github.com/anfernee/terraform@v0.6.16-0.20160430000239-06e5085a92f2/builtin/providers/aws/resource_aws_flow_log.go

github.com/anfernee/terraform@v0.6.16-0.20160430000239-06e5085a92f2/builtin/providers/aws/resource_aws_flow_log.go (about)

     1  package aws
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  	"strings"
     7  
     8  	"github.com/aws/aws-sdk-go/aws"
     9  	"github.com/aws/aws-sdk-go/service/ec2"
    10  	"github.com/hashicorp/terraform/helper/schema"
    11  )
    12  
    13  func resourceAwsFlowLog() *schema.Resource {
    14  	return &schema.Resource{
    15  		Create: resourceAwsLogFlowCreate,
    16  		Read:   resourceAwsLogFlowRead,
    17  		Delete: resourceAwsLogFlowDelete,
    18  
    19  		Schema: map[string]*schema.Schema{
    20  			"iam_role_arn": &schema.Schema{
    21  				Type:     schema.TypeString,
    22  				Required: true,
    23  				ForceNew: true,
    24  			},
    25  
    26  			"log_group_name": &schema.Schema{
    27  				Type:     schema.TypeString,
    28  				Required: true,
    29  				ForceNew: true,
    30  			},
    31  
    32  			"vpc_id": &schema.Schema{
    33  				Type:          schema.TypeString,
    34  				Optional:      true,
    35  				ForceNew:      true,
    36  				ConflictsWith: []string{"subnet_id", "eni_id"},
    37  			},
    38  
    39  			"subnet_id": &schema.Schema{
    40  				Type:          schema.TypeString,
    41  				Optional:      true,
    42  				ForceNew:      true,
    43  				ConflictsWith: []string{"eni_id", "vpc_id"},
    44  			},
    45  
    46  			"eni_id": &schema.Schema{
    47  				Type:          schema.TypeString,
    48  				Optional:      true,
    49  				ForceNew:      true,
    50  				ConflictsWith: []string{"subnet_id", "vpc_id"},
    51  			},
    52  
    53  			"traffic_type": &schema.Schema{
    54  				Type:     schema.TypeString,
    55  				Required: true,
    56  				ForceNew: true,
    57  			},
    58  		},
    59  	}
    60  }
    61  
    62  func resourceAwsLogFlowCreate(d *schema.ResourceData, meta interface{}) error {
    63  	conn := meta.(*AWSClient).ec2conn
    64  
    65  	types := []struct {
    66  		ID   string
    67  		Type string
    68  	}{
    69  		{ID: d.Get("vpc_id").(string), Type: "VPC"},
    70  		{ID: d.Get("subnet_id").(string), Type: "Subnet"},
    71  		{ID: d.Get("eni_id").(string), Type: "NetworkInterface"},
    72  	}
    73  
    74  	var resourceId string
    75  	var resourceType string
    76  	for _, t := range types {
    77  		if t.ID != "" {
    78  			resourceId = t.ID
    79  			resourceType = t.Type
    80  			break
    81  		}
    82  	}
    83  
    84  	if resourceId == "" || resourceType == "" {
    85  		return fmt.Errorf("Error: Flow Logs require either a VPC, Subnet, or ENI ID")
    86  	}
    87  
    88  	opts := &ec2.CreateFlowLogsInput{
    89  		DeliverLogsPermissionArn: aws.String(d.Get("iam_role_arn").(string)),
    90  		LogGroupName:             aws.String(d.Get("log_group_name").(string)),
    91  		ResourceIds:              []*string{aws.String(resourceId)},
    92  		ResourceType:             aws.String(resourceType),
    93  		TrafficType:              aws.String(d.Get("traffic_type").(string)),
    94  	}
    95  
    96  	log.Printf(
    97  		"[DEBUG] Flow Log Create configuration: %s", opts)
    98  	resp, err := conn.CreateFlowLogs(opts)
    99  	if err != nil {
   100  		return fmt.Errorf("Error creating Flow Log for (%s), error: %s", resourceId, err)
   101  	}
   102  
   103  	if len(resp.FlowLogIds) > 1 {
   104  		return fmt.Errorf("Error: multiple Flow Logs created for (%s)", resourceId)
   105  	}
   106  
   107  	d.SetId(*resp.FlowLogIds[0])
   108  
   109  	return resourceAwsLogFlowRead(d, meta)
   110  }
   111  
   112  func resourceAwsLogFlowRead(d *schema.ResourceData, meta interface{}) error {
   113  	conn := meta.(*AWSClient).ec2conn
   114  
   115  	opts := &ec2.DescribeFlowLogsInput{
   116  		FlowLogIds: []*string{aws.String(d.Id())},
   117  	}
   118  
   119  	resp, err := conn.DescribeFlowLogs(opts)
   120  	if err != nil {
   121  		log.Printf("[WARN] Error describing Flow Logs for id (%s)", d.Id())
   122  		d.SetId("")
   123  		return nil
   124  	}
   125  
   126  	if len(resp.FlowLogs) == 0 {
   127  		log.Printf("[WARN] No Flow Logs found for id (%s)", d.Id())
   128  		d.SetId("")
   129  		return nil
   130  	}
   131  
   132  	fl := resp.FlowLogs[0]
   133  	d.Set("traffic_type", fl.TrafficType)
   134  	d.Set("log_group_name", fl.LogGroupName)
   135  	d.Set("iam_role_arn", fl.DeliverLogsPermissionArn)
   136  
   137  	var resourceKey string
   138  	if strings.HasPrefix(*fl.ResourceId, "vpc-") {
   139  		resourceKey = "vpc_id"
   140  	} else if strings.HasPrefix(*fl.ResourceId, "subnet-") {
   141  		resourceKey = "subnet_id"
   142  	} else if strings.HasPrefix(*fl.ResourceId, "eni-") {
   143  		resourceKey = "eni_id"
   144  	}
   145  	if resourceKey != "" {
   146  		d.Set(resourceKey, fl.ResourceId)
   147  	}
   148  
   149  	return nil
   150  }
   151  
   152  func resourceAwsLogFlowDelete(d *schema.ResourceData, meta interface{}) error {
   153  	conn := meta.(*AWSClient).ec2conn
   154  
   155  	log.Printf(
   156  		"[DEBUG] Flow Log Destroy: %s", d.Id())
   157  	_, err := conn.DeleteFlowLogs(&ec2.DeleteFlowLogsInput{
   158  		FlowLogIds: []*string{aws.String(d.Id())},
   159  	})
   160  
   161  	if err != nil {
   162  		return fmt.Errorf("[WARN] Error deleting Flow Log with ID (%s), error: %s", d.Id(), err)
   163  	}
   164  
   165  	return nil
   166  }