diff --git a/aws/data_source_aws_directory_service_directory.go b/aws/data_source_aws_directory_service_directory.go new file mode 100644 index 00000000000..f43fe3c7b60 --- /dev/null +++ b/aws/data_source_aws_directory_service_directory.go @@ -0,0 +1,175 @@ +package aws + +import ( + "fmt" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" + "log" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/directoryservice" +) + +func dataSourceAwsDirectoryServiceDirectory() *schema.Resource { + return &schema.Resource{ + Read: dataSourceAwsDirectoryServiceDirectoryRead, + + Schema: map[string]*schema.Schema{ + "directory_id": { + Type: schema.TypeString, + Required: true, + }, + "name": { + Type: schema.TypeString, + Computed: true, + }, + "size": { + Type: schema.TypeString, + Computed: true, + }, + "alias": { + Type: schema.TypeString, + Computed: true, + }, + "description": { + Type: schema.TypeString, + Computed: true, + }, + "short_name": { + Type: schema.TypeString, + Computed: true, + }, + "tags": tagsSchema(), + "vpc_settings": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "subnet_ids": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + Set: schema.HashString, + }, + "vpc_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "connect_settings": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "customer_username": { + Type: schema.TypeString, + Computed: true, + }, + "customer_dns_ips": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + Set: schema.HashString, + }, + "subnet_ids": { + Type: schema.TypeSet, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + Set: schema.HashString, + }, + "vpc_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "enable_sso": { + Type: schema.TypeBool, + Computed: true, + }, + "access_url": { + Type: schema.TypeString, + Computed: true, + }, + "dns_ip_addresses": { + Type: schema.TypeSet, + Elem: &schema.Schema{Type: schema.TypeString}, + Set: schema.HashString, + Computed: true, + }, + "security_group_id": { + Type: schema.TypeString, + Computed: true, + }, + "type": { + Type: schema.TypeString, + Computed: true, + }, + "edition": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} + +func dataSourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).dsconn + + directoryID := d.Get("directory_id").(string) + out, err := conn.DescribeDirectories(&directoryservice.DescribeDirectoriesInput{ + DirectoryIds: []*string{aws.String(directoryID)}, + }) + if err != nil { + return err + } + + if len(out.DirectoryDescriptions) == 0 { + log.Printf("[WARN] Directory %s not found", d.Id()) + d.SetId("") + return nil + } + + d.SetId(directoryID) + + dir := out.DirectoryDescriptions[0] + log.Printf("[DEBUG] Received DS directory: %s", dir) + + d.Set("access_url", dir.AccessUrl) + d.Set("alias", dir.Alias) + d.Set("description", dir.Description) + + if *dir.Type == directoryservice.DirectoryTypeAdconnector { + d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.ConnectSettings.ConnectIps))) + } else { + d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.DnsIpAddrs))) + } + d.Set("name", dir.Name) + d.Set("short_name", dir.ShortName) + d.Set("size", dir.Size) + d.Set("edition", dir.Edition) + d.Set("type", dir.Type) + d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings)) + d.Set("connect_settings", flattenDSConnectSettings(dir.DnsIpAddrs, dir.ConnectSettings)) + d.Set("enable_sso", dir.SsoEnabled) + + if aws.StringValue(dir.Type) == directoryservice.DirectoryTypeAdconnector { + d.Set("security_group_id", aws.StringValue(dir.ConnectSettings.SecurityGroupId)) + } else { + d.Set("security_group_id", aws.StringValue(dir.VpcSettings.SecurityGroupId)) + } + + tags, err := keyvaluetags.DirectoryserviceListTags(conn, d.Id()) + if err != nil { + return fmt.Errorf("error listing tags for Directory Service Directory (%s): %s", d.Id(), err) + } + + if err := d.Set("tags", tags.IgnoreAws().Map()); err != nil { + return fmt.Errorf("error setting tags: %s", err) + } + + return nil +} diff --git a/aws/data_source_aws_directory_service_directory_test.go b/aws/data_source_aws_directory_service_directory_test.go new file mode 100644 index 00000000000..05ba19318e3 --- /dev/null +++ b/aws/data_source_aws_directory_service_directory_test.go @@ -0,0 +1,156 @@ +package aws + +import ( + "fmt" + "github.com/hashicorp/terraform-plugin-sdk/helper/acctest" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/helper/resource" +) + +func TestAccDataSourceAwsDirectoryServiceDirectory_SimpleAD(t *testing.T) { + alias := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_directory_service_directory.test-simple-ad" + dataSourceName := "data.aws_directory_service_directory.test-simple-ad" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceAwsDirectoryServiceDirectoryConfig_SimpleAD(alias), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(dataSourceName, "type", "SimpleAD"), + resource.TestCheckResourceAttr(dataSourceName, "size", "Small"), + resource.TestCheckResourceAttr(dataSourceName, "name", "tf-testacc-corp.neverland.com"), + resource.TestCheckResourceAttr(dataSourceName, "description", "tf-testacc SimpleAD"), + resource.TestCheckResourceAttr(dataSourceName, "short_name", "corp"), + resource.TestCheckResourceAttr(dataSourceName, "alias", alias), + resource.TestCheckResourceAttr(dataSourceName, "enable_sso", "false"), + resource.TestCheckResourceAttr(dataSourceName, "vpc_settings.