func resourceAwsApiGatewayIntegrationCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
var integrationHttpMethod *string
if v, ok := d.GetOk("integration_http_method"); ok {
integrationHttpMethod = aws.String(v.(string))
}
var uri *string
if v, ok := d.GetOk("uri"); ok {
uri = aws.String(v.(string))
}
templates := make(map[string]string)
for k, v := range d.Get("request_templates").(map[string]interface{}) {
templates[k] = v.(string)
}
parameters := make(map[string]string)
if v, ok := d.GetOk("request_parameters_in_json"); ok {
if err := json.Unmarshal([]byte(v.(string)), ¶meters); err != nil {
return fmt.Errorf("Error unmarshaling request_parameters_in_json: %s", err)
}
}
var passthroughBehavior *string
if v, ok := d.GetOk("passthrough_behavior"); ok {
passthroughBehavior = aws.String(v.(string))
}
var credentials *string
if val, ok := d.GetOk("credentials"); ok {
credentials = aws.String(val.(string))
}
_, err := conn.PutIntegration(&apigateway.PutIntegrationInput{
HttpMethod: aws.String(d.Get("http_method").(string)),
ResourceId: aws.String(d.Get("resource_id").(string)),
RestApiId: aws.String(d.Get("rest_api_id").(string)),
Type: aws.String(d.Get("type").(string)),
IntegrationHttpMethod: integrationHttpMethod,
Uri: uri,
// TODO reimplement once [GH-2143](https://github.com/hashicorp/terraform/issues/2143) has been implemented
RequestParameters: aws.StringMap(parameters),
RequestTemplates: aws.StringMap(templates),
Credentials: credentials,
CacheNamespace: nil,
CacheKeyParameters: nil,
PassthroughBehavior: passthroughBehavior,
})
if err != nil {
return fmt.Errorf("Error creating API Gateway Integration: %s", err)
}
d.SetId(fmt.Sprintf("agi-%s-%s-%s", d.Get("rest_api_id").(string), d.Get("resource_id").(string), d.Get("http_method").(string)))
return nil
}
func resourceAwsApiGatewayDeploymentCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
// Create the gateway
log.Printf("[DEBUG] Creating API Gateway Deployment")
variables := make(map[string]string)
for k, v := range d.Get("variables").(map[string]interface{}) {
variables[k] = v.(string)
}
var err error
deployment, err := conn.CreateDeployment(&apigateway.CreateDeploymentInput{
RestApiId: aws.String(d.Get("rest_api_id").(string)),
StageName: aws.String(d.Get("stage_name").(string)),
Description: aws.String(d.Get("description").(string)),
StageDescription: aws.String(d.Get("stage_description").(string)),
Variables: aws.StringMap(variables),
})
if err != nil {
return fmt.Errorf("Error creating API Gateway Deployment: %s", err)
}
d.SetId(*deployment.Id)
log.Printf("[DEBUG] API Gateway Deployment ID: %s", d.Id())
return nil
}
func resourceAwsApiGatewayIntegrationResponseCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
templates := make(map[string]string)
for k, v := range d.Get("response_templates").(map[string]interface{}) {
templates[k] = v.(string)
}
input := apigateway.PutIntegrationResponseInput{
HttpMethod: aws.String(d.Get("http_method").(string)),
ResourceId: aws.String(d.Get("resource_id").(string)),
RestApiId: aws.String(d.Get("rest_api_id").(string)),
StatusCode: aws.String(d.Get("status_code").(string)),
ResponseTemplates: aws.StringMap(templates),
// TODO implement once [GH-2143](https://github.com/hashicorp/terraform/issues/2143) has been implemented
ResponseParameters: nil,
}
if v, ok := d.GetOk("selection_pattern"); ok {
input.SelectionPattern = aws.String(v.(string))
}
_, err := conn.PutIntegrationResponse(&input)
if err != nil {
return fmt.Errorf("Error creating API Gateway Integration Response: %s", err)
}
