diff --git a/aws/resource_aws_acm_certificate.go b/aws/resource_aws_acm_certificate.go index c20764e4ae7..4c1eaad56d5 100644 --- a/aws/resource_aws_acm_certificate.go +++ b/aws/resource_aws_acm_certificate.go @@ -12,6 +12,7 @@ import ( "github.com/hashicorp/terraform-plugin-sdk/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/helper/validation" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" ) func resourceAwsAcmCertificate() *schema.Resource { @@ -174,15 +175,9 @@ func resourceAwsAcmCertificateCreateImported(d *schema.ResourceData, meta interf } d.SetId(*resp.CertificateArn) - if v, ok := d.GetOk("tags"); ok { - params := &acm.AddTagsToCertificateInput{ - CertificateArn: resp.CertificateArn, - Tags: tagsFromMapACM(v.(map[string]interface{})), - } - _, err := acmconn.AddTagsToCertificate(params) - - if err != nil { - return fmt.Errorf("Error requesting certificate: %s", err) + if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { + if err := keyvaluetags.AcmUpdateTags(acmconn, d.Id(), nil, v); err != nil { + return fmt.Errorf("error adding tags: %s", err) } } @@ -221,15 +216,9 @@ func resourceAwsAcmCertificateCreateRequested(d *schema.ResourceData, meta inter } d.SetId(*resp.CertificateArn) - if v, ok := d.GetOk("tags"); ok { - params := &acm.AddTagsToCertificateInput{ - CertificateArn: resp.CertificateArn, - Tags: tagsFromMapACM(v.(map[string]interface{})), - } - _, err := acmconn.AddTagsToCertificate(params) - - if err != nil { - return fmt.Errorf("Error requesting certificate: %s", err) + if v := d.Get("tags").(map[string]interface{}); len(v) > 0 { + if err := keyvaluetags.AcmUpdateTags(acmconn, d.Id(), nil, v); err != nil { + return fmt.Errorf("error adding tags: %s", err) } } @@ -281,16 +270,14 @@ func resourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) err return resource.NonRetryableError(fmt.Errorf("error setting certificate options: %s", err)) } - params := &acm.ListTagsForCertificateInput{ - CertificateArn: aws.String(d.Id()), - } + tags, err := keyvaluetags.AcmListTags(acmconn, d.Id()) - tagResp, err := acmconn.ListTagsForCertificate(params) if err != nil { - return resource.NonRetryableError(fmt.Errorf("error listing tags for certificate (%s): %s", d.Id(), err)) + return resource.NonRetryableError(fmt.Errorf("error listing tags for ACM Certificate (%s): %s", d.Id(), err)) } - if err := d.Set("tags", tagsToMapACM(tagResp.Tags)); err != nil { - return resource.NonRetryableError(err) + + if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil { + return resource.NonRetryableError(fmt.Errorf("error setting tags: %s", err)) } return nil @@ -319,9 +306,9 @@ func resourceAwsAcmCertificateUpdate(d *schema.ResourceData, meta interface{}) e } if d.HasChange("tags") { - err := setTagsACM(acmconn, d) - if err != nil { - return err + o, n := d.GetChange("tags") + if err := keyvaluetags.AcmUpdateTags(acmconn, d.Id(), o, n); err != nil { + return fmt.Errorf("error updating tags: %s", err) } } return resourceAwsAcmCertificateRead(d, meta) diff --git a/aws/resource_aws_acm_certificate_test.go b/aws/resource_aws_acm_certificate_test.go index 694d02c30ec..0705c37800e 100644 --- a/aws/resource_aws_acm_certificate_test.go +++ b/aws/resource_aws_acm_certificate_test.go @@ -52,6 +52,7 @@ func testAccAwsAcmCertificateRandomSubDomain(rootDomain string) string { } func TestAccAWSAcmCertificate_emailValidation(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -63,16 +64,16 @@ func TestAccAWSAcmCertificate_emailValidation(t *testing.T) { { Config: testAccAcmCertificateConfig(domain, acm.ValidationMethodEmail), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", domain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "validation_emails.0", regexp.MustCompile(`^[^@]+@.+$`)), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodEmail), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", domain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "0"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestMatchResourceAttr(resourceName, "validation_emails.0", regexp.MustCompile(`^[^@]+@.