From 82fe67f7fc4f7e86fc0235d74db3e69fece4807c Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Fri, 18 Dec 2015 17:50:31 +0000 Subject: [PATCH 1/4] Add support for creating Managed Microsoft Active Directory in AWS This action is almost exactly the same as creating a SimpleAD so we reuse this resource and allow the user to specify the type when creating the directory (ignoring the size if the type is MicrosoftAD). --- ...esource_aws_directory_service_directory.go | 116 ++++++++++++++---- ...ce_aws_directory_service_directory_test.go | 44 +++++++ .../directory_service_directory.html.markdown | 6 +- 3 files changed, 138 insertions(+), 28 deletions(-) diff --git a/builtin/providers/aws/resource_aws_directory_service_directory.go b/builtin/providers/aws/resource_aws_directory_service_directory.go index 1fdb9491ee..3eb3d941dd 100644 --- a/builtin/providers/aws/resource_aws_directory_service_directory.go +++ b/builtin/providers/aws/resource_aws_directory_service_directory.go @@ -32,7 +32,7 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { }, "size": &schema.Schema{ Type: schema.TypeString, - Required: true, + Optional: true, ForceNew: true, }, "alias": &schema.Schema{ @@ -89,33 +89,20 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { }, "type": &schema.Schema{ Type: schema.TypeString, - Computed: true, + Optional: true, + Default: "SimpleAD", + ForceNew: true, }, }, } } -func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta interface{}) error { - dsconn := meta.(*AWSClient).dsconn - - input := directoryservice.CreateDirectoryInput{ - Name: aws.String(d.Get("name").(string)), - Password: aws.String(d.Get("password").(string)), - Size: aws.String(d.Get("size").(string)), - } - - if v, ok := d.GetOk("description"); ok { - input.Description = aws.String(v.(string)) - } - if v, ok := d.GetOk("short_name"); ok { - input.ShortName = aws.String(v.(string)) - } - +func buildVpcSettings(d *schema.ResourceData) (vpcSettings *directoryservice.DirectoryVpcSettings, err error) { if v, ok := d.GetOk("vpc_settings"); ok { settings := v.([]interface{}) if len(settings) > 1 { - return fmt.Errorf("Only a single vpc_settings block is expected") + return nil, fmt.Errorf("Only a single vpc_settings block is expected") } else if len(settings) == 1 { s := settings[0].(map[string]interface{}) var subnetIds []*string @@ -123,21 +110,98 @@ func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta int subnetIds = append(subnetIds, aws.String(id.(string))) } - vpcSettings := directoryservice.DirectoryVpcSettings{ + vpcSettings = &directoryservice.DirectoryVpcSettings{ SubnetIds: subnetIds, VpcId: aws.String(s["vpc_id"].(string)), } - input.VpcSettings = &vpcSettings } } - log.Printf("[DEBUG] Creating Directory Service: %s", input) + return vpcSettings, nil +} + +func createSimpleDirectoryService(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (directoryId string, err error) { + if _, ok := d.GetOk("size"); !ok { + return "", fmt.Errorf("size is required for type = SimpleAD") + } + + input := directoryservice.CreateDirectoryInput{ + Name: aws.String(d.Get("name").(string)), + Password: aws.String(d.Get("password").(string)), + Size: aws.String(d.Get("size").(string)), + } + + if v, ok := d.GetOk("description"); ok { + input.Description = aws.String(v.(string)) + } + if v, ok := d.GetOk("short_name"); ok { + input.ShortName = aws.String(v.(string)) + } + + input.VpcSettings, err = buildVpcSettings(d) + if err != nil { + return "", err + } + + log.Printf("[DEBUG] Creating Simple Directory Service: %s", input) out, err := dsconn.CreateDirectory(&input) + if err != nil { + return "", err + } + log.Printf("[DEBUG] Simple Directory Service created: %s", out) + + return *out.DirectoryId, nil +} + +func createActiveDirectoryService(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (directoryId string, err error) { + input := directoryservice.CreateMicrosoftADInput{ + Name: aws.String(d.Get("name").(string)), + Password: aws.String(d.Get("password").(string)), + } + + if v, ok := d.GetOk("description"); ok { + input.Description = aws.String(v.