d.SetId(fmt.Sprintf("agir-%s-%s-%s-%s", d.Get("rest_api_id").(string), d.Get("resource_id").(string), d.Get("http_method").(string), d.Get("status_code").(string)))
log.Printf("[DEBUG] API Gateway Integration Response ID: %s", d.Id())
return resourceAwsApiGatewayIntegrationResponseRead(d, meta)
}
func resourceAwsApiGatewayMethodResponseCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
models := make(map[string]string)
for k, v := range d.Get("response_models").(map[string]interface{}) {
models[k] = v.(string)
}
parameters := make(map[string]bool)
if v, ok := d.GetOk("response_parameters_in_json"); ok {
if err := json.Unmarshal([]byte(v.(string)), ¶meters); err != nil {
return fmt.Errorf("Error unmarshaling request_parameters_in_json: %s", err)
}
}
_, err := conn.PutMethodResponse(&apigateway.PutMethodResponseInput{
HttpMethod: aws.String(d.Get("http_method").(string)),
ResourceId: aws.String(d.Get("resource_id").(string)),
RestApiId: aws.String(d.Get("rest_api_id").(string)),
StatusCode: aws.String(d.Get("status_code").(string)),
ResponseModels: aws.StringMap(models),
// TODO reimplement once [GH-2143](https://github.com/hashicorp/terraform/issues/2143) has been implemented
ResponseParameters: aws.BoolMap(parameters),
})
if err != nil {
return fmt.Errorf("Error creating API Gateway Method Response: %s", err)
}
d.SetId(fmt.Sprintf("agmr-%s-%s-%s-%s", d.Get("rest_api_id").(string), d.Get("resource_id").(string), d.Get("http_method").(string), d.Get("status_code").(string)))
log.Printf("[DEBUG] API Gateway Method ID: %s", d.Id())
return nil
}
func resourceAwsApiGatewayMethodCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
models := make(map[string]string)
for k, v := range d.Get("request_models").(map[string]interface{}) {
models[k] = v.(string)
}
parameters := make(map[string]bool)
if parameterData, ok := d.GetOk("request_parameters"); ok {
params := parameterData.(*schema.Set).List()
for k := range params {
parameters[params[k].(string)] = true
}
}
_, err := conn.PutMethod(&apigateway.PutMethodInput{
AuthorizationType: aws.String(d.Get("authorization").(string)),
HttpMethod: aws.String(d.Get("http_method").(string)),
ResourceId: aws.String(d.Get("resource_id").(string)),
RestApiId: aws.String(d.Get("rest_api_id").(string)),
RequestModels: aws.StringMap(models),
// TODO implement once [GH-2143](https://github.com/hashicorp/terraform/issues/2143) has been implemented
RequestParameters: nil,
ApiKeyRequired: aws.Bool(d.Get("api_key_required").(bool)),
})
if err != nil {
return fmt.Errorf("Error creating API Gateway Method: %s", err)
}
d.SetId(fmt.Sprintf("agm-%s-%s-%s", d.Get("rest_api_id").(string), d.Get("resource_id").(string), d.Get("http_method").(string)))
log.Printf("[DEBUG] API Gateway Method ID: %s", d.Id())
return nil
}
func resourceAwsApiGatewayIntegrationResponseCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
templates := make(map[string]string)
for k, v := range d.Get("response_templates").(map[string]interface{}) {
templates[k] = v.(string)
}
parameters := make(map[string]string)
if kv, ok := d.GetOk("response_parameters"); ok {
for k, v := range kv.(map[string]interface{}) {
parameters[k] = v.(string)
}
}
if v, ok := d.GetOk("response_parameters_in_json"); ok {
if err := json.Unmarshal([]byte(v.(string)), ¶meters); err != nil {
return fmt.Errorf("Error unmarshaling response_parameters_in_json: %s", err)
}
}
var contentHandling *string
if val, ok := d.GetOk("content_handling"); ok {
contentHandling = aws.String(val.(string))
}
input := apigateway.PutIntegrationResponseInput{
