Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Import acm certificates #5453

Merged
merged 6 commits into from
Dec 21, 2018
Merged

Import acm certificates #5453

merged 6 commits into from
Dec 21, 2018

Conversation

julienduchesne
Copy link
Contributor

@julienduchesne julienduchesne commented Aug 5, 2018
edited
Loading

Redo of PR #5002
Fixes #3560

Changes proposed in this pull request:

  • Allows the importation and modification of imported certificates through the aws_acm_certificate resource, to do so:
  • Add certificate_body, certficate_chain and private_key arguments for the aws_acm_certificate resource.
  • Verify apply-time (as describe in issue) that the arguments are all provided. Plan-time is not possible (see closed PR Import acm certificate (like IAM server certificate) #5002)

Output from acceptance testing:

TESTARGS='-run=TestAccAWSAcmCertificate_imported'  make testacc
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./... -v -run=TestAccAWSAcmCertificate_imported -timeout 120m
?       github.com/terraform-providers/terraform-provider-aws   [no test files]
=== RUN   TestAccAWSAcmCertificate_imported
--- PASS: TestAccAWSAcmCertificate_imported (39.41s)
PASS
ok      github.com/terraform-providers/terraform-provider-aws/aws       39.425s

@ghost ghost added the size/L Managed by automation to categorize the size of a PR. label Aug 5, 2018
@bflad bflad added enhancement Requests to existing resources that expand the functionality or scope. service/acm Issues and PRs that pertain to the acm service. labels Aug 6, 2018
@eedwards-sk
Copy link

What is needed to get this merged?

@avoidik
Copy link
Contributor

avoidik commented Sep 6, 2018
edited
Loading

@bflad could you please check?

@megamorf
Copy link

megamorf commented Oct 4, 2018

Can you check and merge this, please. I'm very much interested in using the feature.

@joseph-stratoscale
Copy link
Contributor

@bflad Could you please merge this Pull Request. Thanks!

@CarpathianUA
Copy link

Guys, please merge the PR! It's a very useful feature!

@SamBivins
Copy link

👍

@bgshacklett
Copy link

Is there any issue holding this PR back from being merged? If so, it would be great to see some feedback.

@mingdevopsapt
Copy link

Until this feature go live, I find no other option to generate / maintain a PCA signed certificate without importing via command line.

Bump up and thanks.

@vn-patriot
Copy link

vn-patriot commented Dec 10, 2018
edited
Loading

I look forwarding to see this merge

@eedwards-sk
Copy link

@bflad sorry to ping you on this, but I've been getting email updates on this for months and it seems nobody from hashicorp has responded other than when you first tagged the issue back in august

we'd love any update on if this can be merged, even a rejection or a status update would help

thanks!

@bflad bflad mentioned this pull request Dec 20, 2018
Closed
bflad
bflad approved these changes Dec 21, 2018
View reviewed changes
Copy link
Contributor

@bflad bflad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @julienduchesne and everyone watching this pull request. 👋 Very sorry for the lengthy delay before review. ACM testing is a bit of a hassle at the moment since it requires real, public domains and working against ACM per year limitations. I was able to verify this, along with a variation of the bug fix #5472. Thanks so much @julienduchesne for your work here! 🚀

--- PASS: TestAccAWSAcmCertificate_dnsValidation (12.03s)
--- PASS: TestAccAWSAcmCertificate_emailValidation (11.90s)
--- PASS: TestAccAWSAcmCertificate_imported (10.15s)
--- PASS: TestAccAWSAcmCertificate_root (10.82s)
--- PASS: TestAccAWSAcmCertificate_root_TrailingPeriod (12.27s)
--- PASS: TestAccAWSAcmCertificate_rootAndWildcardSan (11.53s)
--- PASS: TestAccAWSAcmCertificate_san_multiple (16.44s)
--- PASS: TestAccAWSAcmCertificate_san_single (19.11s)
--- PASS: TestAccAWSAcmCertificate_san_TrailingPeriod (17.28s)
--- PASS: TestAccAWSAcmCertificate_tags (25.84s)
--- PASS: TestAccAWSAcmCertificate_wildcard (11.95s)
--- PASS: TestAccAWSAcmCertificate_wildcardAndRootSan (15.09s)
--- PASS: TestAccAWSAcmCertificateValidation_basic (150.56s)
--- PASS: TestAccAWSAcmCertificateValidation_timeout (14.90s)
--- PASS: TestAccAWSAcmCertificateValidation_validationRecordFqdns (167.04s)
--- PASS: TestAccAWSAcmCertificateValidation_validationRecordFqdnsRoot (143.35s)
--- PASS: TestAccAWSAcmCertificateValidation_validationRecordFqdnsRootAndWildcard (535.21s)
--- PASS: TestAccAWSAcmCertificateValidation_validationRecordFqdnsSan (160.54s)
--- PASS: TestAccAWSAcmCertificateValidation_validationRecordFqdnsWildcard (154.88s)
--- PASS: TestAccAWSAcmCertificateValidation_validationRecordFqdnsWildcardAndRoot (120.23s)

aws/resource_aws_acm_certificate.go
@@ -149,7 +210,11 @@ func resourceAwsAcmCertificateRead(d *schema.ResourceData, meta interface{}) err
if err := d.Set("validation_emails", emailValidationOptions); err != nil {
return resource.NonRetryableError(err)
}
d.Set("validation_method", resourceAwsAcmCertificateGuessValidationMethod(domainValidationOptions, emailValidationOptions))

if _, ok := d.GetOk("validation_method"); ok {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Found during testing: wound up switching validation_method to Computed: true (for now) instead of using this, since it breaks Terraform resource import functionality for this attribute.

@bflad bflad added this to the v1.54.0 milestone Dec 21, 2018
@bflad bflad merged commit d431c03 into hashicorp:master Dec 21, 2018
bflad added a commit that referenced this pull request Dec 21, 2018
@bflad
Update CHANGELOG for #5453 and #5472
f1a5863
@bflad
Copy link
Contributor

bflad commented Dec 21, 2018

This has been released in version 1.54.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

@julienduchesne julienduchesne deleted the import-acm-certificates branch January 18, 2019 16:10
@ghost
Copy link

ghost commented Nov 1, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Nov 1, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bflad bflad bflad approved these changes

Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/acm Issues and PRs that pertain to the acm service. size/L Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v1.54.0
Development

Successfully merging this pull request may close these issues.

Add ability to import a certificate with aws_acm_certificate