diff --git a/aws/provider.go b/aws/provider.go index 70e1963f428..6898cce6fd4 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -491,6 +491,7 @@ func Provider() terraform.ResourceProvider { "aws_mq_broker": resourceAwsMqBroker(), "aws_mq_configuration": resourceAwsMqConfiguration(), "aws_media_store_container": resourceAwsMediaStoreContainer(), + "aws_media_store_container_policy": resourceAwsMediaStoreContainerPolicy(), "aws_nat_gateway": resourceAwsNatGateway(), "aws_network_acl": resourceAwsNetworkAcl(), "aws_default_network_acl": resourceAwsDefaultNetworkAcl(), diff --git a/aws/resource_aws_media_store_container_policy.go b/aws/resource_aws_media_store_container_policy.go new file mode 100644 index 00000000000..b3469fe9c2e --- /dev/null +++ b/aws/resource_aws_media_store_container_policy.go @@ -0,0 +1,103 @@ +package aws + +import ( + "log" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/mediastore" + "github.com/hashicorp/terraform/helper/schema" +) + +func resourceAwsMediaStoreContainerPolicy() *schema.Resource { + return &schema.Resource{ + Create: resourceAwsMediaStoreContainerPolicyPut, + Read: resourceAwsMediaStoreContainerPolicyRead, + Update: resourceAwsMediaStoreContainerPolicyPut, + Delete: resourceAwsMediaStoreContainerPolicyDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "container_name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "policy": { + Type: schema.TypeString, + Required: true, + ValidateFunc: validateIAMPolicyJson, + DiffSuppressFunc: suppressEquivalentAwsPolicyDiffs, + }, + }, + } +} + +func resourceAwsMediaStoreContainerPolicyPut(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).mediastoreconn + + input := &mediastore.PutContainerPolicyInput{ + ContainerName: aws.String(d.Get("container_name").(string)), + Policy: aws.String(d.Get("policy").(string)), + } + + _, err := conn.PutContainerPolicy(input) + if err != nil { + return err + } + + d.SetId(d.Get("container_name").(string)) + return resourceAwsMediaStoreContainerPolicyRead(d, meta) +} + +func resourceAwsMediaStoreContainerPolicyRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).mediastoreconn + + input := &mediastore.GetContainerPolicyInput{ + ContainerName: aws.String(d.Id()), + } + + resp, err := conn.GetContainerPolicy(input) + if err != nil { + if isAWSErr(err, mediastore.ErrCodeContainerNotFoundException, "") { + log.Printf("[WARN] MediaContainer Policy %q not found, removing from state", d.Id()) + d.SetId("") + return nil + } + if isAWSErr(err, mediastore.ErrCodePolicyNotFoundException, "") { + log.Printf("[WARN] MediaContainer Policy %q not found, removing from state", d.Id()) + d.SetId("") + return nil + } + return err + } + + d.Set("container_name", d.Id()) + d.Set("policy", resp.Policy) + return nil +} + +func resourceAwsMediaStoreContainerPolicyDelete(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).mediastoreconn + + input := &mediastore.DeleteContainerPolicyInput{ + ContainerName: aws.String(d.Id()), + } + + _, err := conn.DeleteContainerPolicy(input) + if err != nil { + if isAWSErr(err, mediastore.ErrCodeContainerNotFoundException, "") { + return nil + } + if isAWSErr(err, mediastore.ErrCodePolicyNotFoundException, "") { + return nil + } + // if isAWSErr(err, mediastore.ErrCodeContainerInUseException, "Container must be ACTIVE in order to perform this operation") { + // return nil + // } + return err + } + + return nil +} diff --git a/aws/resource_aws_media_store_container_policy_test.go b/aws/resource_aws_media_store_container_policy_test.go new file mode 100644 index 00000000000..8c8cd359ef1 --- /dev/null +++ b/aws/resource_aws_media_store_container_policy_test.go @@ -0,0 +1,144 @@ +package aws + +import ( + "fmt" + "testing" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/mediastore" + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccAWSMediaStoreContainerPolicy_basic(t *testing.T) { + rname := acctest.RandString(5) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsMediaStoreContainerPolicyDestroy, + Steps: []resource.TestStep{ + { + Config: testAccMediaStoreContainerPolicyConfig(rname, acctest.RandString(5)), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsMediaStoreContainerPolicyExists("aws_media_store_container_policy.test"), + resource.TestCheckResourceAttrSet("aws_media_store_container_policy.test", "container_name"), + resource.TestCheckResourceAttrSet("aws_media_store_container_policy.test", "policy"), + ), + }, + { + Config: testAccMediaStoreContainerPolicyConfig(rname, acctest.RandString(5)), + Check: resource.ComposeTestCheckFunc( + testAccCheckAwsMediaStoreContainerPolicyExists("aws_media_store_container_policy.test"), + resource.TestCheckResourceAttrSet("aws_media_store_container_policy.test", "container_name"), + resource.TestCheckResourceAttrSet("aws_media_store_container_policy.test", "policy"), + ), + }, + }, + }) +} + +func TestAccAWSMediaStoreContainerPolicy_import(t *testing.T) { + resourceName := "aws_media_store_container_policy.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAwsMediaStoreContainerPolicyDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccMediaStoreContainerPolicyConfig(acctest.RandString(5), acctest.RandString(5)), + }, + resource.TestStep{ + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAccCheckAwsMediaStoreContainerPolicyDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*AWSClient).mediastoreconn + + for _, rs := range s.RootModule().Resources { + if rs.Type != "aws_media_store_container_policy" { + continue + } + + input := &mediastore.GetContainerPolicyInput{ + ContainerName: aws.String(rs.Primary.ID), + } + + _, err := conn.GetContainerPolicy(input) + if err != nil { + if isAWSErr(err, mediastore.ErrCodeContainerNotFoundException, "") { + return nil + } + if isAWSErr(err, mediastore.ErrCodePolicyNotFoundException, "") { + return nil + } + if isAWSErr(err, mediastore.ErrCodeContainerInUseException, "Container must be ACTIVE in order to perform this operation") { + return nil + } + return err + } + + return fmt.Errorf("Expected MediaStore Container Policy to be destroyed, %s found", rs.Primary.ID) + } + return nil +} + +func testAccCheckAwsMediaStoreContainerPolicyExists(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("Not found: %s", name) + } + + conn := testAccProvider.Meta().(*AWSClient).mediastoreconn + + input := &mediastore.GetContainerPolicyInput{ + ContainerName: aws.String(rs.Primary.ID), + } + + _, err := conn.GetContainerPolicy(input) + if err != nil { + return err + } + + return nil + } +} + +func testAccMediaStoreContainerPolicyConfig(rName, sid string) string { + return fmt.Sprintf(` +data "aws_region" "current" {} + +data "aws_caller_identity" "current" {} + +resource "aws_media_store_container" "test" { + name = "tf_mediastore_%s" +} + +resource "aws_media_store_container_policy" "test" { + container_name = "${aws_media_store_container.test.name}" + policy = <> aws_media_store_container + > + aws_media_store_container_policy + diff --git a/website/docs/r/media_store_container_policy.html.markdown b/website/docs/r/media_store_container_policy.html.markdown new file mode 100644 index 00000000000..0f38e6368de --- /dev/null +++ b/website/docs/r/media_store_container_policy.html.markdown @@ -0,0 +1,57 @@ +--- +layout: "aws" +page_title: "AWS: aws_media_store_container_policy" +sidebar_current: "docs-aws-resource-media-store-container-policy" +description: |- + Provides a MediaStore Container Policy. +--- + +# aws_media_store_container_policy + +Provides a MediaStore Container Policy. + +## Example Usage + +```hcl +data "aws_region" "current" {} + +data "aws_caller_identity" "current" {} + +resource "aws_media_store_container" "example" { + name = "example" +} + +resource "aws_media_store_container_policy" "example" { + container_name = "${aws_media_store_container.example.name}" + policy = <