Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add aws_s3_bucket_cors_configuration resource #12141

Merged
merged 4 commits into from
Jan 27, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/12141.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:new-resource
aws_s3_bucket_cors_configuration
```
1 change: 1 addition & 0 deletions internal/provider/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -1584,6 +1584,7 @@ func Provider() *schema.Provider {

"aws_s3_bucket": s3.ResourceBucket(),
"aws_s3_bucket_analytics_configuration": s3.ResourceBucketAnalyticsConfiguration(),
"aws_s3_bucket_cors_configuration": s3.ResourceBucketCorsConfiguration(),
"aws_s3_bucket_intelligent_tiering_configuration": s3.ResourceBucketIntelligentTieringConfiguration(),
"aws_s3_bucket_inventory": s3.ResourceBucketInventory(),
"aws_s3_bucket_metric": s3.ResourceBucketMetric(),
Expand Down
301 changes: 301 additions & 0 deletions internal/service/s3/bucket_cors_configuration.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,301 @@
package s3

import (
"context"
"fmt"
"log"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/s3"
"github.com/hashicorp/aws-sdk-go-base/tfawserr"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
"github.com/hashicorp/terraform-provider-aws/internal/conns"
"github.com/hashicorp/terraform-provider-aws/internal/flex"
"github.com/hashicorp/terraform-provider-aws/internal/verify"
)

func ResourceBucketCorsConfiguration() *schema.Resource {
return &schema.Resource{
CreateContext: resourceBucketCorsConfigurationCreate,
ReadContext: resourceBucketCorsConfigurationRead,
UpdateContext: resourceBucketCorsConfigurationUpdate,
DeleteContext: resourceBucketCorsConfigurationDelete,
Importer: &schema.ResourceImporter{
StateContext: schema.ImportStatePassthroughContext,
},

Schema: map[string]*schema.Schema{
"bucket": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validation.StringLenBetween(1, 63),
},
"expected_bucket_owner": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
ValidateFunc: verify.ValidAccountID,
},
"cors_rule": {
Type: schema.TypeSet,
Required: true,
MaxItems: 100,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"allowed_headers": {
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"allowed_methods": {
Type: schema.TypeSet,
Required: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"allowed_origins": {
Type: schema.TypeSet,
Required: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"expose_headers": {
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{Type: schema.TypeString},
},
"id": {
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringLenBetween(0, 255),
},
"max_age_seconds": {
Type: schema.TypeInt,
Optional: true,
},
},
},
},
},
}
}

func resourceBucketCorsConfigurationCreate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).S3Conn

bucket := d.Get("bucket").(string)
expectedBucketOwner := d.Get("expected_bucket_owner").(string)

input := &s3.PutBucketCorsInput{
Bucket: aws.String(bucket),
CORSConfiguration: &s3.CORSConfiguration{
CORSRules: expandBucketCorsConfigurationCorsRules(d.Get("cors_rule").(*schema.Set).List()),
},
}

if expectedBucketOwner != "" {
input.ExpectedBucketOwner = aws.String(expectedBucketOwner)
}

_, err := verify.RetryOnAWSCode(s3.ErrCodeNoSuchBucket, func() (interface{}, error) {
return conn.PutBucketCorsWithContext(ctx, input)
})

if err != nil {
return diag.FromErr(fmt.Errorf("error creating S3 bucket (%s) CORS configuration: %w", bucket, err))
}

d.SetId(CreateResourceID(bucket, expectedBucketOwner))

return resourceBucketCorsConfigurationRead(ctx, d, meta)
}

func resourceBucketCorsConfigurationRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).S3Conn

bucket, expectedBucketOwner, err := ParseResourceID(d.Id())
if err != nil {
return diag.FromErr(err)
}

input := &s3.GetBucketCorsInput{
Bucket: aws.String(bucket),
}

if expectedBucketOwner != "" {
input.ExpectedBucketOwner = aws.String(expectedBucketOwner)
}

output, err := conn.GetBucketCorsWithContext(ctx, input)

