add awsutils_expiring_iam_access_key resource (#21)

cloudposse · Nov 17, 2021 · 095b67b · 095b67b
1 parent 4fe4ae6
commit 095b67b
Show file tree

Hide file tree

Showing 12 changed files with 822 additions and 1 deletion.
diff --git a/docs/resources/expiring_iam_access_key.md b/docs/resources/expiring_iam_access_key.md
@@ -0,0 +1,71 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "awsutils_expiring_iam_access_key Resource - terraform-provider-awsutils"
+subcategory: ""
+description: |-
+  Provides an IAM access key that expires after max_age seconds. This is a set of credentials that allow API requests to be made as an IAM user.
+---
+
+# Resource `awsutils_expiring_iam_access_key`
+
+Provides an IAM access key that expires after max_age seconds. This is a set of credentials that allow API requests to be made as an IAM user.
+
+## Example Usage
+
+```terraform
+terraform {
+  required_providers {
+    awsutils = {
+      source = "cloudposse/awsutils"
+      # For local development,
+      # install the provider on local computer by running `make install` from the root of the repo, and uncomment the 
+      # version below
+      # version = "9999.99.99"
+    }
+  }
+}
+
+provider "awsutils" {
+  region = "us-east-1"
+}
+
+resource "aws_iam_user" "test" {
+  name = "test"
+  path = "/test/"
+}
+
+resource "awsutils_expiring_iam_access_key" "test" {
+  user    = aws_iam_user.test.name
+  max_age = 60 * 60 * 24 * 30 # 30 days
+}
+
+output "id" {
+  value = awsutils_expiring_iam_access_key.test.id
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- **user** (String)
+
+### Optional
+
+- **id** (String) The ID of this resource.
+- **max_age** (Number)
+- **pgp_key** (String)
+- **status** (String)
+
+### Read-only
+
+- **create_date** (String)
+- **encrypted_secret** (String)
+- **encrypted_ses_smtp_password_v4** (String)
+- **expiration_date** (String)
+- **key_fingerprint** (String)
+- **secret** (String, Sensitive)
+- **ses_smtp_password_v4** (String, Sensitive)
+
+
diff --git a/examples/resources/awsutils_expiring_iam_access_key/resource.tf b/examples/resources/awsutils_expiring_iam_access_key/resource.tf
@@ -0,0 +1,29 @@
+terraform {
+  required_providers {
+    awsutils = {
+      source = "cloudposse/awsutils"
+      # For local development,
+      # install the provider on local computer by running `make install` from the root of the repo, and uncomment the 
+      # version below
+      # version = "9999.99.99"
+    }
+  }
+}
+
+provider "awsutils" {
+  region = "us-east-1"
+}
+
+resource "aws_iam_user" "test" {
+  name = "test"
+  path = "/test/"
+}
+
+resource "awsutils_expiring_iam_access_key" "test" {
+  user    = aws_iam_user.test.name
+  max_age = 60 * 60 * 24 * 30 # 30 days
+}
+
+output "id" {
+  value = awsutils_expiring_iam_access_key.test.id
+}
diff --git a/go.mod b/go.mod
@@ -29,10 +29,11 @@ require (
 	github.com/fatih/color v1.9.0 // indirect
 	github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect
 	github.com/golang/protobuf v1.4.2 // indirect
+	github.com/google/go-cmp v0.5.6
 	github.com/googleapis/gax-go/v2 v2.0.5 // indirect
 	github.com/hashicorp/errwrap v1.0.0 // indirect
 	github.com/hashicorp/go-checkpoint v0.5.0 // indirect
-	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect
 	github.com/hashicorp/go-getter v1.5.3 // indirect
 	github.com/hashicorp/go-hclog v0.15.0 // indirect
@@ -51,6 +52,7 @@ require (
 	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/jstemmer/go-junit-report v0.9.1 // indirect
+	github.com/keybase/go-crypto v0.0.0-20200123153347-de78d2cb44f4
 	github.com/klauspost/compress v1.11.2 // indirect
 	github.com/mattn/go-colorable v0.1.8 // indirect
 	github.com/mattn/go-isatty v0.0.12 // indirect

diff --git a/go.sum b/go.sum
@@ -224,8 +224,10 @@ github.com/hashicorp/terraform-plugin-docs v0.4.0 h1:xJIXsMzBFwBvC1zcjoNz743GL2t
 github.com/hashicorp/terraform-plugin-docs v0.4.0/go.mod h1:fKj/V3t45tiXpSlUms/0G4OrBayyWpbUJ4WtLjBkINU=
 github.com/hashicorp/terraform-plugin-go v0.4.0 h1:LFbXNeLDo0J/wR0kUzSPq0RpdmFh2gNedzU0n/gzPAo=
 github.com/hashicorp/terraform-plugin-go v0.4.0/go.mod h1:7u/6nt6vaiwcWE2GuJKbJwNlDFnf5n95xKw4hqIVr58=
+github.com/hashicorp/terraform-plugin-sdk v1.17.2 h1:V7DUR3yBWFrVB9z3ddpY7kiYVSsq4NYR67NiTs93NQo=
 github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0 h1:GSumgrL6GGcRYU37YuF1CC59hRPR7Yzy6tpoFlo8wr4=
 github.com/hashicorp/terraform-plugin-sdk/v2 v2.8.0/go.mod h1:6KbP09YzlB++S6XSUKYl83WyoHVN4MgeoCbPRsdfCtA=
+github.com/hashicorp/terraform-provider-aws v1.60.0 h1:4YnFQI7eNzpTLp73wuuZ/rgH3qoNzGeTMxjbXjxLtvE=
 github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
 github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d h1:kJCB4vdITiW1eC1vq2e6IsrXKrZit1bv/TDYFGMp4BQ=
 github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
@@ -257,6 +259,8 @@ github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/X
 github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
 github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck=
 github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
+github.com/keybase/go-crypto v0.0.0-20200123153347-de78d2cb44f4 h1:cTxwSmnaqLoo+4tLukHoB9iqHOu3LmLhRmgUxZo6Vp4=
+github.com/keybase/go-crypto v0.0.0-20200123153347-de78d2cb44f4/go.mod h1:ghbZscTyKdM07+Fw3KSi0hcJm+AlEUWj8QLlPtijN/M=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.11.2 h1:MiK62aErc3gIiVEtyzKfeOHgW7atJb5g/KNX5m3c2nQ=
 github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=

diff --git a/internal/provider/provider.go b/internal/provider/provider.go
@@ -12,6 +12,7 @@ import (
 
 	"github.com/cloudposse/terraform-provider-awsutils/internal/service/ec2"
 	"github.com/cloudposse/terraform-provider-awsutils/internal/service/guardduty"
+	"github.com/cloudposse/terraform-provider-awsutils/internal/service/iam"
 	"github.com/cloudposse/terraform-provider-awsutils/internal/service/securityhub"
 )
 
@@ -200,6 +201,7 @@ func Provider() *schema.Provider {
 
 		ResourcesMap: map[string]*schema.Resource{
 			"awsutils_default_vpc_deletion":               ec2.ResourceDefaultVpcDeletion(),
+			"awsutils_expiring_iam_access_key":            iam.ResourceExpiringAccessKey(),
 			"awsutils_guardduty_organization_settings":    guardduty.ResourceAwsUtilsGuardDutyOrganizationSettings(),
 			"awsutils_security_hub_control_disablement":   securityhub.ResourceSecurityHubControlDisablement(),
 			"awsutils_security_hub_organization_settings": securityhub.ResourceSecurityHubOrganizationSettings(),