HttpMethod: aws.String(d.Get("http_method").(string)),
ResourceId: aws.String(d.Get("resource_id").(string)),
RestApiId: aws.String(d.Get("rest_api_id").(string)),
StatusCode: aws.String(d.Get("status_code").(string)),
ResponseTemplates: aws.StringMap(templates),
ResponseParameters: aws.StringMap(parameters),
ContentHandling: contentHandling,
}
if v, ok := d.GetOk("selection_pattern"); ok {
input.SelectionPattern = aws.String(v.(string))
}
_, err := conn.PutIntegrationResponse(&input)
if err != nil {
return fmt.Errorf("Error creating API Gateway Integration Response: %s", err)
}
d.SetId(fmt.Sprintf("agir-%s-%s-%s-%s", d.Get("rest_api_id").(string), d.Get("resource_id").(string), d.Get("http_method").(string), d.Get("status_code").(string)))
log.Printf("[DEBUG] API Gateway Integration Response ID: %s", d.Id())
return resourceAwsApiGatewayIntegrationResponseRead(d, meta)
}
func createScheduleRunInput(p *model.RunParameters) *devicefarm.ScheduleRunInput {
var wg sync.WaitGroup
result := &devicefarm.ScheduleRunInput{
ProjectArn: aws.String(p.ProjectArn),
Test: &devicefarm.ScheduleRunTest{},
Configuration: &devicefarm.ScheduleRunConfiguration{
Radios: &devicefarm.Radios{
Bluetooth: aws.Bool(true),
Gps: aws.Bool(true),
Nfc: aws.Bool(true),
Wifi: aws.Bool(true),
},
Location: &devicefarm.Location{
Latitude: aws.Float64(47.6204),
Longitude: aws.Float64(-122.3491),
},
},
}
result.Name = aws.String(p.Config.RunName)
result.Configuration.AuxiliaryApps = aws.StringSlice(p.Config.AdditionalData.AuxiliaryApps)
if p.Config.AdditionalData.BillingMethod != "" {
result.Configuration.BillingMethod = aws.String(p.Config.AdditionalData.BillingMethod)
}
result.Configuration.Locale = aws.String(p.Config.AdditionalData.Locale)
if p.Config.AdditionalData.Location.Latitude != 0 {
result.Configuration.Location.Latitude = aws.Float64(p.Config.AdditionalData.Location.Latitude)
}
if p.Config.AdditionalData.Location.Longitude != 0 {
result.Configuration.Location.Longitude = aws.Float64(p.Config.AdditionalData.Location.Longitude)
}
if p.Config.AdditionalData.NetworkProfileArn != "" {
result.Configuration.NetworkProfileArn = aws.String(p.Config.AdditionalData.NetworkProfileArn)
}
result.Configuration.Radios.Bluetooth = aws.Bool(stringToBool(p.Config.AdditionalData.Radios.Bluetooth))
result.Configuration.Radios.Gps = aws.Bool(stringToBool(p.Config.AdditionalData.Radios.Gps))
result.Configuration.Radios.Nfc = aws.Bool(stringToBool(p.Config.AdditionalData.Radios.Nfc))
result.Configuration.Radios.Wifi = aws.Bool(stringToBool(p.Config.AdditionalData.Radios.Wifi))
result.Test.Filter = aws.String(p.Config.Test.Filter)
result.Test.Parameters = aws.StringMap(p.Config.Test.Parameters)
if p.Config.Test.Type != "" {
result.Test.Type = aws.String(p.Config.Test.Type)
} else {
result.Test.Type = aws.String("BUILTIN_FUZZ")
}
if p.Config.Test.TestPackageArn != "" {
result.Test.TestPackageArn = aws.String(p.Config.Test.TestPackageArn)
} else {
uploadTestPackage(p, result, &wg)
}
if p.Config.AdditionalData.ExtraDataPackageArn != "" {
result.Configuration.ExtraDataPackageArn = aws.String(p.Config.AdditionalData.ExtraDataPackageArn)
} else {
uploadExtraData(p, result, &wg)
}
wg.Wait()
return result
}
// Decrypt decrypts the encrypted key.
func (k *Kms) Decrypt(keyCiphertext []byte, secretID string) ([]byte, error) {
do, err := k.client.Decrypt(&kms.DecryptInput{
EncryptionContext: aws.StringMap(map[string]string{
"SecretId": secretID,
}),
CiphertextBlob: keyCiphertext,
})
return do.Plaintext, err
}
// GenerateEnvelopeKey generates an EnvelopeKey under a specific KeyID.
