Add support for creating connectors to aws_directory_service_directory

This adds support for creating AD Connectors. It is pretty close to the same as creating AD and simple directories so we reuse the resource.
10 years ago · 48bfd67296
parent 2d06381824
commit 48bfd67296
4 changed files with 204 additions and 7 deletions
--- a/builtin/providers/aws/resource_aws_directory_service_directory.go
+++ b/builtin/providers/aws/resource_aws_directory_service_directory.go
@ -15,6 +15,7 @@ import (
 var directoryCreationFuncs = map[string]func(*directoryservice.DirectoryService, *schema.ResourceData) (string, error){
 	"SimpleAD":    createSimpleDirectoryService,
 	"MicrosoftAD": createActiveDirectoryService,
+	"ADConnector": createDirectoryConnector,
 }

 func resourceAwsDirectoryServiceDirectory() *schema.Resource {
@ -59,9 +60,43 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource {
 			},
 			"vpc_settings": &schema.Schema{
 				Type:     schema.TypeList,
-				Required: true,
+				Optional: true,
+				ForceNew: true,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						"subnet_ids": &schema.Schema{
+							Type:     schema.TypeSet,
+							Required: true,
+							ForceNew: true,
+							Elem:     &schema.Schema{Type: schema.TypeString},
+							Set:      schema.HashString,
+						},
+						"vpc_id": &schema.Schema{
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+					},
+				},
+			},
+			"connect_settings": &schema.Schema{
+				Type:     schema.TypeList,
+				Optional: true,
+				ForceNew: true,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
+						"customer_username": &schema.Schema{
+							Type:     schema.TypeString,
+							Required: true,
+							ForceNew: true,
+						},
+						"customer_dns_ips": &schema.Schema{
+							Type:     schema.TypeSet,
+							Required: true,
+							ForceNew: true,
+							Elem:     &schema.Schema{Type: schema.TypeString},
+							Set:      schema.HashString,
+						},
 						"subnet_ids": &schema.Schema{
 							Type:     schema.TypeSet,
 							Required: true,
@ -114,7 +149,9 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource {
 }

 func buildVpcSettings(d *schema.ResourceData) (vpcSettings *directoryservice.DirectoryVpcSettings, err error) {
-	if v, ok := d.GetOk("vpc_settings"); ok {
+	if v, ok := d.GetOk("vpc_settings"); !ok {
+		return nil, fmt.Errorf("vpc_settings is required for type = SimpleAD or MicrosoftAD")
+	} else {
 		settings := v.([]interface{})

 		if len(settings) > 1 {
@ -136,6 +173,72 @@ func buildVpcSettings(d *schema.ResourceData) (vpcSettings *directoryservice.Dir
 	return vpcSettings, nil
 }

