Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws_acm_certificate - Add validity dates #26281

Merged
merged 5 commits into from
Aug 16, 2022
Merged

aws_acm_certificate - Add validity dates #26281

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
a0e1e97
added validity dates
breathingdust Aug 12, 2022
b579656
added docs
breathingdust Aug 12, 2022
07c029b
add tests
breathingdust Aug 12, 2022
25b8244
add lintignore for test name
breathingdust Aug 15, 2022
9d9d5b5
add changelog
breathingdust Aug 15, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .changelog/26281.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/aws_acm_certificate: Add `not_before` argument
```

```release-note:enhancement
resource/aws_acm_certificate: Add `not_after` argument
```
18 changes: 18 additions & 0 deletions internal/service/acm/certificate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,14 @@ func ResourceCertificate() *schema.Resource {
},
Set: domainValidationOptionsHash,
},
"not_after": {
Type: schema.TypeString,
Computed: true,
},
"not_before": {
Type: schema.TypeString,
Computed: true,
},
"options": {
Type: schema.TypeList,
Optional: true,
Expand Down Expand Up @@ -362,6 +370,16 @@ func resourceCertificateRead(d *schema.ResourceData, meta interface{}) error {
if err := d.Set("domain_validation_options", domainValidationOptions); err != nil {
return fmt.Errorf("error setting domain_validation_options: %w", err)
}
if certificate.NotBefore != nil {
d.Set("not_before", aws.TimeValue(certificate.NotBefore).Format(time.RFC3339))
} else {
d.Set("not_before", nil)
}
if certificate.NotAfter != nil {
d.Set("not_after", aws.TimeValue(certificate.NotAfter).Format(time.RFC3339))
} else {
d.Set("not_after", nil)
}
if certificate.Options != nil {
if err := d.Set("options", []interface{}{flattenCertificateOptions(certificate.Options)}); err != nil {
return fmt.Errorf("error setting options: %w", err)
Expand Down
38 changes: 38 additions & 0 deletions internal/service/acm/certificate_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,8 @@ func TestAccACMCertificate_privateCert(t *testing.T) {
resource.TestCheckResourceAttr(resourceName, "validation_method", "NONE"),
resource.TestCheckResourceAttr(resourceName, "validation_option.#", "0"),
resource.TestCheckResourceAttrPair(resourceName, "certificate_authority_arn", certificateAuthorityResourceName, "arn"),
resource.TestCheckResourceAttr(resourceName, "not_before", ""),
resource.TestCheckResourceAttr(resourceName, "not_after", ""),
),
},
{
Expand Down Expand Up @@ -654,6 +656,42 @@ func TestAccACMCertificate_Imported_domainName(t *testing.T) {
})
}

// lintignore:AT002
func TestAccACMCertificate_Imported_validityDates(t *testing.T) {
resourceName := "aws_acm_certificate.test"
commonName := "example.com"
caKey := acctest.TLSRSAPrivateKeyPEM(2048)
caCertificate := acctest.TLSRSAX509SelfSignedCACertificatePEM(caKey)
key := acctest.TLSRSAPrivateKeyPEM(2048)
certificate := acctest.TLSRSAX509LocallySignedCertificatePEM(caKey, caCertificate, key, commonName)

var v acm.CertificateDetail

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t) },
ErrorCheck: acctest.ErrorCheck(t, acm.EndpointsID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckCertificateDestroy,
Steps: []resource.TestStep{
{
Config: testAccCertificateConfig_privateKey(certificate, key, caCertificate),
Check: resource.ComposeTestCheckFunc(
testAccCheckCertificateExists(resourceName, &v),
acctest.CheckResourceAttrRFC3339(resourceName, "not_before"),
acctest.CheckResourceAttrRFC3339(resourceName, "not_after"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
// These are not returned by the API
ImportStateVerifyIgnore: []string{"private_key", "certificate_body", "certificate_chain"},
},
},
})
}

// lintignore:AT002
func TestAccACMCertificate_Imported_ipAddress(t *testing.T) { // Reference: https://github.com/hashicorp/terraform-provider-aws/issues/7103
resourceName := "aws_acm_certificate.test"
Expand Down
2 changes: 2 additions & 0 deletions website/docs/r/acm_certificate.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,8 @@ In addition to all arguments above, the following attributes are exported:
* `arn` - The ARN of the certificate
* `domain_name` - The domain name for which the certificate is issued
* `domain_validation_options` - Set of domain validation objects which can be used to complete certificate validation. Can have more than one element, e.g., if SANs are defined. Only set if `DNS`-validation was used.
* `not_after` - The expiration date and time of the certificate.
* `not_before` - The start of the validity period of the certificate.
* `status` - Status of the certificate.
* `tags_all` - A map of tags assigned to the resource, including those inherited from the provider [`default_tags` configuration block](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags-configuration-block).
* `validation_emails` - A list of addresses that received a validation E-Mail. Only set if `EMAIL`-validation was used.
Expand Down