func (k *Kms) GenerateEnvelopeKey(keyID string, secretID string) (EnvelopeKey, error) {
generateDataKeyInput := &kms.GenerateDataKeyInput{
KeyId: aws.String(keyID),
EncryptionContext: aws.StringMap(map[string]string{
"SecretId": secretID,
}),
NumberOfBytes: aws.Int64(32)}
gdko, err := k.client.GenerateDataKey(generateDataKeyInput)
return EnvelopeKey{gdko.Plaintext, gdko.CiphertextBlob}, err
}
func resourceAwsApiGatewayMethodCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
input := apigateway.PutMethodInput{
AuthorizationType: aws.String(d.Get("authorization").(string)),
HttpMethod: aws.String(d.Get("http_method").(string)),
ResourceId: aws.String(d.Get("resource_id").(string)),
RestApiId: aws.String(d.Get("rest_api_id").(string)),
ApiKeyRequired: aws.Bool(d.Get("api_key_required").(bool)),
}
models := make(map[string]string)
for k, v := range d.Get("request_models").(map[string]interface{}) {
models[k] = v.(string)
}
if len(models) > 0 {
input.RequestModels = aws.StringMap(models)
}
parameters := make(map[string]bool)
if kv, ok := d.GetOk("request_parameters"); ok {
for k, v := range kv.(map[string]interface{}) {
parameters[k], ok = v.(bool)
if !ok {
value, _ := strconv.ParseBool(v.(string))
parameters[k] = value
}
}
input.RequestParameters = aws.BoolMap(parameters)
}
if v, ok := d.GetOk("request_parameters_in_json"); ok {
if err := json.Unmarshal([]byte(v.(string)), ¶meters); err != nil {
return fmt.Errorf("Error unmarshaling request_parameters_in_json: %s", err)
}
input.RequestParameters = aws.BoolMap(parameters)
}
if v, ok := d.GetOk("authorizer_id"); ok {
input.AuthorizerId = aws.String(v.(string))
}
_, err := conn.PutMethod(&input)
if err != nil {
return fmt.Errorf("Error creating API Gateway Method: %s", err)
}
d.SetId(fmt.Sprintf("agm-%s-%s-%s", d.Get("rest_api_id").(string), d.Get("resource_id").(string), d.Get("http_method").(string)))
log.Printf("[DEBUG] API Gateway Method ID: %s", d.Id())
return nil
}
func resourceAwsSqsQueuePolicyDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).sqsconn
url := d.Get("queue_url").(string)
log.Printf("[DEBUG] Deleting SQS Queue Policy of %s", url)
_, err := conn.SetQueueAttributes(&sqs.SetQueueAttributesInput{
QueueUrl: aws.String(url),
Attributes: aws.StringMap(map[string]string{
"Policy": "",
}),
})
if err != nil {
return fmt.Errorf("Error deleting SQS Queue policy: %s", err)
}
return nil
}
func TestStringMap(t *testing.T) {
for idx, in := range testCasesStringMap {
if in == nil {
continue
}
out := aws.StringMap(in)
assert.Len(t, out, len(in), "Unexpected len at idx %d", idx)
for i := range out {
assert.Equal(t, in[i], *(out[i]), "Unexpected value at idx %d", idx)
}
out2 := aws.StringValueMap(out)
assert.Len(t, out2, len(in), "Unexpected len at idx %d", idx)
assert.Equal(t, in, out2, "Unexpected value at idx %d", idx)
}
}
func resourceAwsSqsQueuePolicyUpsert(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).sqsconn
url := d.Get("queue_url").(string)
_, err := conn.SetQueueAttributes(&sqs.SetQueueAttributesInput{
QueueUrl: aws.String(url),
Attributes: aws.StringMap(map[string]string{
"Policy": d.Get("policy").(string),
}),
})
if err != nil {
return fmt.Errorf("Error updating SQS attributes: %s", err)
}
d.SetId("sqs-policy-" + url)
return resourceAwsSqsQueuePolicyRead(d, meta)
}
// decrypt returns a KMS decrypted byte array
// See http://docs.aws.amazon.com/sdk-for-go/api/service/kms/KMS.html#Decrypt-instance_method
func decrypt(payload []byte, svc *kms.KMS) ([]byte, error) {
params := &kms.DecryptInput{
CiphertextBlob: payload,
EncryptionContext: aws.StringMap(map[string]string{
"Key": "EncryptionContextValue",
}),
GrantTokens: aws.StringSlice([]string{
"GrantTokenType",
}),
}
resp, err := svc.Decrypt(params)
if err != nil {
return nil, err
}
return resp.Plaintext, nil
}
// encrypt returns a KMS encrypted byte array
// See http://docs.aws.amazon.com/sdk-for-go/api/service/kms/KMS.html#Encrypt-instance_method
func encrypt(payload []byte, svc *kms.KMS, keyID string) ([]byte, error) {
params := &kms.EncryptInput{