(string)) + } + if v, ok := d.GetOk("short_name"); ok { + input.ShortName = aws.String(v.(string)) + } + + input.VpcSettings, err = buildVpcSettings(d) + if err != nil { + return "", err + } + + log.Printf("[DEBUG] Creating Microsoft AD Directory Service: %s", input) + out, err := dsconn.CreateMicrosoftAD(&input) + if err != nil { + return "", err + } + log.Printf("[DEBUG] Microsoft AD Directory Service created: %s", out) + + return *out.DirectoryId, nil +} + +func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta interface{}) error { + dsconn := meta.(*AWSClient).dsconn + + var ( + directoryId string + err error + ) + + switch d.Get("type").(string) { + case "SimpleAD": + directoryId, err = createSimpleDirectoryService(dsconn, d) + case "MicrosoftAD": + directoryId, err = createActiveDirectoryService(dsconn, d) + default: + return fmt.Errorf("Unsupported directory type: %s", d.Get("type")) + } if err != nil { return err } - log.Printf("[DEBUG] Directory Service created: %s", out) - d.SetId(*out.DirectoryId) + + d.SetId(directoryId) // Wait for creation log.Printf("[DEBUG] Waiting for DS (%q) to become available", d.Id()) @@ -238,7 +302,9 @@ func resourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta inter if dir.ShortName != nil { d.Set("short_name", *dir.ShortName) } - d.Set("size", *dir.Size) + if dir.Size != nil { + d.Set("size", *dir.Size) + } d.Set("type", *dir.Type) d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings)) d.Set("enable_sso", *dir.SsoEnabled) diff --git a/builtin/providers/aws/resource_aws_directory_service_directory_test.go b/builtin/providers/aws/resource_aws_directory_service_directory_test.go index b10174bdb0..0c71996d93 100644 --- a/builtin/providers/aws/resource_aws_directory_service_directory_test.go +++ b/builtin/providers/aws/resource_aws_directory_service_directory_test.go @@ -27,6 +27,22 @@ func TestAccAWSDirectoryServiceDirectory_basic(t *testing.T) { }) } +func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccDirectoryServiceDirectoryConfig_microsoft, + Check: resource.ComposeTestCheckFunc( + testAccCheckServiceDirectoryExists("aws_directory_service_directory.bar"), + ), + }, + }, + }) +} + func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -192,6 +208,34 @@ resource "aws_subnet" "bar" { } ` +const testAccDirectoryServiceDirectoryConfig_microsoft = ` +resource "aws_directory_service_directory" "bar" { + name = "corp.notexample.com" + password = "SuperSecretPassw0rd" + type = "MicrosoftAD" + + vpc_settings { + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] + } +} + +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" +} + +resource "aws_subnet" "foo" { + vpc_id = "${aws_vpc.main.id}" + availability_zone = "us-west-2a" + cidr_block = "10.0.1.0/24" +} +resource "aws_subnet" "bar" { + vpc_id = "${aws_vpc.main.id}" + availability_zone = "us-west-2b" + cidr_block = "10.0.2.0/24" +} +` + var randomInteger = genRandInt() var testAccDirectoryServiceDirectoryConfig_withAlias = fmt.Sprintf(` resource "aws_directory_service_directory" "bar_a" { diff --git a/website/source/docs/providers/aws/r/directory_service_directory.html.markdown b/website/source/docs/providers/aws/r/directory_service_directory.html.markdown index 04049ee553..7a8854487d 100644 --- a/website/source/docs/providers/aws/r/directory_service_directory.html.markdown +++ b/website/source/docs/providers/aws/r/directory_service_directory.html.markdown @@ -8,7 +8,7 @@ description: |- # aws\_directory\_service\_directory -Provides a directory in AWS Directory Service. +Provides a Simple or Managed Microsoft directory in AWS Directory Service. ## Example Usage @@ -46,12 +46,13 @@ The following arguments are supported: * `name` - (Required) The fully qualified name for the directory, such as `corp.example.com` * `password` - (Required) The password for the directory administrator. -* `size` - (Required) The size of the directory (`Small` or `Large` are accepted values). +* `size` - (Required) The size of the directory (`Small` or `Large` are accepted