From 0f7b0dff5deb3ecbfc18c881529a3be779285ab8 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Fri, 13 Jul 2018 13:44:38 -0400 Subject: [PATCH] data-source/aws_iam_user: Add permissions_boundary attribute --- aws/data_source_aws_iam_user.go | 14 +++++++++++--- aws/data_source_aws_iam_user_test.go | 3 ++- website/docs/d/iam_user.html.markdown | 3 +-- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/aws/data_source_aws_iam_user.go b/aws/data_source_aws_iam_user.go index 72d3e47d9384..2a627b918bb5 100644 --- a/aws/data_source_aws_iam_user.go +++ b/aws/data_source_aws_iam_user.go @@ -1,11 +1,11 @@ package aws import ( + "fmt" "log" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/iam" - "github.com/hashicorp/errwrap" "github.com/hashicorp/terraform/helper/schema" ) @@ -22,6 +22,10 @@ func dataSourceAwsIAMUser() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "permissions_boundary": { + Type: schema.TypeString, + Computed: true, + }, "user_id": { Type: schema.TypeString, Computed: true, @@ -44,13 +48,17 @@ func dataSourceAwsIAMUserRead(d *schema.ResourceData, meta interface{}) error { log.Printf("[DEBUG] Reading IAM User: %s", req) resp, err := iamconn.GetUser(req) if err != nil { - return errwrap.Wrapf("error getting user: {{err}}", err) + return fmt.Errorf("error getting user: %s", err) } user := resp.User - d.SetId(*user.UserId) + d.SetId(aws.StringValue(user.UserId)) d.Set("arn", user.Arn) d.Set("path", user.Path) + d.Set("permissions_boundary", "") + if user.PermissionsBoundary != nil { + d.Set("permissions_boundary", user.PermissionsBoundary.PermissionsBoundaryArn) + } d.Set("user_id", user.UserId) return nil diff --git a/aws/data_source_aws_iam_user_test.go b/aws/data_source_aws_iam_user_test.go index df96b0e7f92c..7c2015b1c5b0 100644 --- a/aws/data_source_aws_iam_user_test.go +++ b/aws/data_source_aws_iam_user_test.go @@ -21,8 +21,9 @@ func TestAccAWSDataSourceIAMUser_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttrSet("data.aws_iam_user.test", "user_id"), resource.TestCheckResourceAttr("data.aws_iam_user.test", "path", "/"), + resource.TestCheckResourceAttr("data.aws_iam_user.test", "permissions_boundary", ""), resource.TestCheckResourceAttr("data.aws_iam_user.test", "user_name", userName), - resource.TestMatchResourceAttr("data.aws_iam_user.test", "arn", regexp.MustCompile("^arn:aws:iam::[0-9]{12}:user/"+userName)), + resource.TestMatchResourceAttr("data.aws_iam_user.test", "arn", regexp.MustCompile("^arn:[^:]+:iam::[0-9]{12}:user/"+userName)), ), }, }, diff --git a/website/docs/d/iam_user.html.markdown b/website/docs/d/iam_user.html.markdown index 09835aad46f7..b7c3672276fa 100644 --- a/website/docs/d/iam_user.html.markdown +++ b/website/docs/d/iam_user.html.markdown @@ -27,7 +27,6 @@ data "aws_iam_user" "example" { ## Attributes Reference * `arn` - The Amazon Resource Name (ARN) assigned by AWS for this user. - * `path` - Path in which this user was created. - +* `permissions_boundary` - The ARN of the policy that is used to set the permissions boundary for the user. * `user_id` - The unique ID assigned by AWS for this user.