resource/aws_ses_domain_identity_verification: Address #4108 feedback

hashicorp · Apr 18, 2018 · 9855bec · 9855bec
1 parent 97aa222
commit 9855bec
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 33 deletions.
diff --git a/aws/resource_aws_ses_domain_identity_verification.go b/aws/resource_aws_ses_domain_identity_verification.go
@@ -28,6 +28,9 @@ func resourceAwsSesDomainIdentityVerification() *schema.Resource {
 				Type:     schema.TypeString,
 				Required: true,
 				ForceNew: true,
+				StateFunc: func(v interface{}) string {
+					return strings.TrimSuffix(v.(string), ".")
+				},
 			},
 		},
 		Timeouts: &schema.ResourceTimeout{
@@ -54,7 +57,7 @@ func getAwsSesIdentityVerificationAttributes(conn *ses.SES, domainName string) (
 func resourceAwsSesDomainIdentityVerificationCreate(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*AWSClient).sesConn
 	domainName := strings.TrimSuffix(d.Get("domain").(string), ".")
-	return resource.Retry(d.Timeout(schema.TimeoutCreate), func() *resource.RetryError {
+	err := resource.Retry(d.Timeout(schema.TimeoutCreate), func() *resource.RetryError {
 		att, err := getAwsSesIdentityVerificationAttributes(conn, domainName)
 		if err != nil {
 			return resource.NonRetryableError(fmt.Errorf("Error getting identity verification attributes: %s", err))
@@ -64,14 +67,19 @@ func resourceAwsSesDomainIdentityVerificationCreate(d *schema.ResourceData, meta
 			return resource.NonRetryableError(fmt.Errorf("SES Domain Identity %s not found in AWS", domainName))
 		}
 
-		if *att.VerificationStatus != "Success" {
-			return resource.RetryableError(fmt.Errorf("Expected domain verification Success, but was in state %s", *att.VerificationStatus))
+		if aws.StringValue(att.VerificationStatus) != ses.VerificationStatusSuccess {
+			return resource.RetryableError(fmt.Errorf("Expected domain verification Success, but was in state %s", aws.StringValue(att.VerificationStatus)))
 		}
 
-		log.Printf("[INFO] Domain verification successful for %s", domainName)
-		d.SetId(domainName)
-		return resource.NonRetryableError(resourceAwsSesDomainIdentityVerificationRead(d, meta))
+		return nil
 	})
+	if err != nil {
+		return err
+	}
+
+	log.Printf("[INFO] Domain verification successful for %s", domainName)
+	d.SetId(domainName)
+	return resourceAwsSesDomainIdentityVerificationRead(d, meta)
 }
 
 func resourceAwsSesDomainIdentityVerificationRead(d *schema.ResourceData, meta interface{}) error {
@@ -82,7 +90,7 @@ func resourceAwsSesDomainIdentityVerificationRead(d *schema.ResourceData, meta i
 
 	att, err := getAwsSesIdentityVerificationAttributes(conn, domainName)
 	if err != nil {
-		log.Printf("[WARN] Error fetching identity verification attrubtes for %s: %s", d.Id(), err)
+		log.Printf("[WARN] Error fetching identity verification attributes for %s: %s", d.Id(), err)
 		return err
 	}
 
@@ -92,8 +100,8 @@ func resourceAwsSesDomainIdentityVerificationRead(d *schema.ResourceData, meta i
 		return nil
 	}
 
-	if *att.VerificationStatus != "Success" {
-		log.Printf("[WARN] Expected domain verification Success, but was %s, tainting verification", *att.VerificationStatus)
+	if aws.StringValue(att.VerificationStatus) != ses.VerificationStatusSuccess {
+		log.Printf("[WARN] Expected domain verification Success, but was %s, tainting verification", aws.StringValue(att.VerificationStatus))
 		d.SetId("")
 		return nil
 	}
@@ -112,6 +120,5 @@ func resourceAwsSesDomainIdentityVerificationRead(d *schema.ResourceData, meta i
 
 func resourceAwsSesDomainIdentityVerificationDelete(d *schema.ResourceData, meta interface{}) error {
 	// No need to do anything, domain identity will be deleted when aws_ses_domain_identity is deleted
-	d.SetId("")
 	return nil
 }
diff --git a/aws/resource_aws_ses_domain_identity_verification_test.go b/aws/resource_aws_ses_domain_identity_verification_test.go
@@ -108,7 +108,7 @@ func testAccCheckAwsSesDomainIdentityVerificationPassed(n string) resource.TestC
 			return fmt.Errorf("SES Domain Identity %s not found in AWS", domain)
 		}
 
