Add expires and not_before attribute to data.key_vault_certificate

hashicorp · Sep 28, 2021 · 6999442 · 6999442
1 parent daa50da
commit 6999442
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 0 deletions.
diff --git a/internal/services/keyvault/key_vault_certificate_data_source.go b/internal/services/keyvault/key_vault_certificate_data_source.go
@@ -225,6 +225,16 @@ func dataSourceKeyVaultCertificate() *pluginsdk.Resource {
 				Computed: true,
 			},
 
+			"expires": {
+				Type:     pluginsdk.TypeString,
+				Computed: true,
+			},
+
+			"not_before": {
+				Type:     pluginsdk.TypeString,
+				Computed: true,
+			},
+
 			"tags": tags.SchemaDataSource(),
 		},
 	}
@@ -303,6 +313,30 @@ func dataSourceKeyVaultCertificateRead(d *pluginsdk.ResourceData, meta interface
 	}
 	d.Set("thumbprint", thumbprint)
 
+	expireString, err := cert.Attributes.Expires.MarshalText()
+	if err != nil {
+		return fmt.Errorf("parsing expiry time of certificate: %+v", err)
+	}
+
+	e, err := time.Parse(time.RFC3339, string(expireString))
+	if err != nil {
+		return fmt.Errorf("converting text to Time struct: %+v", err)
+	}
+
+	d.Set("expires", e.Format(time.RFC3339))
+
+	notBeforeString, err := cert.Attributes.NotBefore.MarshalText()
+	if err != nil {
+		return fmt.Errorf("parsing not-before time of certificate: %+v", err)
+	}
+
+	n, err := time.Parse(time.RFC3339, string(notBeforeString))
+	if err != nil {
+		return fmt.Errorf("converting text to Time struct: %+v", err)
+	}
+
+	d.Set("not_before", n.Format(time.RFC3339))
+
 	return tags.FlattenAndSet(d, cert.Tags)
 }
 

diff --git a/internal/services/keyvault/key_vault_certificate_data_source_test.go b/internal/services/keyvault/key_vault_certificate_data_source_test.go
@@ -23,6 +23,8 @@ func TestAccDataSourceKeyVaultCertificate_basic(t *testing.T) {
 				check.That(data.ResourceName).Key("certificate_data_base64").Exists(),
 				check.That(data.ResourceName).Key("certificate_policy.0.key_properties.0.key_size").HasValue("2048"),
 				check.That(data.ResourceName).Key("certificate_policy.0.key_properties.0.key_type").HasValue("RSA"),
+				check.That(data.ResourceName).Key("not_before").HasValue("2017-10-10T08:27:55Z"),
+				check.That(data.ResourceName).Key("expires").HasValue("2027-10-08T08:27:55Z"),
 			),
 		},
 	})

diff --git a/website/docs/d/key_vault_certificate.html.markdown b/website/docs/d/key_vault_certificate.html.markdown
@@ -64,6 +64,10 @@ The following attributes are exported:
 
 * `certificate_policy` - A `certificate_policy` block as defined below.
 
+* `expires` - Expiry date of certificate in RFC3339 format.
+
+* `not_before` - Not Before date of certificate in RFC3339 format.
+
 * `tags` - A mapping of tags to assign to the resource.
 
 ---