+func buildConnectSettings(d *schema.ResourceData) (connectSettings *directoryservice.DirectoryConnectSettings, err error) {
+	if v, ok := d.GetOk("connect_settings"); !ok {
+		return nil, fmt.Errorf("connect_settings is required for type = ADConnector")
+	} else {
+		settings := v.([]interface{})
+
+		if len(settings) > 1 {
+			return nil, fmt.Errorf("Only a single connect_settings block is expected")
+		} else if len(settings) == 1 {
+			s := settings[0].(map[string]interface{})
+
+			var subnetIds []*string
+			for _, id := range s["subnet_ids"].(*schema.Set).List() {
+				subnetIds = append(subnetIds, aws.String(id.(string)))
+			}
+
+			var customerDnsIps []*string
+			for _, id := range s["customer_dns_ips"].(*schema.Set).List() {
+				customerDnsIps = append(customerDnsIps, aws.String(id.(string)))
+			}
+
+			connectSettings = &directoryservice.DirectoryConnectSettings{
+				CustomerDnsIps:   customerDnsIps,
+				CustomerUserName: aws.String(s["customer_username"].(string)),
+				SubnetIds:        subnetIds,
+				VpcId:            aws.String(s["vpc_id"].(string)),
+			}
+		}
+	}
+
+	return connectSettings, nil
+}
+
+func createDirectoryConnector(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (directoryId string, err error) {
+	if _, ok := d.GetOk("size"); !ok {
+		return "", fmt.Errorf("size is required for type = ADConnector")
+	}
+
+	input := directoryservice.ConnectDirectoryInput{
+		Name:     aws.String(d.Get("name").(string)),
+		Password: aws.String(d.Get("password").(string)),
+		Size:     aws.String(d.Get("size").(string)),
+	}
+
+	if v, ok := d.GetOk("description"); ok {
+		input.Description = aws.String(v.(string))
+	}
+	if v, ok := d.GetOk("short_name"); ok {
+		input.ShortName = aws.String(v.(string))
+	}
+
+	input.ConnectSettings, err = buildConnectSettings(d)
+	if err != nil {
+		return "", err
+	}
+
+	log.Printf("[DEBUG] Creating Directory Connector: %s", input)
+	out, err := dsconn.ConnectDirectory(&input)
+	if err != nil {
+		return "", err
+	}
+	log.Printf("[DEBUG] Directory Connector created: %s", out)
+
+	return *out.DirectoryId, nil
+}
+
 func createSimpleDirectoryService(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (directoryId string, err error) {
 	if _, ok := d.GetOk("size"); !ok {
 		return "", fmt.Errorf("size is required for type = SimpleAD")
@ -307,7 +410,12 @@ func resourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta inter
 	if dir.Description != nil {
 		d.Set("description", *dir.Description)
 	}
-	d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.DnsIpAddrs)))
+
+	if *dir.Type == "ADConnector" {
+		d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.ConnectSettings.ConnectIps)))
+	} else {
+		d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.DnsIpAddrs)))
+	}
 	d.Set("name", *dir.Name)
 	if dir.ShortName != nil {
 		d.Set("short_name", *dir.ShortName)
@ -317,6 +425,7 @@ func resourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta inter
 	}
 	d.Set("type", *dir.Type)
 	d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings))
+	d.Set("connect_settings", flattenDSConnectSettings(dir.DnsIpAddrs, dir.ConnectSettings))
 	d.Set("enable_sso", *dir.SsoEnabled)

 	return nil
--- a/builtin/providers/aws/resource_aws_directory_service_directory_test.go
+++ b/builtin/providers/aws/resource_aws_directory_service_directory_test.go
@ -43,6 +43,22 @@ func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) {
 	})
 }

+func TestAccAWSDirectoryServiceDirectory_connector(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccDirectoryServiceDirectoryConfig_connector,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckServiceDirectoryExists("aws_directory_service_directory.connector"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
@ -208,6 +224,48 @@ resource "aws_subnet" "bar" {
 }
 `

+const testAccDirectoryServiceDirectoryConfig_connector = `
+resource "aws_directory_service_directory" "bar" {
+  name = "corp.notexample.com"
+  password = "SuperSecretPassw0rd"
+  size = "Small"
+
+  vpc_settings {
+    vpc_id = "${aws_vpc.main.id}"
+    subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"]
+  }
+}
+
+resource "aws_directory_service_directory" "connector" {
+  name = "corp.notexample.com"
+  password = "SuperSecretPassw0rd"
+  size = "Small"
+  type = "ADConnector"
+
+  connect_settings {
+    customer_dns_ips = ["${aws_directory_service_directory.bar.dns_ip_addresses}"]
+    customer_username = "Administrator"
+    vpc_id = "${aws_vpc.main.id}"
+    subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"]
+  }
+}
+
+resource "aws_vpc" "main" {
+  cidr_block = "10.0.0.0/16"
+}
+
+resource "aws_subnet" "foo" {
+  vpc_id = "${aws_vpc.main.id}"
+  availability_zone = "us-west-2a"
+  cidr_block = "10.0.1.0/24"
+}
+resource "aws_subnet" "bar" {
+  vpc_id = "${aws_vpc.main.id}"
+  availability_zone = "us-west-2b"
+  cidr_block = "10.0.2.0/24"
+}
+`
+
 const testAccDirectoryServiceDirectoryConfig_microsoft = `
 resource "aws_directory_service_directory" "bar" {
  name = "corp.notexample.com"
--- a/builtin/providers/aws/structure.go
+++ b/builtin/providers/aws/structure.go
@ -651,6 +651,28 @@ func flattenDSVpcSettings(
 	s *directoryservice.DirectoryVpcSettingsDescription) []map[string]interface{} {
 	settings := make(map[string]interface{}, 0)