+$`)), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodEmail), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -82,6 +83,7 @@ func TestAccAWSAcmCertificate_emailValidation(t *testing.T) { } func TestAccAWSAcmCertificate_dnsValidation(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -93,20 +95,20 @@ func TestAccAWSAcmCertificate_dnsValidation(t *testing.T) { { Config: testAccAcmCertificateConfig(domain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", domain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", domain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", domain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", domain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -115,6 +117,7 @@ func TestAccAWSAcmCertificate_dnsValidation(t *testing.T) { } func TestAccAWSAcmCertificate_root(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) resource.ParallelTest(t, resource.TestCase{ @@ -125,20 +128,20 @@ func TestAccAWSAcmCertificate_root(t *testing.T) { { Config: testAccAcmCertificateConfig(rootDomain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", rootDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", rootDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", rootDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", rootDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -212,6 +215,7 @@ func TestAccAWSAcmCertificate_root_TrailingPeriod(t *testing.T) { } func TestAccAWSAcmCertificate_rootAndWildcardSan(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) wildcardDomain := fmt.Sprintf("*.%s", rootDomain) @@ -223,25 +227,25 @@ func TestAccAWSAcmCertificate_rootAndWildcardSan(t *testing.T) { { Config: testAccAcmCertificateConfig_subjectAlternativeNames(rootDomain, strconv.Quote(wildcardDomain), acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", rootDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", rootDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.domain_name", wildcardDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.0", wildcardDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", rootDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "2"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", rootDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.domain_name", wildcardDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", wildcardDomain), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -250,6 +254,7 @@ func TestAccAWSAcmCertificate_rootAndWildcardSan(t *testing.T) { } func TestAccAWSAcmCertificate_san_single(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) sanDomain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -262,25 +267,25 @@ func TestAccAWSAcmCertificate_san_single(t *testing.T) { { Config: testAccAcmCertificateConfig_subjectAlternativeNames(domain, strconv.Quote(sanDomain), acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", domain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", domain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.domain_name", sanDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.0", sanDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", domain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "2"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", domain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.domain_name", sanDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", sanDomain), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -289,6 +294,7 @@ func TestAccAWSAcmCertificate_san_single(t *testing.T) { } func TestAccAWSAcmCertificate_san_multiple(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) sanDomain1 := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -302,30 +308,30 @@ func TestAccAWSAcmCertificate_san_multiple(t *testing.T) { { Config: testAccAcmCertificateConfig_subjectAlternativeNames(domain, fmt.Sprintf("%q, %q", sanDomain1, sanDomain2), acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", domain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "3"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", domain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.domain_name", sanDomain1), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.2.domain_name", sanDomain2), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.2.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.2.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.2.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.0", sanDomain1), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.1", sanDomain2), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", domain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "3"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", domain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.domain_name", sanDomain1), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.2.domain_name", sanDomain2), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.2.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.2.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.2.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "2"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", sanDomain1), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.1", sanDomain2), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -374,6 +380,7 @@ func TestAccAWSAcmCertificate_san_TrailingPeriod(t *testing.T) { } func TestAccAWSAcmCertificate_wildcard(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) wildcardDomain := fmt.Sprintf("*.