values). Only used when `type` is `SimpleAD`. * `vpc_settings` - (Required) VPC related information about the directory. Fields documented below. * `alias` - (Optional) The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`. * `description` - (Optional) A textual description for the directory. * `short_name` - (Optional) The short name of the directory, such as `CORP`. * `enable_sso` - (Optional) Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`. +* `type` (Optional) - The directory type (`SimpleAD` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`. **vpc\_settings** supports the following: @@ -65,4 +66,3 @@ The following attributes are exported: * `id` - The directory identifier. * `access_url` - The access URL for the directory, such as `http://alias.awsapps.com`. * `dns_ip_addresses` - A list of IP addresses of the DNS servers for the directory. -* `type` - The directory type. From 6bf1011df4f4325d477747badd2236dfd3768224 Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Fri, 18 Dec 2015 19:56:58 +0000 Subject: [PATCH 2/4] Validate type earlier for aws_directory_service_directory Also DRY it up a little --- ...esource_aws_directory_service_directory.go | 32 ++++++++++++------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/builtin/providers/aws/resource_aws_directory_service_directory.go b/builtin/providers/aws/resource_aws_directory_service_directory.go index 3eb3d941dd..33c31957fb 100644 --- a/builtin/providers/aws/resource_aws_directory_service_directory.go +++ b/builtin/providers/aws/resource_aws_directory_service_directory.go @@ -12,6 +12,11 @@ import ( "github.com/hashicorp/terraform/helper/resource" ) +var directoryCreationFuncs = map[string]func(*directoryservice.DirectoryService, *schema.ResourceData) (string, error){ + "SimpleAD": createSimpleDirectoryService, + "MicrosoftAD": createActiveDirectoryService, +} + func resourceAwsDirectoryServiceDirectory() *schema.Resource { return &schema.Resource{ Create: resourceAwsDirectoryServiceDirectoryCreate, @@ -92,6 +97,17 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { Optional: true, Default: "SimpleAD", ForceNew: true, + ValidateFunc: func(v interface{}, k string) (ws []string, es []error) { + validTypes := []string{"SimpleAD", "MicrosoftAD"} + value := v.(string) + for validType, _ := range directoryCreationFuncs { + if validType == value { + return + } + } + es = append(es, fmt.Errorf("%q must be one of %q", k, validTypes)) + return + }, }, }, } @@ -184,19 +200,13 @@ func createActiveDirectoryService(dsconn *directoryservice.DirectoryService, d * func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta interface{}) error { dsconn := meta.(*AWSClient).dsconn - var ( - directoryId string - err error - ) - - switch d.Get("type").(string) { - case "SimpleAD": - directoryId, err = createSimpleDirectoryService(dsconn, d) - case "MicrosoftAD": - directoryId, err = createActiveDirectoryService(dsconn, d) - default: + creationFunc, ok := directoryCreationFuncs[d.Get("type").(string)] + if !ok { + // Shouldn't happen as this is validated above return fmt.Errorf("Unsupported directory type: %s", d.Get("type")) } + + directoryId, err := creationFunc(dsconn, d) if err != nil { return err } From 2d063818242210334194c31c50816b421abca87c Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Fri, 18 Dec 2015 20:07:34 +0000 Subject: [PATCH 3/4] Increase aws_directory_service_directory timeouts According to the AWS docs, creating a MS directory could take up to 25 minutes. --- .../providers/aws/resource_aws_directory_service_directory.