KeyId: aws.String(keyID),
Plaintext: payload,
EncryptionContext: aws.StringMap(map[string]string{
"Key": "EncryptionContextValue",
}),
GrantTokens: aws.StringSlice([]string{
"GrantTokenType",
}),
}
resp, err := svc.Encrypt(params)
if err != nil {
return nil, err
}
return resp.CiphertextBlob, nil
}
func resourceAwsApiGatewayMethodResponseCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).apigateway
models := make(map[string]string)
for k, v := range d.Get("response_models").(map[string]interface{}) {
models[k] = v.(string)
}
parameters := make(map[string]bool)
if kv, ok := d.GetOk("response_parameters"); ok {
for k, v := range kv.(map[string]interface{}) {
parameters[k], ok = v.(bool)
if !ok {
value, _ := strconv.ParseBool(v.(string))
parameters[k] = value
}
}
}
if v, ok := d.GetOk("response_parameters_in_json"); ok {
if err := json.Unmarshal([]byte(v.(string)), ¶meters); err != nil {
return fmt.Errorf("Error unmarshaling request_parameters_in_json: %s", err)
}
}
_, err := conn.PutMethodResponse(&apigateway.PutMethodResponseInput{
HttpMethod: aws.String(d.Get("http_method").(string)),
ResourceId: aws.String(d.Get("resource_id").(string)),
RestApiId: aws.String(d.Get("rest_api_id").(string)),
StatusCode: aws.String(d.Get("status_code").(string)),
ResponseModels: aws.StringMap(models),
ResponseParameters: aws.BoolMap(parameters),
})
if err != nil {
return fmt.Errorf("Error creating API Gateway Method Response: %s", err)
}
d.SetId(fmt.Sprintf("agmr-%s-%s-%s-%s", d.Get("rest_api_id").(string), d.Get("resource_id").(string), d.Get("http_method").(string), d.Get("status_code").(string)))
log.Printf("[DEBUG] API Gateway Method ID: %s", d.Id())
return nil
}
// convertToContainerDef transforms each service in the compose yml
// to an equivalent container definition
func convertToContainerDef(inputCfg *libcompose.ServiceConfig,
volumes map[string]string, outputContDef *ecs.ContainerDefinition) error {
// setting memory
var mem int64
if inputCfg.MemLimit != 0 {
mem = inputCfg.MemLimit / kiB / kiB // convert bytes to MiB
}
if mem == 0 {
mem = defaultMemLimit
}
// convert environment variables
// TODO, read env file
environment := []*ecs.KeyValuePair{}
for _, env := range inputCfg.Environment.Slice() {
parts := strings.SplitN(env, "=", 2)
name := &parts[0]
var value *string
if len(parts) > 1 {
value = &parts[1]
}
environment = append(environment, &ecs.KeyValuePair{
Name: name,
Value: value,
})
}
// convert port mappings
portMappings, err := convertToPortMappings(*outputContDef.Name, inputCfg.Ports)
if err != nil {
return err
}
// convert volumes from
volumesFrom := []*ecs.VolumeFrom{}
for _, val := range inputCfg.VolumesFrom {
volumeFrom := &ecs.VolumeFrom{
SourceContainer: aws.String(val),
}
volumesFrom = append(volumesFrom, volumeFrom)
}
// convert mount points
mountPoints, err := convertToMountPoints(inputCfg.Volumes, volumes)
if err != nil {
return err
}
// convert extra hosts
extraHosts, err := convertToExtraHosts(inputCfg.ExtraHosts)
if err != nil {
return err
}
// convert log configuration
var logConfig *ecs.LogConfiguration
if inputCfg.LogDriver != "" {
logConfig = &ecs.LogConfiguration{
LogDriver: aws.String(inputCfg.LogDriver),
Options: aws.StringMap(inputCfg.LogOpt),
}
}
// convert ulimits
ulimits, err := convertToULimits(inputCfg.ULimits)
if err != nil {
return err
}
// populating container definition, offloading the validation to aws-sdk
outputContDef.Cpu = aws.Int64(inputCfg.CpuShares)
outputContDef.Command = aws.StringSlice(inputCfg.Command.Slice())
outputContDef.DnsSearchDomains = aws.StringSlice(inputCfg.DNSSearch.Slice())
outputContDef.DnsServers = aws.StringSlice(inputCfg.DNS.Slice())
outputContDef.DockerLabels = aws.StringMap(inputCfg.Labels.MapParts())
outputContDef.DockerSecurityOptions = aws.StringSlice(inputCfg.SecurityOpt)
outputContDef.EntryPoint = aws.StringSlice(inputCfg.Entrypoint.Slice())
outputContDef.Environment = environment
outputContDef.ExtraHosts = extraHosts
if inputCfg.Hostname != "" {
outputContDef.Hostname = aws.String(inputCfg.Hostname)
