Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

provider/aws: Adds arn as an output for aws_elb #5411

Closed
wants to merge 1 commit into from
Closed

provider/aws: Adds arn as an output for aws_elb #5411

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 27 additions & 0 deletions builtin/providers/aws/resource_aws_elb.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/aws/aws-sdk-go/service/elb"
"github.com/aws/aws-sdk-go/service/iam"
"github.com/hashicorp/terraform/helper/hashcode"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/helper/schema"
Expand All @@ -32,6 +33,11 @@ func resourceAwsElb() *schema.Resource {
ValidateFunc: validateElbName,
},

"arn": &schema.Schema{
Type: schema.TypeString,
Computed: true,
},

"internal": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Expand Down Expand Up @@ -364,6 +370,13 @@ func resourceAwsElbRead(d *schema.ResourceData, meta interface{}) error {
}
}

arn, arnErr := buildElbARN(d.Id(), meta)
if arnErr != nil {
return arnErr
} else {
d.Set("arn", arn)
}

resp, err := elbconn.DescribeTags(&elb.DescribeTagsInput{
LoadBalancerNames: []*string{lb.LoadBalancerName},
})
Expand Down Expand Up @@ -802,3 +815,17 @@ func sourceSGIdByName(meta interface{}, sg, vpcId string) (string, error) {
group := resp.SecurityGroups[0]
return *group.GroupId, nil
}

func buildElbARN(identifier string, meta interface{}) (string, error) {
iamconn := meta.(*AWSClient).iamconn
region := meta.(*AWSClient).region
// An zero value GetUserInput{} defers to the currently logged in user
resp, err := iamconn.GetUser(&iam.GetUserInput{})
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have historically had issues with this API call - it returns an error when authenticating via an EC2 Instance Profile (since there is no "current user" in that case). My suspicion is that this could break aws_elb for users authenticating in that way.

I see we have quite a few uses in the provider with this pattern:

builtin/providers/aws/resource_aws_db_instance.go:      resp, err := iamconn.GetUser(&iam.GetUserInput{})
builtin/providers/aws/resource_aws_db_parameter_group.go:       resp, err := iamconn.GetUser(&iam.GetUserInput{})
builtin/providers/aws/resource_aws_db_security_group.go:        resp, err := iamconn.GetUser(&iam.GetUserInput{})
builtin/providers/aws/resource_aws_db_subnet_group.go:  resp, err := iamconn.GetUser(&iam.GetUserInput{})
builtin/providers/aws/resource_aws_elasticache_cluster.go:      resp, err := iamconn.GetUser(&iam.GetUserInput{})

For ARN building I think we need is a shared helper that calls GetUser but can also be overridden by an explicit AWS_ACCOUNT_ID env var - and we include that info in the error to let proper ARNs be built for users authenticating w/ instance profiles.

if err != nil {
return "", err
}
userARN := *resp.User.Arn
accountID := strings.Split(userARN, ":")[4]
arn := fmt.Sprintf("arn:aws:elasticloadbalancing:%s:%s:loadbalancer:%s", region, accountID, identifier)
return arn, nil
}
1 change: 1 addition & 0 deletions website/source/docs/providers/aws/r/elb.html.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@ The following attributes are exported:

* `id` - The name of the ELB
* `name` - The name of the ELB
* `arn` - The ARN of the ELB.
* `dns_name` - The DNS name of the ELB
* `instances` - The list of instances in the ELB
* `source_security_group` - The name of the security group that you can use as
Expand Down