diff --git a/builtin/providers/aws/data_source_aws_elb_account_id.go b/builtin/providers/aws/data_source_aws_elb_account_id.go new file mode 100644 index 000000000000..f05df46115a8 --- /dev/null +++ b/builtin/providers/aws/data_source_aws_elb_account_id.go @@ -0,0 +1,51 @@ +package aws + +import ( + "fmt" + + "github.com/hashicorp/terraform/helper/schema" +) + +// See http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy +var elbAccountIdPerRegionMap = map[string]string{ + "ap-northeast-1": "582318560864", + "ap-northeast-2": "600734575887", + "ap-south-1": "718504428378", + "ap-southeast-1": "114774131450", + "ap-southeast-2": "783225319266", + "cn-north-1": "638102146993", + "eu-central-1": "054676820928", + "eu-west-1": "156460612806", + "sa-east-1": "507241528517", + "us-east-1": "127311923021", + "us-gov-west": "048591011584", + "us-west-1": "027434742980", + "us-west-2": "797873946194", +} + +func dataSourceAwsElbAccountId() *schema.Resource { + return &schema.Resource{ + Read: dataSourceAwsElbAccountIdRead, + + Schema: map[string]*schema.Schema{ + "region": &schema.Schema{ + Type: schema.TypeString, + Optional: true, + }, + }, + } +} + +func dataSourceAwsElbAccountIdRead(d *schema.ResourceData, meta interface{}) error { + region := meta.(*AWSClient).region + if v, ok := d.GetOk("region"); ok { + region = v.(string) + } + + if accid, ok := elbAccountIdPerRegionMap[region]; ok { + d.SetId(accid) + return nil + } + + return fmt.Errorf("Unknown region (%q)", region) +} diff --git a/builtin/providers/aws/data_source_aws_elb_account_id_test.go b/builtin/providers/aws/data_source_aws_elb_account_id_test.go new file mode 100644 index 000000000000..72cfc3caf925 --- /dev/null +++ b/builtin/providers/aws/data_source_aws_elb_account_id_test.go @@ -0,0 +1,38 @@ +package aws + +import ( + "testing" + + "github.com/hashicorp/terraform/helper/resource" +) + +func TestAccAWSElbAccountId_basic(t *testing.T) { + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccCheckAwsElbAccountIdConfig, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("data.aws_elb_account_id.main", "id", "797873946194"), + ), + }, + resource.TestStep{ + Config: testAccCheckAwsElbAccountIdExplicitRegionConfig, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("data.aws_elb_account_id.regional", "id", "156460612806"), + ), + }, + }, + }) +} + +const testAccCheckAwsElbAccountIdConfig = ` +data "aws_elb_account_id" "main" { } +` + +const testAccCheckAwsElbAccountIdExplicitRegionConfig = ` +data "aws_elb_account_id" "regional" { + region = "eu-west-1" +} +` diff --git a/builtin/providers/aws/provider.go b/builtin/providers/aws/provider.go index 6dffbd172d9e..1b5c1d2cb042 100644 --- a/builtin/providers/aws/provider.go +++ b/builtin/providers/aws/provider.go @@ -143,6 +143,7 @@ func Provider() terraform.ResourceProvider { "aws_ami": dataSourceAwsAmi(), "aws_availability_zones": dataSourceAwsAvailabilityZones(), "aws_caller_identity": dataSourceAwsCallerIdentity(), + "aws_elb_account_id": dataSourceAwsElbAccountId(), "aws_iam_policy_document": dataSourceAwsIamPolicyDocument(), "aws_ip_ranges": dataSourceAwsIPRanges(), "aws_s3_bucket_object": dataSourceAwsS3BucketObject(), diff --git a/website/source/docs/providers/aws/d/elb_account_id.html.markdown b/website/source/docs/providers/aws/d/elb_account_id.html.markdown new file mode 100644 index 000000000000..7552c8bf1632 --- /dev/null +++ b/website/source/docs/providers/aws/d/elb_account_id.html.markdown @@ -0,0 +1,69 @@ +--- +layout: "aws" +page_title: "AWS: aws_elb_account_id" +sidebar_current: "docs-aws-datasource-elb-account-id" +description: |- + Get AWS Elastic Load Balancing Account ID +--- + +# aws\_elb\_account\_id + +Use this data source to get the Account ID of the [AWS Elastic Load Balancing Account](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html#attach-bucket-policy) +in a given region for the purpose of whitelisting in S3 bucket policy. + +## Example Usage + +``` +data "aws_elb_account_id" "main" { } + +resource "aws_s3_bucket" "elb_logs" { + bucket = "my-elb-tf-test-bucket" + acl = "private" + policy = <> aws_ecs_container_definition + > + aws_elb_account_id + > aws_iam_policy_document