+	if s == nil {
+		return nil
+	}
+
+	settings["subnet_ids"] = schema.NewSet(schema.HashString, flattenStringList(s.SubnetIds))
+	settings["vpc_id"] = *s.VpcId
+
+	return []map[string]interface{}{settings}
+}
+
+func flattenDSConnectSettings(
+	customerDnsIps []*string,
+	s *directoryservice.DirectoryConnectSettingsDescription) []map[string]interface{} {
+	if s == nil {
+		return nil
+	}
+
+	settings := make(map[string]interface{}, 0)
+
+	settings["customer_dns_ips"] = schema.NewSet(schema.HashString, flattenStringList(customerDnsIps))
+	settings["connect_ips"] = schema.NewSet(schema.HashString, flattenStringList(s.ConnectIps))
+	settings["customer_username"] = *s.CustomerUserName
 	settings["subnet_ids"] = schema.NewSet(schema.HashString, flattenStringList(s.SubnetIds))
 	settings["vpc_id"] = *s.VpcId

--- a/website/source/docs/providers/aws/r/directory_service_directory.html.markdown
+++ b/website/source/docs/providers/aws/r/directory_service_directory.html.markdown
@ -45,9 +45,10 @@ resource "aws_subnet" "bar" {
 The following arguments are supported:

 * `name` - (Required) The fully qualified name for the directory, such as `corp.example.com`
-* `password` - (Required) The password for the directory administrator.
-* `size` - (Required) The size of the directory (`Small` or `Large` are accepted values). Only used when `type` is `SimpleAD`.
-* `vpc_settings` - (Required) VPC related information about the directory. Fields documented below.
+* `password` - (Required) The password for the directory administrator or connector user.
+* `size` - (Required for `SimpleAD` and `ADConnector`) The size of the directory (`Small` or `Large` are accepted values).
+* `vpc_settings` - (Required for `SimpleAD` and `MicrosoftAD`) VPC related information about the directory. Fields documented below.
+* `connect_settings` - (Required for `ADConnector`) Connector related information about the directory. Fields documented below.
 * `alias` - (Optional) The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.
 * `description` - (Optional) A textual description for the directory.
 * `short_name` - (Optional) The short name of the directory, such as `CORP`.
@ -59,10 +60,17 @@ The following arguments are supported:
 * `subnet_ids` - (Required) The identifiers of the subnets for the directory servers (min. 2 subnets in 2 different AZs).
 * `vpc_id` - (Required) The identifier of the VPC that the directory is in.

+**connect\_settings** supports the following:
+
+* `customer_username` - (Required) The username corresponding to the password provided.
+* `customer_dns_ips` - (Required) The DNS IP addresses of the domain to connect to.
+* `subnet_ids` - (Required) The identifiers of the subnets for the directory servers (min. 2 subnets in 2 different AZs).
+* `vpc_id` - (Required) The identifier of the VPC that the directory is in.
+
 ## Attributes Reference

 The following attributes are exported:

 * `id` - The directory identifier.
 * `access_url` - The access URL for the directory, such as `http://alias.awsapps.com`.
-* `dns_ip_addresses` - A list of IP addresses of the DNS servers for the directory.
+* `dns_ip_addresses` - A list of IP addresses of the DNS servers for the directory or connector.