}
outputContDef.Image = aws.String(inputCfg.Image)
outputContDef.Links = aws.StringSlice(inputCfg.Links.Slice()) //TODO, read from external links
outputContDef.LogConfiguration = logConfig
outputContDef.Memory = aws.Int64(mem)
outputContDef.MountPoints = mountPoints
outputContDef.Privileged = aws.Bool(inputCfg.Privileged)
outputContDef.PortMappings = portMappings
outputContDef.ReadonlyRootFilesystem = aws.Bool(inputCfg.ReadOnly)
outputContDef.Ulimits = ulimits
if inputCfg.User != "" {
outputContDef.User = aws.String(inputCfg.User)
}
outputContDef.VolumesFrom = volumesFrom
if inputCfg.WorkingDir != "" {
outputContDef.WorkingDirectory = aws.String(inputCfg.WorkingDir)
}
return nil
}
// convertToContainerDef transforms each service in the compose yml
// to an equivalent container definition
func convertToContainerDef(context *project.Context, inputCfg *config.ServiceConfig,
volumes map[string]string, outputContDef *ecs.ContainerDefinition) error {
// setting memory
var mem int64
if inputCfg.MemLimit != 0 {
mem = int64(inputCfg.MemLimit) / kiB / kiB // convert bytes to MiB
}
if mem == 0 {
mem = defaultMemLimit
}
// convert environment variables
environment := convertToKeyValuePairs(context, inputCfg.Environment, *outputContDef.Name)
// convert port mappings
portMappings, err := convertToPortMappings(*outputContDef.Name, inputCfg.Ports)
if err != nil {
return err
}
// convert volumes from
volumesFrom, err := convertToVolumesFrom(inputCfg.VolumesFrom)
if err != nil {
return err
}
// convert mount points
mountPoints, err := convertToMountPoints(inputCfg.Volumes, volumes)
if err != nil {
return err
}
// convert extra hosts
extraHosts, err := convertToExtraHosts(inputCfg.ExtraHosts)
if err != nil {
return err
}
// convert log configuration
var logConfig *ecs.LogConfiguration
if inputCfg.Logging.Driver != "" {
logConfig = &ecs.LogConfiguration{
LogDriver: aws.String(inputCfg.Logging.Driver),
Options: aws.StringMap(inputCfg.Logging.Options),
}
}
// convert ulimits
ulimits, err := convertToULimits(inputCfg.Ulimits)
if err != nil {
return err
}
// populating container definition, offloading the validation to aws-sdk
outputContDef.Cpu = aws.Int64(int64(inputCfg.CPUShares))
outputContDef.Command = aws.StringSlice(inputCfg.Command)
outputContDef.DnsSearchDomains = aws.StringSlice(inputCfg.DNSSearch)
outputContDef.DnsServers = aws.StringSlice(inputCfg.DNS)
outputContDef.DockerLabels = aws.StringMap(inputCfg.Labels)
outputContDef.DockerSecurityOptions = aws.StringSlice(inputCfg.SecurityOpt)
outputContDef.EntryPoint = aws.StringSlice(inputCfg.Entrypoint)
outputContDef.Environment = environment
outputContDef.ExtraHosts = extraHosts
if inputCfg.Hostname != "" {
outputContDef.Hostname = aws.String(inputCfg.Hostname)
}
outputContDef.Image = aws.String(inputCfg.Image)
outputContDef.Links = aws.StringSlice(inputCfg.Links) //TODO, read from external links
outputContDef.LogConfiguration = logConfig
outputContDef.Memory = aws.Int64(mem)
outputContDef.MountPoints = mountPoints
outputContDef.Privileged = aws.Bool(inputCfg.Privileged)
outputContDef.PortMappings = portMappings
outputContDef.ReadonlyRootFilesystem = aws.Bool(inputCfg.ReadOnly)
outputContDef.Ulimits = ulimits
if inputCfg.User != "" {
outputContDef.User = aws.String(inputCfg.User)
}
outputContDef.VolumesFrom = volumesFrom
if inputCfg.WorkingDir != "" {
outputContDef.WorkingDirectory = aws.String(inputCfg.WorkingDir)
}
return nil
}
// resourceAwsLambdaFunctionUpdate maps to:
// UpdateFunctionCode in the API / SDK
func resourceAwsLambdaFunctionUpdate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).lambdaconn
d.Partial(true)
if d.HasChange("filename") || d.HasChange("source_code_hash") || d.HasChange("s3_bucket") || d.HasChange("s3_key") || d.HasChange("s3_object_version") {
codeReq := &lambda.UpdateFunctionCodeInput{
FunctionName: aws.String(d.Id()),
Publish: aws.Bool(d.Get("publish").(bool)),
}
if v, ok := d.GetOk("filename"); ok {
// Grab an exclusive lock so that we're only reading one function into
// memory at a time.
