Skip to content

Commit

Permalink
Add aws_s3_bucket_cors_configuration resource (#12141)
Browse files Browse the repository at this point in the history
* docs: document S3 CORS configuration resource

* r/s3_bucket_cors_configuration: CR updates

* r/s3_bucket_cors_configuration: update ID methods to generic ones; docs formatting

* correct error message

Co-authored-by: Angie Pinilla <angie@hashicorp.com>
  • Loading branch information
drexler and anGie44 committed Jan 28, 2022
1 parent d84adb9 commit 2e358de
Show file tree
Hide file tree
Showing 6 changed files with 758 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .changelog/12141.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-resource
aws_s3_bucket_cors_configuration
```
1 change: 1 addition & 0 deletions internal/provider/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -1588,6 +1588,7 @@ func Provider() *schema.Provider {

"aws_s3_bucket": s3.ResourceBucket(),
"aws_s3_bucket_analytics_configuration": s3.ResourceBucketAnalyticsConfiguration(),
"aws_s3_bucket_cors_configuration": s3.ResourceBucketCorsConfiguration(),
"aws_s3_bucket_intelligent_tiering_configuration": s3.ResourceBucketIntelligentTieringConfiguration(),
"aws_s3_bucket_inventory": s3.ResourceBucketInventory(),
"aws_s3_bucket_metric": s3.ResourceBucketMetric(),
Expand Down
301 changes: 301 additions & 0 deletions internal/service/s3/bucket_cors_configuration.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,301 @@
package s3

import (
"context"
"fmt"
"log"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/s3"
"github.com/hashicorp/aws-sdk-go-base/tfawserr"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
"github.com/hashicorp/terraform-provider-aws/internal/conns"
"github.com/hashicorp/terraform-provider-aws/internal/flex"
"github.com/hashicorp/terraform-provider-aws/internal/verify"
)

func ResourceBucketCorsConfiguration() *schema.Resource {
return &schema.Resource{
CreateContext: resourceBucketCorsConfigurationCreate,
ReadContext: resourceBucketCorsConfigurationRead,
UpdateContext: resourceBucketCorsConfigurationUpdate,
DeleteContext: resourceBucketCorsConfigurationDelete,
Importer: &schema.ResourceImporter{
StateContext: schema.ImportStatePassthroughContext,
},

Schema: map[string]*schema.Schema{
"bucket": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validation.StringLenBetween(1, 63),
},
"expected_bucket_owner": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
ValidateFunc: verify.ValidAccountID,
},
"cors_rule": {
Type: schema.TypeSet,
Required: true,
MaxItems: 100,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"allowed_headers": {
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"allowed_methods": {
Type: schema.TypeSet,
Required: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"allowed_origins": {
Type: schema.TypeSet,
Required: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"expose_headers": {
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"id": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringLenBetween(0, 255),
},
"max_age_seconds": {
Type: schema.TypeInt,
Optional: true,
},
},
},
},
},
}
}

func resourceBucketCorsConfigurationCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).S3Conn

bucket := d.Get("bucket").(string)
expectedBucketOwner := d.Get("expected_bucket_owner").(string)

input := &s3.PutBucketCorsInput{
Bucket: aws.String(bucket),
CORSConfiguration: &s3.CORSConfiguration{
CORSRules: expandBucketCorsConfigurationCorsRules(d.Get("cors_rule").(*schema.Set).List()),
},
}

if expectedBucketOwner != "" {
input.ExpectedBucketOwner = aws.String(expectedBucketOwner)
}

_, err := verify.RetryOnAWSCode(s3.ErrCodeNoSuchBucket, func() (interface{}, error) {
return conn.PutBucketCorsWithContext(ctx, input)
})

if err != nil {
return diag.FromErr(fmt.Errorf("error creating S3 bucket (%s) CORS configuration: %w", bucket, err))
}

d.SetId(CreateResourceID(bucket, expectedBucketOwner))

return resourceBucketCorsConfigurationRead(ctx, d, meta)
}

func resourceBucketCorsConfigurationRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).S3Conn

bucket, expectedBucketOwner, err := ParseResourceID(d.Id())
if err != nil {
return diag.FromErr(err)
}

input := &s3.GetBucketCorsInput{