%s", rootDomain) @@ -385,20 +392,20 @@ func TestAccAWSAcmCertificate_wildcard(t *testing.T) { { Config: testAccAcmCertificateConfig(wildcardDomain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", wildcardDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", wildcardDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", wildcardDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", wildcardDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -407,6 +414,7 @@ func TestAccAWSAcmCertificate_wildcard(t *testing.T) { } func TestAccAWSAcmCertificate_wildcardAndRootSan(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) wildcardDomain := fmt.Sprintf("*.%s", rootDomain) @@ -418,25 +426,25 @@ func TestAccAWSAcmCertificate_wildcardAndRootSan(t *testing.T) { { Config: testAccAcmCertificateConfig_subjectAlternativeNames(wildcardDomain, strconv.Quote(rootDomain), acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", wildcardDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", wildcardDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.domain_name", rootDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.1.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.0", rootDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", wildcardDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "2"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", wildcardDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.domain_name", rootDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.1.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.1.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "1"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.0", rootDomain), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -445,6 +453,7 @@ func TestAccAWSAcmCertificate_wildcardAndRootSan(t *testing.T) { } func TestAccAWSAcmCertificate_disableCTLogging(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) resource.ParallelTest(t, resource.TestCase{ @@ -455,22 +464,22 @@ func TestAccAWSAcmCertificate_disableCTLogging(t *testing.T) { { Config: testAccAcmCertificateConfig_disableCTLogging(rootDomain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestMatchResourceAttr("aws_acm_certificate.cert", "arn", certificateArnRegex), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_name", rootDomain), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.domain_name", rootDomain), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_name"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_type", "CNAME"), - resource.TestCheckResourceAttrSet("aws_acm_certificate.cert", "domain_validation_options.0.resource_record_value"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "subject_alternative_names.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_emails.#", "0"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "validation_method", acm.ValidationMethodDns), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "options.#", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "options.0.certificate_transparency_logging_preference", acm.CertificateTransparencyLoggingPreferenceDisabled), + resource.TestMatchResourceAttr(resourceName, "arn", certificateArnRegex), + resource.TestCheckResourceAttr(resourceName, "domain_name", rootDomain), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.domain_name", rootDomain), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_name"), + resource.TestCheckResourceAttr(resourceName, "domain_validation_options.0.resource_record_type", "CNAME"), + resource.TestCheckResourceAttrSet(resourceName, "domain_validation_options.0.resource_record_value"), + resource.TestCheckResourceAttr(resourceName, "subject_alternative_names.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_emails.#", "0"), + resource.TestCheckResourceAttr(resourceName, "validation_method", acm.ValidationMethodDns), + resource.TestCheckResourceAttr(resourceName, "options.#", "1"), + resource.TestCheckResourceAttr(resourceName, "options.0.certificate_transparency_logging_preference", acm.CertificateTransparencyLoggingPreferenceDisabled), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, @@ -479,6 +488,7 @@ func TestAccAWSAcmCertificate_disableCTLogging(t *testing.T) { } func TestAccAWSAcmCertificate_tags(t *testing.T) { + resourceName := "aws_acm_certificate.cert" rootDomain := testAccAwsAcmCertificateDomainFromEnv(t) domain := testAccAwsAcmCertificateRandomSubDomain(rootDomain) @@ -490,34 +500,34 @@ func TestAccAWSAcmCertificate_tags(t *testing.T) { { Config: testAccAcmCertificateConfig(domain, acm.ValidationMethodDns), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.