From d08f86ea24ec0ffd54f9bac32a9d54e42f93bc9a Mon Sep 17 00:00:00 2001 From: Ben Watson Date: Tue, 8 Jan 2019 10:07:02 -0500 Subject: [PATCH 1/2] adds enable_alks_access field to iam role and trust role resources --- resource_alks_iamrole.go | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/resource_alks_iamrole.go b/resource_alks_iamrole.go index 9482084a..08c886d1 100644 --- a/resource_alks_iamrole.go +++ b/resource_alks_iamrole.go @@ -44,6 +44,12 @@ func resourceAlksIamRole() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "enable_alks_access": &schema.Schema{ + Type: schema.TypeBool, + Default: false, + Optional: true, + ForceNew: true, + }, }, } } @@ -83,6 +89,12 @@ func resourceAlksIamTrustRole() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "enable_alks_access": &schema.Schema{ + Type: schema.TypeBool, + Default: false, + Optional: true, + ForceNew: true, + }, }, } } @@ -93,9 +105,10 @@ func resourceAlksIamRoleCreate(d *schema.ResourceData, meta interface{}) error { var roleName = d.Get("name").(string) var roleType = d.Get("type").(string) var incDefPol = d.Get("include_default_policies").(bool) + var enableAlksAccess = d.Get("enable_alks_access").(bool) client := meta.(*alks.Client) - resp, err := client.CreateIamRole(roleName, roleType, incDefPol) + resp, err := client.CreateIamRole(roleName, roleType, incDefPol, enableAlksAccess) if err != nil { return err @@ -117,13 +130,14 @@ func resourceAlksIamTrustRoleCreate(d *schema.ResourceData, meta interface{}) er var roleName = d.Get("name").(string) var roleType = d.Get("type").(string) var trustArn = d.Get("trust_arn").(string) + var enableAlksAccess = d.Get("enable_alks_access").(bool) client := meta.(*alks.Client) var resp *alks.IamRoleResponse err := resource.Retry(2*time.Minute, func() *resource.RetryError { var err error - resp, err = client.CreateIamTrustRole(roleName, roleType, trustArn) + resp, err = client.CreateIamTrustRole(roleName, roleType, trustArn, enableAlksAccess) if err != nil { return resource.RetryableError(err) } From 3474ec85cfe184e7c00e8157b92c43b16d5d3478 Mon Sep 17 00:00:00 2001 From: Ben Watson Date: Thu, 10 Jan 2019 13:58:05 -0500 Subject: [PATCH 2/2] updates alks-go dependency --- Godeps/Godeps.json | 2 +- .../Cox-Automotive/alks-go/iam_role.go | 16 ++++++++++------ 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index 1e88be6b..9fe8b2ba 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -5,7 +5,7 @@ "Deps": [ { "ImportPath": "github.com/Cox-Automotive/alks-go", - "Rev": "4a87d235c4553dba29ddd235db623425c68aa851" + "Rev": "b8d8670a4cf3cefd352e73dc532f22880085dede" }, { "ImportPath": "github.com/apparentlymart/go-cidr/cidr", diff --git a/vendor/github.com/Cox-Automotive/alks-go/iam_role.go b/vendor/github.com/Cox-Automotive/alks-go/iam_role.go index 41aca26e..ee86e83d 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/iam_role.go +++ b/vendor/github.com/Cox-Automotive/alks-go/iam_role.go @@ -13,13 +13,15 @@ type IamRoleRequest struct { RoleName string `json:"roleName"` RoleType string `json:"roleType"` IncDefPols int `json:"includeDefaultPolicy"` + AlksAccess bool `json:"enableAlksAccess"` } // IamTrustRoleRequest is used to represent a new IAM Trust Role request. type IamTrustRoleRequest struct { - RoleName string `json:"roleName"` - RoleType string `json:"roleType"` - TrustArn string `json:"trustArn"` + RoleName string `json:"roleName"` + RoleType string `json:"roleType"` + TrustArn string `json:"trustArn"` + AlksAccess bool `json:"enableAlksAccess"` } // IamRoleResponse is used to represent a a IAM Role. @@ -55,10 +57,10 @@ type DeleteRoleResponse struct { // CreateIamRole will create a new IAM role on AWS. If no error is returned // then you will receive a IamRoleResponse object representing the new role. -func (c *Client) CreateIamRole(roleName string, roleType string, includeDefaultPolicies bool) (*IamRoleResponse, error) { +func (c *Client) CreateIamRole(roleName string, roleType string, includeDefaultPolicies, enableAlksAccess bool) (*IamRoleResponse, error) { log.Printf("[INFO] Creating IAM role: %s", roleName) - var include int = 0 + var include int if includeDefaultPolicies { include = 1 } @@ -67,6 +69,7 @@ func (c *Client) CreateIamRole(roleName string, roleType string, includeDefaultP roleName, roleType, include, + enableAlksAccess, } var b []byte @@ -113,13 +116,14 @@ func (c *Client) CreateIamRole(roleName string, roleType string, includeDefaultP // CreateIamTrustRole will create a new IAM trust role on AWS. If no error is returned // then you will receive a IamRoleResponse object representing the new role. -func (c *Client) CreateIamTrustRole(roleName string, roleType string, trustArn string) (*IamRoleResponse, error) { +func (c *Client) CreateIamTrustRole(roleName string, roleType string, trustArn string, enableAlksAccess bool) (*IamRoleResponse, error) { log.Printf("[INFO] Creating IAM trust role: %s", roleName) iam := IamTrustRoleRequest{ roleName, roleType, trustArn, + enableAlksAccess, } var b []byte