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/builtin/providers/aws/resource_aws_directory_service_directory.go b/builtin/providers/aws/resource_aws_directory_service_directory.go index 33c31957fb..c22d972f7b 100644 --- a/builtin/providers/aws/resource_aws_directory_service_directory.go +++ b/builtin/providers/aws/resource_aws_directory_service_directory.go @@ -232,7 +232,7 @@ func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta int d.Id(), *ds.Stage) return ds, *ds.Stage, nil }, - Timeout: 10 * time.Minute, + Timeout: 30 * time.Minute, } if _, err := stateConf.WaitForState(); err != nil { return fmt.Errorf( @@ -355,7 +355,7 @@ func resourceAwsDirectoryServiceDirectoryDelete(d *schema.ResourceData, meta int d.Id(), *ds.Stage) return ds, *ds.Stage, nil }, - Timeout: 10 * time.Minute, + Timeout: 30 * time.Minute, } if _, err := stateConf.WaitForState(); err != nil { return fmt.Errorf( From 48bfd672969c74b6fa0d28492e099970ed179343 Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Fri, 18 Dec 2015 21:42:54 +0000 Subject: [PATCH 4/4] Add support for creating connectors to aws_directory_service_directory This adds support for creating AD Connectors. It is pretty close to the same as creating AD and simple directories so we reuse the resource. --- ...esource_aws_directory_service_directory.go | 115 +++++++++++++++++- ...ce_aws_directory_service_directory_test.go | 58 +++++++++ builtin/providers/aws/structure.go | 22 ++++ .../directory_service_directory.html.markdown | 16 ++- 4 files changed, 204 insertions(+), 7 deletions(-) diff --git a/builtin/providers/aws/resource_aws_directory_service_directory.go b/builtin/providers/aws/resource_aws_directory_service_directory.go index c22d972f7b..b56ca5d105 100644 --- a/builtin/providers/aws/resource_aws_directory_service_directory.go +++ b/builtin/providers/aws/resource_aws_directory_service_directory.go @@ -15,6 +15,7 @@ import ( var directoryCreationFuncs = map[string]func(*directoryservice.DirectoryService, *schema.ResourceData) (string, error){ "SimpleAD": createSimpleDirectoryService, "MicrosoftAD": createActiveDirectoryService, + "ADConnector": createDirectoryConnector, } func resourceAwsDirectoryServiceDirectory() *schema.Resource { @@ -59,9 +60,43 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { }, "vpc_settings": &schema.Schema{ Type: schema.TypeList, - Required: true, + Optional: true, + ForceNew: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "subnet_ids": &schema.Schema{ + Type: schema.TypeSet, + Required: true, + ForceNew: true, + Elem: &schema.Schema{Type: schema.TypeString}, + Set: schema.HashString, + }, + "vpc_id": &schema.Schema{ + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + }, + }, + }, + "connect_settings": &schema.Schema{ + Type: schema.TypeList, + Optional: true, + ForceNew: true, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ + "customer_username": &schema.Schema{ + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + "customer_dns_ips": &schema.Schema{ + Type: schema.TypeSet, + Required: true, + ForceNew: true, + Elem: &schema.Schema{Type: schema.TypeString}, + Set: schema.HashString, + }, "subnet_ids": &schema.Schema{ Type: schema.TypeSet, Required: true, @@ -114,7 +149,9 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource { } func buildVpcSettings(d *schema.ResourceData) (vpcSettings *directoryservice.DirectoryVpcSettings, err error) { - if v, ok := d.GetOk("vpc_settings"); ok { + if v, ok := d.GetOk("vpc_settings"); !ok { + return nil, fmt.Errorf("vpc_settings is required for type = SimpleAD or MicrosoftAD") + } else { settings := v.([]interface{}) if len(settings) > 1 { @@ -136,6 +173,72 @@ func buildVpcSettings(d *schema.ResourceData) (vpcSettings *directoryservice.Dir return vpcSettings, nil } +func buildConnectSettings(d *schema.ResourceData) (connectSettings *directoryservice.DirectoryConnectSettings, err error) { + if v, ok := d.GetOk("connect_settings"); !ok { + return nil, fmt.Errorf("connect_settings is required for type = ADConnector") + } else { + settings := v.([]interface{}) + + if len(settings) > 1 { + return nil, fmt.Errorf("Only a single connect_settings block is expected") + } else if len(settings) == 1 { + s := settings[0].(map[string]interface{}) + + var subnetIds []*string + for _, id := range s["subnet_ids"].(*schema.Set).List() { + subnetIds = append(subnetIds, aws.String(id.(string))) + } + + var customerDnsIps []*string + for _, id := range s["customer_dns_ips"].(*schema.Set).List() { + customerDnsIps = append(customerDnsIps, aws.String(id.