// See https://github.com/hashicorp/terraform/issues/9364
awsMutexKV.Lock(awsMutexLambdaKey)
defer awsMutexKV.Unlock(awsMutexLambdaKey)
file, err := loadFileContent(v.(string))
if err != nil {
return fmt.Errorf("Unable to load %q: %s", v.(string), err)
}
codeReq.ZipFile = file
} else {
s3Bucket, _ := d.GetOk("s3_bucket")
s3Key, _ := d.GetOk("s3_key")
s3ObjectVersion, versionOk := d.GetOk("s3_object_version")
codeReq.S3Bucket = aws.String(s3Bucket.(string))
codeReq.S3Key = aws.String(s3Key.(string))
if versionOk {
codeReq.S3ObjectVersion = aws.String(s3ObjectVersion.(string))
}
}
log.Printf("[DEBUG] Send Update Lambda Function Code request: %#v", codeReq)
_, err := conn.UpdateFunctionCode(codeReq)
if err != nil {
return fmt.Errorf("Error modifying Lambda Function Code %s: %s", d.Id(), err)
}
d.SetPartial("filename")
d.SetPartial("source_code_hash")
d.SetPartial("s3_bucket")
d.SetPartial("s3_key")
d.SetPartial("s3_object_version")
}
configReq := &lambda.UpdateFunctionConfigurationInput{
FunctionName: aws.String(d.Id()),
}
configUpdate := false
if d.HasChange("description") {
configReq.Description = aws.String(d.Get("description").(string))
configUpdate = true
}
if d.HasChange("handler") {
configReq.Handler = aws.String(d.Get("handler").(string))
configUpdate = true
}
if d.HasChange("memory_size") {
configReq.MemorySize = aws.Int64(int64(d.Get("memory_size").(int)))
configUpdate = true
}
if d.HasChange("role") {
configReq.Role = aws.String(d.Get("role").(string))
configUpdate = true
}
if d.HasChange("timeout") {
configReq.Timeout = aws.Int64(int64(d.Get("timeout").(int)))
configUpdate = true
}
if d.HasChange("kms_key_arn") {
configReq.KMSKeyArn = aws.String(d.Get("kms_key_arn").(string))
configUpdate = true
}
if d.HasChange("environment") {
if v, ok := d.GetOk("environment"); ok {
environments := v.([]interface{})
environment, ok := environments[0].(map[string]interface{})
if !ok {
return errors.New("At least one field is expected inside environment")
}
if environmentVariables, ok := environment["variables"]; ok {
variables := readEnvironmentVariables(environmentVariables.(map[string]interface{}))
configReq.Environment = &lambda.Environment{
Variables: aws.StringMap(variables),
}
configUpdate = true
}
} else {
configReq.Environment = &lambda.Environment{
Variables: aws.StringMap(map[string]string{}),
}
configUpdate = true
}
}
if configUpdate {
log.Printf("[DEBUG] Send Update Lambda Function Configuration request: %#v", configReq)
_, err := conn.UpdateFunctionConfiguration(configReq)
if err != nil {
return fmt.Errorf("Error modifying Lambda Function Configuration %s: %s", d.Id(), err)
}
d.SetPartial("description")
d.SetPartial("handler")
d.SetPartial("memory_size")
d.SetPartial("role")
d.SetPartial("timeout")
}
d.Partial(false)
return resourceAwsLambdaFunctionRead(d, meta)
}
// resourceAwsLambdaFunction maps to:
// CreateFunction in the API / SDK
func resourceAwsLambdaFunctionCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).lambdaconn
functionName := d.Get("function_name").(string)
iamRole := d.Get("role").(string)
log.Printf("[DEBUG] Creating Lambda Function %s with role %s", functionName, iamRole)
filename, hasFilename := d.GetOk("filename")
s3Bucket, bucketOk := d.GetOk("s3_bucket")
s3Key, keyOk := d.GetOk("s3_key")
s3ObjectVersion, versionOk := d.GetOk("s3_object_version")
if !hasFilename && !bucketOk && !keyOk && !versionOk {
return errors.New("filename or s3_* attributes must be set")
}
var functionCode *lambda.FunctionCode
if hasFilename {
// Grab an exclusive lock so that we're only reading one function into
// memory at a time.