Bucket: aws.String(bucket),
}

if expectedBucketOwner != "" {
input.ExpectedBucketOwner = aws.String(expectedBucketOwner)
}

output, err := conn.GetBucketCorsWithContext(ctx, input)

if !d.IsNewResource() && tfawserr.ErrCodeEquals(err, s3.ErrCodeNoSuchBucket, ErrCodeNoSuchCORSConfiguration) {
log.Printf("[WARN] S3 Bucket CORS Configuration (%s) not found, removing from state", d.Id())
d.SetId("")
return nil
}

if err != nil {
return diag.FromErr(fmt.Errorf("error reading S3 bucket CORS configuration (%s): %w", d.Id(), err))
}

if output == nil {
if d.IsNewResource() {
return diag.FromErr(fmt.Errorf("error reading S3 bucket CORS configuration (%s): empty output", d.Id()))
}
log.Printf("[WARN] S3 Bucket CORS Configuration (%s) not found, removing from state", d.Id())
d.SetId("")
return nil
}

d.Set("bucket", bucket)
d.Set("expected_bucket_owner", expectedBucketOwner)

if err := d.Set("cors_rule", flattenBucketCorsConfigurationCorsRules(output.CORSRules)); err != nil {
return diag.FromErr(fmt.Errorf("error setting cors_rule: %w", err))
}

return nil
}

func resourceBucketCorsConfigurationUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).S3Conn

bucket, expectedBucketOwner, err := ParseResourceID(d.Id())
if err != nil {
return diag.FromErr(err)
}

input := &s3.PutBucketCorsInput{
Bucket: aws.String(bucket),
CORSConfiguration: &s3.CORSConfiguration{
CORSRules: expandBucketCorsConfigurationCorsRules(d.Get("cors_rule").(*schema.Set).List()),
},
}

if expectedBucketOwner != "" {
input.ExpectedBucketOwner = aws.String(expectedBucketOwner)
}

_, err = conn.PutBucketCorsWithContext(ctx, input)

if err != nil {
return diag.FromErr(fmt.Errorf("error updating S3 bucket CORS configuration (%s): %w", d.Id(), err))
}

return resourceBucketCorsConfigurationRead(ctx, d, meta)
}

func resourceBucketCorsConfigurationDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).S3Conn

bucket, expectedBucketOwner, err := ParseResourceID(d.Id())
if err != nil {
return diag.FromErr(err)
}

input := &s3.DeleteBucketCorsInput{
Bucket: aws.String(bucket),
}

if expectedBucketOwner != "" {
input.ExpectedBucketOwner = aws.String(expectedBucketOwner)
}

_, err = conn.DeleteBucketCorsWithContext(ctx, input)

if tfawserr.ErrCodeEquals(err, s3.ErrCodeNoSuchBucket) {
return nil
}

if err != nil {
return diag.FromErr(fmt.Errorf("error deleting S3 bucket CORS configuration (%s): %w", d.Id(), err))
}

return nil
}

func expandBucketCorsConfigurationCorsRules(l []interface{}) []*s3.CORSRule {
if len(l) == 0 {
return nil
}

var rules []*s3.CORSRule

for _, tfMapRaw := range l {
tfMap, ok := tfMapRaw.(map[string]interface{})
if !ok {
continue
}

rule := &s3.CORSRule{}

if v, ok := tfMap["allowed_headers"].(*schema.Set); ok && v.Len() > 0 {
rule.AllowedHeaders = flex.ExpandStringSet(v)
}

if v, ok := tfMap["allowed_methods"].(*schema.Set); ok && v.Len() > 0 {
rule.AllowedMethods = flex.ExpandStringSet(v)
}

if v, ok := tfMap["allowed_origins"].(*schema.Set); ok && v.Len() > 0 {
rule.AllowedOrigins = flex.ExpandStringSet(v)
}

if v, ok := tfMap["expose_headers"].(*schema.Set); ok && v.Len() > 0 {
rule.ExposeHeaders = flex.ExpandStringSet(v)
}

if v, ok := tfMap["id"].(string); ok && v != "" {
rule.ID = aws.String(v)
}

if v, ok := tfMap["max_age_seconds"].(int); ok {
rule.MaxAgeSeconds = aws.Int64(int64(v))
}

rules = append(rules, rule)
}

return rules
}

func flattenBucketCorsConfigurationCorsRules(rules []*s3.CORSRule) []interface{} {
var results []interface{}

for _, rule := range rules {
if rule == nil {
continue
}

m := make(map[string]interface{})

if len(rule.AllowedHeaders) > 0 {
m["allowed_headers"] = flex.FlattenStringSet(rule.AllowedHeaders)
}

if len(rule.AllowedMethods) > 0 {
m["allowed_methods"] = flex.FlattenStringSet(rule.AllowedMethods)
}

if len(rule.AllowedOrigins) > 0 {
m["allowed_origins"] = flex.FlattenStringSet(rule.AllowedOrigins)
}

if len(rule.ExposeHeaders) > 0 {
m["expose_headers"] = flex.FlattenStringSet(rule.ExposeHeaders)
}

if rule.ID != nil {
m["id"] = aws.StringValue(rule.ID)
}

if rule.MaxAgeSeconds != nil {
m["max_age_seconds"] = aws.Int64Value(rule.MaxAgeSeconds)
}

results = append(results, m)
}

return results
}
Loading

0 comments on commit 2e358de

Please sign in to comment.