Add aws_iot_certificate resource #1225
Conversation
|
Needs |
grubernaut
added
enhancement
aws/resource_aws_iot_certificate.go
Outdated
| } | ||
|
|
||
| func resourceAwsIotCertificateRead(d *schema.ResourceData, meta interface{}) error { | ||
|
|
There was a problem hiding this comment.
Extra line after function header
aws/resource_aws_iot_certificate.go
Outdated
| return err | ||
| } | ||
|
|
||
| d.Set("arn", out.CertificateDescription.CertificateArn) |
There was a problem hiding this comment.
is active also returned from the DescribeCertificate API call? If so, we need to set that here as well, to be able to catch any diffs between infra+state.
aws/resource_aws_iot_certificate.go
Outdated
| _, err = conn.UpdateCertificate(&iot.UpdateCertificateInput{ | ||
| CertificateId: aws.String(d.Id()), | ||
| NewStatus: aws.String("INACTIVE"), | ||
| }) |
There was a problem hiding this comment.
If I'm reading this correctly, if a user updates the csr, Terraform will create a new certificate resource, and leak the existing one? Should we delete the original certificate here as well?
There was a problem hiding this comment.
There is really no way to update the csr in API. Would it be more straightforward to delete the old one or just not allow changing it in the first place?
|
I changed it to prevent changing the CSR, since it requires creating a new cert |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Add IoT Certificate resource. Code is based on work from @jhedev. This one is super simple.