Add support for creating Managed Microsoft Active Directory in AWS

This action is almost exactly the same as creating a SimpleAD so we reuse this resource and allow the user to specify the type when creating the directory (ignoring the size if the type is MicrosoftAD).
hashicorp · Dec 18, 2015 · 5d39511 · 5d39511
1 parent 3ff7635
commit 5d39511
Show file tree

Hide file tree

Showing 3 changed files with 138 additions and 28 deletions.
diff --git a/builtin/providers/aws/resource_aws_directory_service_directory.go b/builtin/providers/aws/resource_aws_directory_service_directory.go
@@ -32,7 +32,7 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource {
 			},
 			"size": &schema.Schema{
 				Type:     schema.TypeString,
-				Required: true,
+				Optional: true,
 				ForceNew: true,
 			},
 			"alias": &schema.Schema{
@@ -89,55 +89,119 @@ func resourceAwsDirectoryServiceDirectory() *schema.Resource {
 			},
 			"type": &schema.Schema{
 				Type:     schema.TypeString,
-				Computed: true,
+				Optional: true,
+				Default:  "SimpleAD",
+				ForceNew: true,
 			},
 		},
 	}
 }
 
-func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta interface{}) error {
-	dsconn := meta.(*AWSClient).dsconn
-
-	input := directoryservice.CreateDirectoryInput{
-		Name:     aws.String(d.Get("name").(string)),
-		Password: aws.String(d.Get("password").(string)),
-		Size:     aws.String(d.Get("size").(string)),
-	}
-
-	if v, ok := d.GetOk("description"); ok {
-		input.Description = aws.String(v.(string))
-	}
-	if v, ok := d.GetOk("short_name"); ok {
-		input.ShortName = aws.String(v.(string))
-	}
-
+func buildVpcSettings(d *schema.ResourceData) (vpcSettings *directoryservice.DirectoryVpcSettings, err error) {
 	if v, ok := d.GetOk("vpc_settings"); ok {
 		settings := v.([]interface{})
 
 		if len(settings) > 1 {
-			return fmt.Errorf("Only a single vpc_settings block is expected")
+			return nil, fmt.Errorf("Only a single vpc_settings block is expected")
 		} else if len(settings) == 1 {
 			s := settings[0].(map[string]interface{})
 			var subnetIds []*string
 			for _, id := range s["subnet_ids"].(*schema.Set).List() {
 				subnetIds = append(subnetIds, aws.String(id.(string)))
 			}
 
-			vpcSettings := directoryservice.DirectoryVpcSettings{
+			vpcSettings = &directoryservice.DirectoryVpcSettings{
 				SubnetIds: subnetIds,
 				VpcId:     aws.String(s["vpc_id"].(string)),
 			}
-			input.VpcSettings = &vpcSettings
 		}
 	}
 
-	log.Printf("[DEBUG] Creating Directory Service: %s", input)
+	return vpcSettings, nil
+}
+
+func createSimpleDirectoryService(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (string, error) {
+	if _, ok := d.GetOk("size"); !ok {
+		return "", fmt.Errorf("size is required for type = SimpleAD")
+	}
+
+	input := directoryservice.CreateDirectoryInput{
+		Name:     aws.String(d.Get("name").(string)),
+		Password: aws.String(d.Get("password").(string)),
+		Size:     aws.String(d.Get("size").(string)),
+	}
+
+	if v, ok := d.GetOk("description"); ok {
+		input.Description = aws.String(v.(string))
+	}
+	if v, ok := d.GetOk("short_name"); ok {
+		input.ShortName = aws.String(v.(string))
+	}
+
+	input.VpcSettings, err = buildVpcSettings(d)
+	if err != nil {
+		return "", err
+	}
+
+	log.Printf("[DEBUG] Creating Simple Directory Service: %s", input)
 	out, err := dsconn.CreateDirectory(&input)
+	if err != nil {
+		return "", err
+	}
+	log.Printf("[DEBUG] Simple Directory Service created: %s", out)
+
+	return *out.DirectoryId, nil
+}
+
+func createActiveDirectoryService(dsconn *directoryservice.DirectoryService, d *schema.ResourceData) (string, error) {
+	input := directoryservice.CreateMicrosoftADInput{
+		Name:     aws.String(d.Get("name").(string)),
+		Password: aws.String(d.Get("password").(string)),
+	}
+
+	if v, ok := d.GetOk("description"); ok {
+		input.Description = aws.String(v.(string))
+	}
+	if v, ok := d.GetOk("short_name"); ok {
+		input.ShortName = aws.String(v.(string))
+	}
+
+	input.VpcSettings, err = buildVpcSettings(d)
+	if err != nil {
+		return "", err
+	}
+
+	log.Printf("[DEBUG] Creating Microsoft AD Directory Service: %s", input)
+	out, err := dsconn.CreateMicrosoftAD(&input)
+	if err != nil {
+		return "", err
+	}
+	log.Printf("[DEBUG] Microsoft AD Directory Service created: %s", out)
+
+	return *out.DirectoryId, nil
+}
+
+func resourceAwsDirectoryServiceDirectoryCreate(d *schema.ResourceData, meta interface{}) error {
+	dsconn := meta.(*AWSClient).dsconn
+
+	var (
+		directoryId string
+		err         error
+	)
+
+	switch d.Get("type").(string) {
+	case "SimpleAD":
+		directoryId, err = createSimpleDirectoryService(dsconn, d)
+	case "MicrosoftAD":
+		directoryId, err = createActiveDirectoryService(dsconn, d)
+	default:
+		return fmt.Errorf("Unsupported directory type: %s", d.Get("type"))
+	}
 	if err != nil {
 		return err
 	}
-	log.Printf("[DEBUG] Directory Service created: %s", out)
-	d.SetId(*out.DirectoryId)
+
+	d.SetId(directoryId)
 