-		if *response.VerificationAttributes[domain].VerificationStatus != "Success" {
+		if aws.StringValue(response.VerificationAttributes[domain].VerificationStatus) != ses.VerificationStatusSuccess {
 			return fmt.Errorf("SES Domain Identity %s not successfully verified.", domain)
 		}
 
@@ -130,16 +130,17 @@ func testAccCheckAwsSesDomainIdentityVerificationPassed(n string) resource.TestC
 
 func testAccAwsSesDomainIdentityVerification_basic(rootDomain string, domain string) string {
 	return fmt.Sprintf(`
-resource "aws_route53_zone" "zone" {
+data "aws_route53_zone" "test" {
 	name = "%s."
+	private_zone = false
 }
 
 resource "aws_ses_domain_identity" "test" {
 	domain = "%s"
 }
 
 resource "aws_route53_record" "domain_identity_verification" {
-	zone_id = "${aws_route53_zone.zone.zone_id}"
+	zone_id = "${data.aws_route53_zone.test.id}"
 	name = "_amazonses.${aws_ses_domain_identity.test.id}"
 	type = "TXT"
 	ttl = "600"
@@ -148,6 +149,8 @@ resource "aws_route53_record" "domain_identity_verification" {
 
 resource "aws_ses_domain_identity_verification" "test" {
 	domain = "${aws_ses_domain_identity.test.id}"
+
+	depends_on = ["aws_route53_record.domain_identity_verification"]
 }
 `, rootDomain, domain)
 }

diff --git a/website/docs/r/ses_domain_identity_verification.html.markdown b/website/docs/r/ses_domain_identity_verification.html.markdown
@@ -16,6 +16,28 @@ deploy the required DNS verification records, and wait for verification to compl
 
 ~> **WARNING:** This resource implements a part of the verification workflow. It does not represent a real-world entity in AWS, therefore changing or deleting this resource on its own has no immediate effect.
 
+## Example Usage
+
+```hcl
+resource "aws_ses_domain_identity" "example" {
+  domain = "example.com"
+}
+
+resource "aws_route53_record" "example_amazonses_verification_record" {
+  zone_id = "${aws_route53_zone.example.id}"
+  name    = "_amazonses.${aws_route53_zone.example.name}"
+  type    = "TXT"
+  ttl     = "600"
+  records = ["${aws_ses_domain_identity.example.verification_token}"]
+}
+
+resource "aws_ses_domain_identity_verification" "example_verification" {
+  domain = "${aws_ses_domain_identity.example.id}"
+
+  depends_on = ["aws_route53_record.example_amazonses_verification_record"]
+}
+```
+
 ## Argument Reference
 
 The following arguments are supported:
@@ -35,23 +57,3 @@ The following attributes are exported:
 configuration options:
 
 - `create` - (Default `45m`) How long to wait for a domain identity to be verified.
-
-## Example Usage
-
-```hcl
-resource "aws_ses_domain_identity" "example" {
-  domain = "example.com"
-}
-
-resource "aws_route53_record" "example_amazonses_verification_record" {
-  zone_id = "ABCDEFGHIJ123"
-  name    = "_amazonses.example.com"
-  type    = "TXT"
-  ttl     = "600"
-  records = ["${aws_ses_domain_identity.example.verification_token}"]
-}
-
-resource "aws_ses_domain_identity_verification" "example_verification" {
-  domain = "${aws_ses_domain_identity.example.id}"
-}
-```