(string))) + } + + connectSettings = &directoryservice.DirectoryConnectSettings{ + CustomerDnsIps: customerDnsIps, + CustomerUserName: aws.String(s["customer_username"].(string)), + SubnetIds: subnetIds, + VpcId: aws.String(s["vpc_id"].(string)), + } + } + } + + return connectSettings, nil +} + +func createDirectoryConnector(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (directoryId string, err error) { + if _, ok := d.GetOk("size"); !ok { + return "", fmt.Errorf("size is required for type = ADConnector") + } + + input := directoryservice.ConnectDirectoryInput{ + Name: aws.String(d.Get("name").(string)), + Password: aws.String(d.Get("password").(string)), + Size: aws.String(d.Get("size").(string)), + } + + if v, ok := d.GetOk("description"); ok { + input.Description = aws.String(v.(string)) + } + if v, ok := d.GetOk("short_name"); ok { + input.ShortName = aws.String(v.(string)) + } + + input.ConnectSettings, err = buildConnectSettings(d) + if err != nil { + return "", err + } + + log.Printf("[DEBUG] Creating Directory Connector: %s", input) + out, err := dsconn.ConnectDirectory(&input) + if err != nil { + return "", err + } + log.Printf("[DEBUG] Directory Connector created: %s", out) + + return *out.DirectoryId, nil +} + func createSimpleDirectoryService(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (directoryId string, err error) { if _, ok := d.GetOk("size"); !ok { return "", fmt.Errorf("size is required for type = SimpleAD") @@ -307,7 +410,12 @@ func resourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta inter if dir.Description != nil { d.Set("description", *dir.Description) } - d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.DnsIpAddrs))) + + if *dir.Type == "ADConnector" { + d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.ConnectSettings.ConnectIps))) + } else { + d.Set("dns_ip_addresses", schema.NewSet(schema.HashString, flattenStringList(dir.DnsIpAddrs))) + } d.Set("name", *dir.Name) if dir.ShortName != nil { d.Set("short_name", *dir.ShortName) @@ -317,6 +425,7 @@ func resourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta inter } d.Set("type", *dir.Type) d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings)) + d.Set("connect_settings", flattenDSConnectSettings(dir.DnsIpAddrs, dir.ConnectSettings)) d.Set("enable_sso", *dir.SsoEnabled) return nil diff --git a/builtin/providers/aws/resource_aws_directory_service_directory_test.go b/builtin/providers/aws/resource_aws_directory_service_directory_test.go index 0c71996d93..31848a4897 100644 --- a/builtin/providers/aws/resource_aws_directory_service_directory_test.go +++ b/builtin/providers/aws/resource_aws_directory_service_directory_test.go @@ -43,6 +43,22 @@ func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) { }) } +func TestAccAWSDirectoryServiceDirectory_connector(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccDirectoryServiceDirectoryConfig_connector, + Check: resource.ComposeTestCheckFunc( + testAccCheckServiceDirectoryExists("aws_directory_service_directory.connector"), + ), + }, + }, + }) +} + func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) { resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -208,6 +224,48 @@ resource "aws_subnet" "bar" { } ` +const testAccDirectoryServiceDirectoryConfig_connector = ` +resource "aws_directory_service_directory" "bar" { + name = "corp.notexample.com" + password = "SuperSecretPassw0rd" + size = "Small" + + vpc_settings { + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] + } +} + +resource "aws_directory_service_directory" "connector" { + name = "corp.notexample.com" + password = "SuperSecretPassw0rd" + size = "Small" + type = "ADConnector" + + connect_settings { + customer_dns_ips = ["${aws_directory_service_directory.bar.dns_ip_addresses}"] + customer_username = "Administrator" + vpc_id = "${aws_vpc.main.id}" + subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"] + } +} + +resource "aws_vpc" "main" { + cidr_block = "10.0.0.0/16" +} + +resource "aws_subnet" "foo" { + vpc_id = "${aws_vpc.main.id}" + availability_zone = "us-west-2a" + cidr_block = "10.0.1.0/24" +} +resource "aws_subnet" "bar" { + vpc_id = "${aws_vpc.main.id}" + availability_zone = "us-west-2b" + cidr_block = "10.0.2.0/24" +} +` + const testAccDirectoryServiceDirectoryConfig_microsoft = ` resource "aws_directory_service_directory" "bar" { name = "corp.notexample.com" diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go index 748ecc88be..1bcca71696 100644 --- a/builtin/providers/aws/structure.go +++ b/builtin/providers/aws/structure.go @@ -651,6 +651,28 @@ func flattenDSVpcSettings( s *directoryservice.DirectoryVpcSettingsDescription) []map[string]interface{} { settings := make(map[string]interface{}, 0) + if s == nil { + return nil + } + + settings["subnet_ids"] = schema.NewSet(schema.HashString, flattenStringList(s.SubnetIds)) + settings["vpc_id"] = *s.VpcId + + return []map[string]interface{}{settings} +} + +func flattenDSConnectSettings( + customerDnsIps []*string, + s *directoryservice.DirectoryConnectSettingsDescription) []map[string]interface{} { + if s == nil { + return nil + } + + settings := make(map[string]interface{}, 0) + + settings["customer_dns_ips"] = schema.NewSet(schema.HashString, flattenStringList(customerDnsIps)) + settings["connect_ips"] = schema.NewSet(schema.HashString, flattenStringList(s.ConnectIps)) + settings["customer_username"] = *s.CustomerUserName settings["subnet_ids"] = schema.NewSet(schema.HashString, flattenStringList(s.SubnetIds)) settings["vpc_id"] = *s.VpcId diff --git a/website/source/docs/providers/aws/r/directory_service_directory.html.markdown b/website/source/docs/providers/aws/r/directory_service_directory.html.markdown index 7a8854487d..83f07649b1 100644 --- a/website/source/docs/providers/aws/r/directory_service_directory.html.markdown +++ b/website/source/docs/providers/aws/r/directory_service_directory.html.markdown @@ -45,9 +45,10 @@ resource "aws_subnet" "bar" { The following arguments are supported: * `name` - (Required) The fully qualified name for the directory, such as `corp.example.com` -* `password` - (Required) The password for the directory administrator. -* `size` - (Required) The size of the directory (`Small` or `Large` are accepted values). Only used when `type` is `SimpleAD`. -* `vpc_settings` - (Required) VPC related information about the directory. Fields documented below. +* `password` - (Required) The password for the directory administrator or connector user. +* `size` - (Required for `SimpleAD` and `ADConnector`) The size of the directory (`Small` or `Large` are accepted values). +* `vpc_settings` - (Required for `SimpleAD` and `MicrosoftAD`) VPC related information about the directory. Fields documented below. +* `connect_settings` - (Required for `ADConnector`) Connector related information about the directory. Fields documented below. * `alias` - (Optional) The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`. * `description` - (Optional) A textual description for the directory. * `short_name` - (Optional) The short name of the directory, such as `CORP`. @@ -59,10 +60,17 @@ The following arguments are supported: * `subnet_ids` - (Required) The identifiers of the subnets for the directory servers (min. 2 subnets in 2 different AZs). * `vpc_id` - (Required) The identifier of the VPC that the directory is in. +**connect\_settings** supports the following: + +* `customer_username` - (Required) The username corresponding to the password provided. +* `customer_dns_ips` - (Required) The DNS IP addresses of the domain to connect to. +* `subnet_ids` - (Required) The identifiers of the subnets for the directory servers (min. 2 subnets in 2 different AZs). +* `vpc_id` - (Required) The identifier of the VPC that the directory is in. + ## Attributes Reference The following attributes are exported: * `id` - The directory identifier. * `access_url` - The access URL for the directory, such as `http://alias.awsapps.com`. -* `dns_ip_addresses` - A list of IP addresses of the DNS servers for the directory. +* `dns_ip_addresses` - A list of IP addresses of the DNS servers for the directory or connector.