 	// Wait for creation
 	log.Printf("[DEBUG] Waiting for DS (%q) to become available", d.Id())
@@ -238,7 +302,9 @@ func resourceAwsDirectoryServiceDirectoryRead(d *schema.ResourceData, meta inter
 	if dir.ShortName != nil {
 		d.Set("short_name", *dir.ShortName)
 	}
-	d.Set("size", *dir.Size)
+	if dir.Size != nil {
+		d.Set("size", *dir.Size)
+	}
 	d.Set("type", *dir.Type)
 	d.Set("vpc_settings", flattenDSVpcSettings(dir.VpcSettings))
 	d.Set("enable_sso", *dir.SsoEnabled)

diff --git a/builtin/providers/aws/resource_aws_directory_service_directory_test.go b/builtin/providers/aws/resource_aws_directory_service_directory_test.go
@@ -27,6 +27,22 @@ func TestAccAWSDirectoryServiceDirectory_basic(t *testing.T) {
 	})
 }
 
+func TestAccAWSDirectoryServiceDirectory_microsoft(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckDirectoryServiceDirectoryDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccDirectoryServiceDirectoryConfig_microsoft,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckServiceDirectoryExists("aws_directory_service_directory.bar"),
+				),
+			},
+		},
+	})
+}
+
 func TestAccAWSDirectoryServiceDirectory_withAliasAndSso(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
@@ -192,6 +208,34 @@ resource "aws_subnet" "bar" {
 }
 `
 
+const testAccDirectoryServiceDirectoryConfig_microsoft = `
+resource "aws_directory_service_directory" "bar" {
+  name = "corp.notexample.com"
+  password = "SuperSecretPassw0rd"
+  type = "MicrosoftAD"
+
+  vpc_settings {
+    vpc_id = "${aws_vpc.main.id}"
+    subnet_ids = ["${aws_subnet.foo.id}", "${aws_subnet.bar.id}"]
+  }
+}
+
+resource "aws_vpc" "main" {
+  cidr_block = "10.0.0.0/16"
+}
+
+resource "aws_subnet" "foo" {
+  vpc_id = "${aws_vpc.main.id}"
+  availability_zone = "us-west-2a"
+  cidr_block = "10.0.1.0/24"
+}
+resource "aws_subnet" "bar" {
+  vpc_id = "${aws_vpc.main.id}"
+  availability_zone = "us-west-2b"
+  cidr_block = "10.0.2.0/24"
+}
+`
+
 var randomInteger = genRandInt()
 var testAccDirectoryServiceDirectoryConfig_withAlias = fmt.Sprintf(`
 resource "aws_directory_service_directory" "bar_a" {

diff --git a/website/source/docs/providers/aws/r/directory_service_directory.html.markdown b/website/source/docs/providers/aws/r/directory_service_directory.html.markdown
@@ -8,7 +8,7 @@ description: |-
 
 # aws\_directory\_service\_directory
 
-Provides a directory in AWS Directory Service.
+Provides a Simple or Managed Microsoft directory in AWS Directory Service.
 
 ## Example Usage
 
@@ -46,12 +46,13 @@ The following arguments are supported:
 
 * `name` - (Required) The fully qualified name for the directory, such as `corp.example.com`
 * `password` - (Required) The password for the directory administrator.
-* `size` - (Required) The size of the directory (`Small` or `Large` are accepted values).
+* `size` - (Required) The size of the directory (`Small` or `Large` are accepted values). Only used when `type` is `SimpleAD`.
 * `vpc_settings` - (Required) VPC related information about the directory. Fields documented below.
 * `alias` - (Optional) The alias for the directory (must be unique amongst all aliases in AWS). Required for `enable_sso`.
 * `description` - (Optional) A textual description for the directory.
 * `short_name` - (Optional) The short name of the directory, such as `CORP`.
 * `enable_sso` - (Optional) Whether to enable single-sign on for the directory. Requires `alias`. Defaults to `false`.
+* `type` (Optional) - The directory type (`SimpleAD` or `MicrosoftAD` are accepted values). Defaults to `SimpleAD`.
 
 **vpc\_settings** supports the following:
 
@@ -65,4 +66,3 @@ The following attributes are exported:
 * `id` - The directory identifier.
 * `access_url` - The access URL for the directory, such as `http://alias.awsapps.com`.
 * `dns_ip_addresses` - A list of IP addresses of the DNS servers for the directory.
-* `type` - The directory type.