#", "1"), + resource.TestCheckResourceAttrPair(dataSourceName, "vpc_settings.0.vpc_id", resourceName, "vpc_settings.0.vpc_id"), + resource.TestCheckResourceAttrPair(dataSourceName, "vpc_settings.0.subnet_ids", resourceName, "vpc_settings.0.subnet_ids"), + resource.TestCheckResourceAttr(dataSourceName, "access_url", fmt.Sprintf("%s.awsapps.com", alias)), + resource.TestCheckResourceAttrPair(dataSourceName, "dns_ip_addresses", resourceName, "dns_ip_addresses"), + resource.TestCheckResourceAttrPair(dataSourceName, "security_group_id", resourceName, "security_group_id"), + ), + }, + }, + }) +} + +func TestAccDataSourceAwsDirectoryServiceDirectory_MicrosoftAD(t *testing.T) { + alias := acctest.RandomWithPrefix("tf-acc-test") + resourceName := "aws_directory_service_directory.test-microsoft-ad" + dataSourceName := "data.aws_directory_service_directory.test-microsoft-ad" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + { + Config: testAccDataSourceAwsDirectoryServiceDirectoryConfig_MicrosoftAD(alias), + Check: resource.ComposeAggregateTestCheckFunc( + resource.TestCheckResourceAttr(dataSourceName, "type", "MicrosoftAD"), + resource.TestCheckResourceAttr(dataSourceName, "edition", "Standard"), + resource.TestCheckResourceAttr(dataSourceName, "name", "tf-testacc-corp.neverland.com"), + resource.TestCheckResourceAttr(dataSourceName, "description", "tf-testacc MicrosoftAD"), + resource.TestCheckResourceAttr(dataSourceName, "short_name", "corp"), + resource.TestCheckResourceAttr(dataSourceName, "alias", alias), + resource.TestCheckResourceAttr(dataSourceName, "enable_sso", "false"), + resource.TestCheckResourceAttr(dataSourceName, "vpc_settings.#", "1"), + resource.TestCheckResourceAttrPair(dataSourceName, "vpc_settings.0.vpc_id", resourceName, "vpc_settings.0.vpc_id"), + resource.TestCheckResourceAttrPair(dataSourceName, "vpc_settings.0.subnet_ids", resourceName, "vpc_settings.0.subnet_ids"), + resource.TestCheckResourceAttr(dataSourceName, "access_url", fmt.Sprintf("%s.awsapps.com", alias)), + resource.TestCheckResourceAttrPair(dataSourceName, "dns_ip_addresses", resourceName, "dns_ip_addresses"), + resource.TestCheckResourceAttrPair(dataSourceName, "security_group_id", resourceName, "security_group_id"), + ), + }, + }, + }) +} + +func testAccDataSourceAwsDirectoryServiceDirectoryConfig_Prerequisites(adType string) string { + return fmt.Sprintf(` +data "aws_availability_zones" "available" { + state = "available" +} + +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" + + tags = { + Name = "tf-testacc-%s" + } +} + +resource "aws_subnet" "primary" { + vpc_id = "${aws_vpc.main.id}" + availability_zone = "${data.aws_availability_zones.available.names[0]}" + cidr_block = "10.0.1.0/24" + + tags = { + Name = "tf-testacc-%s-primary" + } +} +resource "aws_subnet" "secondary" { + vpc_id = "${aws_vpc.main.id}" + availability_zone = "${data.aws_availability_zones.available.names[1]}" + cidr_block = "10.0.2.0/24" + + tags = { + Name = "tf-testacc-%s-secondary" + } +} +`, adType, adType, adType) +} + +func testAccDataSourceAwsDirectoryServiceDirectoryConfig_SimpleAD(alias string) string { + return testAccDataSourceAwsDirectoryServiceDirectoryConfig_Prerequisites("simple-ad") + fmt.Sprintf(` +resource "aws_directory_service_directory" "test-simple-ad" { + type = "SimpleAD" + size = "Small" + name = "tf-testacc-corp.neverland.com" + description = "tf-testacc SimpleAD" + short_name = "corp" + password = "#S1ncerely" + + alias = %q + enable_sso = false + + vpc_settings { + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.primary.id}", "${aws_subnet.secondary.id}"] + } +} + +data "aws_directory_service_directory" "test-simple-ad" { + directory_id = "${aws_directory_service_directory.test-simple-ad.id}" +} +`, alias) +} + +func testAccDataSourceAwsDirectoryServiceDirectoryConfig_MicrosoftAD(alias string) string { + return testAccDataSourceAwsDirectoryServiceDirectoryConfig_Prerequisites("microsoft-ad") + fmt.Sprintf(` +resource "aws_directory_service_directory" "test-microsoft-ad" { + type = "MicrosoftAD" + edition = "Standard" + name = "tf-testacc-corp.neverland.com" + description = "tf-testacc MicrosoftAD" + short_name = "corp" + password = "#S1ncerely" + + alias = %q + enable_sso = false + + vpc_settings { + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.primary.id}", "${aws_subnet.secondary.id}"] + } +} + +data "aws_directory_service_directory" "test-microsoft-ad" { + directory_id = "${aws_directory_service_directory.test-microsoft-ad.id}" +} +`, alias) +} diff --git a/aws/provider.go b/aws/provider.go index 72c1e9e3bff..85350e6499e 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -187,6 +187,7 @@ func Provider() terraform.ResourceProvider { "aws_db_event_categories": dataSourceAwsDbEventCategories(), "aws_db_instance": dataSourceAwsDbInstance(), "aws_db_snapshot": dataSourceAwsDbSnapshot(), + "aws_directory_service_directory": dataSourceAwsDirectoryServiceDirectory(), "aws_dx_gateway": dataSourceAwsDxGateway(), "aws_dynamodb_table": dataSourceAwsDynamoDbTable(), "aws_ebs_default_kms_key": dataSourceAwsEbsDefaultKmsKey(), diff --git a/website/aws.erb b/website/aws.erb index 8e36181d06d..be22334ba02 100644 --- a/website/aws.erb +++ b/website/aws.erb @@ -829,6 +829,14 @@