%", "0"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "0"), ), }, { Config: testAccAcmCertificateConfig_twoTags(domain, acm.ValidationMethodDns, "Hello", "World", "Foo", "Bar"), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.%", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Hello", "World"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Foo", "Bar"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.Hello", "World"), + resource.TestCheckResourceAttr(resourceName, "tags.Foo", "Bar"), ), }, { Config: testAccAcmCertificateConfig_twoTags(domain, acm.ValidationMethodDns, "Hello", "World", "Foo", "Baz"), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.%", "2"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Hello", "World"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Foo", "Baz"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "2"), + resource.TestCheckResourceAttr(resourceName, "tags.Hello", "World"), + resource.TestCheckResourceAttr(resourceName, "tags.Foo", "Baz"), ), }, { Config: testAccAcmCertificateConfig_oneTag(domain, acm.ValidationMethodDns, "Environment", "Test"), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.%", "1"), - resource.TestCheckResourceAttr("aws_acm_certificate.cert", "tags.Environment", "Test"), + resource.TestCheckResourceAttr(resourceName, "tags.%", "1"), + resource.TestCheckResourceAttr(resourceName, "tags.Environment", "Test"), ), }, { - ResourceName: "aws_acm_certificate.cert", + ResourceName: resourceName, ImportState: true, ImportStateVerify: true, }, diff --git a/aws/tagsACM.go b/aws/tagsACM.go deleted file mode 100644 index 2cddba0fef6..00000000000 --- a/aws/tagsACM.go +++ /dev/null @@ -1,88 +0,0 @@ -package aws - -import ( - "log" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/acm" - "github.com/hashicorp/terraform-plugin-sdk/helper/schema" -) - -func setTagsACM(conn *acm.ACM, d *schema.ResourceData) error { - if d.HasChange("tags") { - oraw, nraw := d.GetChange("tags") - o := oraw.(map[string]interface{}) - n := nraw.(map[string]interface{}) - create, remove := diffTagsACM(tagsFromMapACM(o), tagsFromMapACM(n)) - - // Set tags - if len(remove) > 0 { - input := acm.RemoveTagsFromCertificateInput{ - CertificateArn: aws.String(d.Get("arn").(string)), - Tags: remove, - } - log.Printf("[DEBUG] Removing ACM tags: %s", input) - _, err := conn.RemoveTagsFromCertificate(&input) - if err != nil { - return err - } - } - if len(create) > 0 { - input := acm.AddTagsToCertificateInput{ - CertificateArn: aws.String(d.Get("arn").(string)), - Tags: create, - } - log.Printf("[DEBUG] Adding ACM tags: %s", input) - _, err := conn.AddTagsToCertificate(&input) - if err != nil { - return err - } - } - } - - return nil -} - -// diffTags takes our tags locally and the ones remotely and returns -// the set of tags that must be created, and the set of tags that must -// be destroyed. -func diffTagsACM(oldTags, newTags []*acm.Tag) ([]*acm.Tag, []*acm.Tag) { - // First, we're creating everything we have - create := make(map[string]interface{}) - for _, t := range newTags { - create[*t.Key] = *t.Value - } - - // Build the list of what to remove - var remove []*acm.Tag - for _, t := range oldTags { - old, ok := create[*t.Key] - if !ok || old != *t.Value { - // Delete it! - remove = append(remove, t) - } - } - - return tagsFromMapACM(create), remove -} - -func tagsFromMapACM(m map[string]interface{}) []*acm.Tag { - result := []*acm.Tag{} - for k, v := range m { - result = append(result, &acm.Tag{ - Key: aws.String(k), - Value: aws.String(v.(string)), - }) - } - - return result -} - -func tagsToMapACM(ts []*acm.Tag) map[string]string { - result := map[string]string{} - for _, t := range ts { - result[*t.Key] = *t.Value - } - - return result -} diff --git a/aws/tagsACM_test.go b/aws/tagsACM_test.go deleted file mode 100644 index 6c5ec130f3a..00000000000 --- a/aws/tagsACM_test.go +++ /dev/null @@ -1,57 +0,0 @@ -package aws - -import ( - "reflect" - "testing" -) - -func TestDiffTagsACM(t *testing.T) { - cases := []struct { - Old, New map[string]interface{} - Create, Remove map[string]string - }{ - // Basic add/remove - { - Old: map[string]interface{}{ - "foo": "bar", - }, - New: map[string]interface{}{ - "bar": "baz", - }, - Create: map[string]string{ - "bar": "baz", - }, - Remove: map[string]string{ - "foo": "bar", - }, - }, - - // Modify - { - Old: map[string]interface{}{ - "foo": "bar", - }, - New: map[string]interface{}{ - "foo": "baz", - }, - Create: map[string]string{ - "foo": "baz", - }, - Remove: map[string]string{ - "foo": "bar", - }, - }, - } - - for i, tc := range cases { - c, r := diffTagsACM(tagsFromMapACM(tc.Old), tagsFromMapACM(tc.New)) - cm := tagsToMapACM(c) - rm := tagsToMapACM(r) - if !reflect.DeepEqual(cm, tc.Create) { - t.Fatalf("%d: bad create: %#v", i, cm) - } - if !reflect.DeepEqual(rm, tc.Remove) { - t.Fatalf("%d: bad remove: %#v", i, rm) - } - } -}