFromCertificate(&input) - if err != nil { - return err - } - } - if len(create) > 0 { - input := acm.AddTagsToCertificateInput{ - CertificateArn: aws.String(d.Get("arn").(string)), - Tags: create, - } - log.Printf("[DEBUG] Adding ACM tags: %s", input) - _, err := conn.AddTagsToCertificate(&input) - if err != nil { - return err - } - } - } - - return nil -} - -// diffTags takes our tags locally and the ones remotely and returns -// the set of tags that must be created, and the set of tags that must -// be destroyed. -func diffTagsACM(oldTags, newTags []*acm.Tag) ([]*acm.Tag, []*acm.Tag) { - // First, we're creating everything we have - create := make(map[string]interface{}) - for _, t := range newTags { - create[*t.Key] = *t.Value - } - - // Build the list of what to remove - var remove []*acm.Tag - for _, t := range oldTags { - old, ok := create[*t.Key] - if !ok || old != *t.Value { - // Delete it! - remove = append(remove, t) - } - } - - return tagsFromMapACM(create), remove -} - -func tagsFromMapACM(m map[string]interface{}) []*acm.Tag { - result := []*acm.Tag{} - for k, v := range m { - result = append(result, &acm.Tag{ - Key: aws.String(k), - Value: aws.String(v.(string)), - }) - } - - return result -} - -func tagsToMapACM(ts []*acm.Tag) map[string]string { - result := map[string]string{} - for _, t := range ts { - result[*t.Key] = *t.Value - } - - return result -} diff --git a/aws/tagsACMPCA.go b/aws/tagsACMPCA.go deleted file mode 100644 index f497f3aee5b..00000000000 --- a/aws/tagsACMPCA.go +++ /dev/null @@ -1,50 +0,0 @@ -package aws - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/acmpca" -) - -// diffTags takes our tags locally and the ones remotely and returns -// the set of tags that must be created, and the set of tags that must -// be destroyed. -func diffTagsACMPCA(oldTags, newTags []*acmpca.Tag) ([]*acmpca.Tag, []*acmpca.Tag) { - // First, we're creating everything we have - create := make(map[string]interface{}) - for _, t := range newTags { - create[aws.StringValue(t.Key)] = aws.StringValue(t.Value) - } - - // Build the list of what to remove - var remove []*acmpca.Tag - for _, t := range oldTags { - old, ok := create[aws.StringValue(t.Key)] - if !ok || old != aws.StringValue(t.Value) { - // Delete it! - remove = append(remove, t) - } - } - - return tagsFromMapACMPCA(create), remove -} - -func tagsFromMapACMPCA(m map[string]interface{}) []*acmpca.Tag { - result := []*acmpca.Tag{} - for k, v := range m { - result = append(result, &acmpca.Tag{ - Key: aws.String(k), - Value: aws.String(v.(string)), - }) - } - - return result -} - -func tagsToMapACMPCA(ts []*acmpca.Tag) map[string]string { - result := map[string]string{} - for _, t := range ts { - result[aws.StringValue(t.Key)] = aws.StringValue(t.Value) - } - - return result -} diff --git a/aws/tagsACMPCA_test.go b/aws/tagsACMPCA_test.go deleted file mode 100644 index 9c3183be494..00000000000 --- a/aws/tagsACMPCA_test.go +++ /dev/null @@ -1,57 +0,0 @@ -package aws - -import ( - "reflect" - "testing" -) - -func TestDiffTagsACMPCA(t *testing.T) { - cases := []struct { - Old, New map[string]interface{} - Create, Remove map[string]string - }{ - // Basic add/remove - { - Old: map[string]interface{}{ - "foo": "bar", - }, - New: map[string]interface{}{ - "bar": "baz", - }, - Create: map[string]string{ - "bar": "baz", - }, - Remove: map[string]string{ - "foo": "bar", - }, - }, - - // Modify - { - Old: map[string]interface{}{ - "foo": "bar", - }, - New: map[string]interface{}{ - "foo": "baz", - }, - Create: map[string]string{ - "foo": "baz", - }, - Remove: map[string]string{ - "foo": "bar", - }, - }, - } - - for i, tc := range cases { - c, r := diffTagsACMPCA(tagsFromMapACMPCA(tc.Old), tagsFromMapACMPCA(tc.New)) - cm := tagsToMapACMPCA(c) - rm := tagsToMapACMPCA(r) - if !reflect.DeepEqual(cm, tc.Create) { - t.Fatalf("%d: bad create: %#v", i, cm) - } - if !reflect.DeepEqual(rm, tc.Remove) { - t.Fatalf("%d: bad remove: %#v", i, rm) - } - } -} diff --git a/aws/tagsACM_test.go b/aws/tagsACM_test.go deleted file mode 100644 index 6c5ec130f3a..00000000000 --- a/aws/tagsACM_test.go +++ /dev/null @@ -1,57 +0,0 @@ -package aws - -import ( - "reflect" - "testing" -) - -func TestDiffTagsACM(t *testing.T) { - cases := []struct { - Old, New map[string]interface{} - Create, Remove map[string]string - }{ - // Basic add/remove - { - Old: map[string]interface{}{ - "foo": "bar", - }, - New: map[string]interface{}{ - "bar": "baz", - }, - Create: map[string]string{ - "bar": "baz", - }, - Remove: map[string]string{ - "foo": "bar", - }, - }, - - // Modify - { - Old: map[string]interface{}{ - "foo": "bar", - }, - New: map[string]interface{}{ - "foo": "baz", - }, - Create: map[string]string{ - "foo": "baz", - }, - Remove: map[string]string{ - "foo": "bar", - }, - }, - } - - for i, tc := range cases { - c, r := diffTagsACM(tagsFromMapACM(tc.Old), tagsFromMapACM(tc.New)) - cm := tagsToMapACM(c) - rm := tagsToMapACM(r) - if !reflect.DeepEqual(cm, tc.Create) { - t.Fatalf("%d: bad create: %#v", i, cm) - } - if !reflect.DeepEqual(rm, tc.Remove) { - t.Fatalf("%d: bad remove: %#v", i, rm) - } - } -}