// See https://github.com/hashicorp/terraform/issues/9364
awsMutexKV.Lock(awsMutexLambdaKey)
defer awsMutexKV.Unlock(awsMutexLambdaKey)
file, err := loadFileContent(filename.(string))
if err != nil {
return fmt.Errorf("Unable to load %q: %s", filename.(string), err)
}
functionCode = &lambda.FunctionCode{
ZipFile: file,
}
} else {
if !bucketOk || !keyOk {
return errors.New("s3_bucket and s3_key must all be set while using S3 code source")
}
functionCode = &lambda.FunctionCode{
S3Bucket: aws.String(s3Bucket.(string)),
S3Key: aws.String(s3Key.(string)),
}
if versionOk {
functionCode.S3ObjectVersion = aws.String(s3ObjectVersion.(string))
}
}
params := &lambda.CreateFunctionInput{
Code: functionCode,
Description: aws.String(d.Get("description").(string)),
FunctionName: aws.String(functionName),
Handler: aws.String(d.Get("handler").(string)),
MemorySize: aws.Int64(int64(d.Get("memory_size").(int))),
Role: aws.String(iamRole),
Runtime: aws.String(d.Get("runtime").(string)),
Timeout: aws.Int64(int64(d.Get("timeout").(int))),
Publish: aws.Bool(d.Get("publish").(bool)),
}
if v, ok := d.GetOk("vpc_config"); ok {
config, err := validateVPCConfig(v)
if err != nil {
return err
}
if config != nil {
var subnetIds []*string
for _, id := range config["subnet_ids"].(*schema.Set).List() {
subnetIds = append(subnetIds, aws.String(id.(string)))
}
var securityGroupIds []*string
for _, id := range config["security_group_ids"].(*schema.Set).List() {
securityGroupIds = append(securityGroupIds, aws.String(id.(string)))
}
params.VpcConfig = &lambda.VpcConfig{
SubnetIds: subnetIds,
SecurityGroupIds: securityGroupIds,
}
}
}
if v, ok := d.GetOk("environment"); ok {
environments := v.([]interface{})
environment, ok := environments[0].(map[string]interface{})
if !ok {
return errors.New("At least one field is expected inside environment")
}
if environmentVariables, ok := environment["variables"]; ok {
variables := readEnvironmentVariables(environmentVariables.(map[string]interface{}))
params.Environment = &lambda.Environment{
Variables: aws.StringMap(variables),
}
}
}
if v, ok := d.GetOk("kms_key_arn"); ok {
params.KMSKeyArn = aws.String(v.(string))
}
// IAM profiles can take ~10 seconds to propagate in AWS:
// http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#launch-instance-with-role-console
// Error creating Lambda function: InvalidParameterValueException: The role defined for the task cannot be assumed by Lambda.
err := resource.Retry(10*time.Minute, func() *resource.RetryError {
_, err := conn.CreateFunction(params)
if err != nil {
log.Printf("[ERROR] Received %q, retrying CreateFunction", err)
if awserr, ok := err.(awserr.Error); ok {
if awserr.Code() == "InvalidParameterValueException" {
log.Printf("[DEBUG] InvalidParameterValueException creating Lambda Function: %s", awserr)
return resource.RetryableError(awserr)
}
}
log.Printf("[DEBUG] Error creating Lambda Function: %s", err)
return resource.NonRetryableError(err)
}
return nil
})
if err != nil {
return fmt.Errorf("Error creating Lambda function: %s", err)
}
d.SetId(d.Get("function_name").(string))
return resourceAwsLambdaFunctionRead(d, meta)
}