if !d.IsNewResource() && tfawserr.ErrCodeEquals(err, s3.ErrCodeNoSuchBucket, ErrCodeNoSuchCORSConfiguration) {
log.Printf("[WARN] S3 Bucket CORS Configuration (%s) not found, removing from state", d.Id())
d.SetId("")
return nil
}

if err != nil {
return diag.FromErr(fmt.Errorf("error reading S3 bucket CORS configuration (%s): %w", d.Id(), err))
}

if output == nil {
if d.IsNewResource() {
return diag.FromErr(fmt.Errorf("error reading S3 bucket CORS configuration (%s): empty output", d.Id()))
}
log.Printf("[WARN] S3 Bucket CORS Configuration (%s) not found, removing from state", d.Id())
d.SetId("")
return nil
}

d.Set("bucket", bucket)
d.Set("expected_bucket_owner", expectedBucketOwner)

if err := d.Set("cors_rule", flattenBucketCorsConfigurationCorsRules(output.CORSRules)); err != nil {
return diag.FromErr(fmt.Errorf("error setting cors_rule: %w", err))
}

return nil
}

func resourceBucketCorsConfigurationUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).S3Conn

bucket, expectedBucketOwner, err := ParseResourceID(d.Id())
if err != nil {
return diag.FromErr(err)
}

input := &s3.PutBucketCorsInput{
Bucket: aws.String(bucket),
CORSConfiguration: &s3.CORSConfiguration{
CORSRules: expandBucketCorsConfigurationCorsRules(d.Get("cors_rule").(*schema.Set).List()),
},
}

if expectedBucketOwner != "" {
input.ExpectedBucketOwner = aws.String(expectedBucketOwner)
}

_, err = conn.PutBucketCorsWithContext(ctx, input)

if err != nil {
return diag.FromErr(fmt.Errorf("error updating S3 bucket CORS configuration (%s): %w", d.Id(), err))
}

return resourceBucketCorsConfigurationRead(ctx, d, meta)
}

func resourceBucketCorsConfigurationDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
conn := meta.(*conns.AWSClient).S3Conn

bucket, expectedBucketOwner, err := ParseResourceID(d.Id())
if err != nil {
return diag.FromErr(err)
}

input := &s3.DeleteBucketCorsInput{
Bucket: aws.String(bucket),
}

if expectedBucketOwner != "" {
input.ExpectedBucketOwner = aws.String(expectedBucketOwner)
}

_, err = conn.DeleteBucketCorsWithContext(ctx, input)

if tfawserr.ErrCodeEquals(err, s3.ErrCodeNoSuchBucket) {
return nil
}

if err != nil {
return diag.FromErr(fmt.Errorf("error deleting S3 bucket CORS configuration (%s): %w", d.Id(), err))
}

return nil
}

func expandBucketCorsConfigurationCorsRules(l []interface{}) []*s3.CORSRule {
if len(l) == 0 {
return nil
}

var rules []*s3.CORSRule

for _, tfMapRaw := range l {
tfMap, ok := tfMapRaw.(map[string]interface{})
if !ok {
continue
}

rule := &s3.CORSRule{}

if v, ok := tfMap["allowed_headers"].(*schema.Set); ok && v.Len() > 0 {
rule.AllowedHeaders = flex.ExpandStringSet(v)
}

if v, ok := tfMap["allowed_methods"].(*schema.Set); ok && v.Len() > 0 {
rule.AllowedMethods = flex.ExpandStringSet(v)
}

if v, ok := tfMap["allowed_origins"].(*schema.Set); ok && v.Len() > 0 {
rule.AllowedOrigins = flex.ExpandStringSet(v)
}

if v, ok := tfMap["expose_headers"].(*schema.Set); ok && v.Len() > 0 {
rule.ExposeHeaders = flex.ExpandStringSet(v)
}

if v, ok := tfMap["id"].(string); ok && v != "" {
rule.ID = aws.String(v)
}

if v, ok := tfMap["max_age_seconds"].(int); ok {
rule.MaxAgeSeconds = aws.Int64(int64(v))
}

rules = append(rules, rule)
}

return rules
}

func flattenBucketCorsConfigurationCorsRules(rules []*s3.CORSRule) []interface{} {
var results []interface{}

for _, rule := range rules {
if rule == nil {
continue
}

m := make(map[string]interface{})

if len(rule.AllowedHeaders) > 0 {
m["allowed_headers"] = flex.FlattenStringSet(rule.AllowedHeaders)
}

if len(rule.AllowedMethods) > 0 {
m["allowed_methods"] = flex.FlattenStringSet(rule.AllowedMethods)
}

if len(rule.AllowedOrigins) > 0 {
m["allowed_origins"] = flex.FlattenStringSet(rule.AllowedOrigins)
}

if len(rule.ExposeHeaders) > 0 {
m["expose_headers"] = flex.FlattenStringSet(rule.ExposeHeaders)
}

if rule.ID != nil {
m["id"] = aws.StringValue(rule.ID)
}

if rule.MaxAgeSeconds != nil {
m["max_age_seconds"] = aws.Int64Value(rule.MaxAgeSeconds)
}

results = append(results, m)
}

return results
}
Loading