github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/resource_aws_waf_xss_match_set.go (about) 1 package aws 2 3 import ( 4 "log" 5 6 "github.com/aws/aws-sdk-go/aws" 7 "github.com/aws/aws-sdk-go/aws/awserr" 8 "github.com/aws/aws-sdk-go/service/waf" 9 "github.com/hashicorp/errwrap" 10 "github.com/hashicorp/terraform/helper/schema" 11 ) 12 13 func resourceAwsWafXssMatchSet() *schema.Resource { 14 return &schema.Resource{ 15 Create: resourceAwsWafXssMatchSetCreate, 16 Read: resourceAwsWafXssMatchSetRead, 17 Update: resourceAwsWafXssMatchSetUpdate, 18 Delete: resourceAwsWafXssMatchSetDelete, 19 20 Schema: map[string]*schema.Schema{ 21 "name": &schema.Schema{ 22 Type: schema.TypeString, 23 Required: true, 24 ForceNew: true, 25 }, 26 "xss_match_tuples": &schema.Schema{ 27 Type: schema.TypeSet, 28 Required: true, 29 Elem: &schema.Resource{ 30 Schema: map[string]*schema.Schema{ 31 "field_to_match": { 32 Type: schema.TypeSet, 33 Required: true, 34 MaxItems: 1, 35 Elem: &schema.Resource{ 36 Schema: map[string]*schema.Schema{ 37 "data": { 38 Type: schema.TypeString, 39 Optional: true, 40 }, 41 "type": { 42 Type: schema.TypeString, 43 Required: true, 44 }, 45 }, 46 }, 47 }, 48 "text_transformation": &schema.Schema{ 49 Type: schema.TypeString, 50 Required: true, 51 }, 52 }, 53 }, 54 }, 55 }, 56 } 57 } 58 59 func resourceAwsWafXssMatchSetCreate(d *schema.ResourceData, meta interface{}) error { 60 conn := meta.(*AWSClient).wafconn 61 62 log.Printf("[INFO] Creating XssMatchSet: %s", d.Get("name").(string)) 63 64 wr := newWafRetryer(conn, "global") 65 out, err := wr.RetryWithToken(func(token *string) (interface{}, error) { 66 params := &waf.CreateXssMatchSetInput{ 67 ChangeToken: token, 68 Name: aws.String(d.Get("name").(string)), 69 } 70 71 return conn.CreateXssMatchSet(params) 72 }) 73 if err != nil { 74 return errwrap.Wrapf("[ERROR] Error creating XssMatchSet: {{err}}", err) 75 } 76 resp := out.(*waf.CreateXssMatchSetOutput) 77 78 d.SetId(*resp.XssMatchSet.XssMatchSetId) 79 80 return resourceAwsWafXssMatchSetUpdate(d, meta) 81 } 82 83 func resourceAwsWafXssMatchSetRead(d *schema.ResourceData, meta interface{}) error { 84 conn := meta.(*AWSClient).wafconn 85 log.Printf("[INFO] Reading XssMatchSet: %s", d.Get("name").(string)) 86 params := &waf.GetXssMatchSetInput{ 87 XssMatchSetId: aws.String(d.Id()), 88 } 89 90 resp, err := conn.GetXssMatchSet(params) 91 if err != nil { 92 if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "WAFNonexistentItemException" { 93 log.Printf("[WARN] WAF IPSet (%s) not found, error code (404)", d.Id()) 94 d.SetId("") 95 return nil 96 } 97 98 return err 99 } 100 101 d.Set("name", resp.XssMatchSet.Name) 102 103 return nil 104 } 105 106 func resourceAwsWafXssMatchSetUpdate(d *schema.ResourceData, meta interface{}) error { 107 log.Printf("[INFO] Updating XssMatchSet: %s", d.Get("name").(string)) 108 err := updateXssMatchSetResource(d, meta, waf.ChangeActionInsert) 109 if err != nil { 110 return errwrap.Wrapf("[ERROR] Error updating XssMatchSet: {{err}}", err) 111 } 112 return resourceAwsWafXssMatchSetRead(d, meta) 113 } 114 115 func resourceAwsWafXssMatchSetDelete(d *schema.ResourceData, meta interface{}) error { 116 conn := meta.(*AWSClient).wafconn 117 118 log.Printf("[INFO] Deleting XssMatchSet: %s", d.Get("name").(string)) 119 err := updateXssMatchSetResource(d, meta, waf.ChangeActionDelete) 120 if err != nil { 121 return errwrap.Wrapf("[ERROR] Error deleting XssMatchSet: {{err}}", err) 122 } 123 124 wr := newWafRetryer(conn, "global") 125 _, err = wr.RetryWithToken(func(token *string) (interface{}, error) { 126 req := &waf.DeleteXssMatchSetInput{ 127 ChangeToken: token, 128 XssMatchSetId: aws.String(d.Id()), 129 } 130 131 return conn.DeleteXssMatchSet(req) 132 }) 133 if err != nil { 134 return errwrap.Wrapf("[ERROR] Error deleting XssMatchSet: {{err}}", err) 135 } 136 137 return nil 138 } 139 140 func updateXssMatchSetResource(d *schema.ResourceData, meta interface{}, ChangeAction string) error { 141 conn := meta.(*AWSClient).wafconn 142 143 wr := newWafRetryer(conn, "global") 144 _, err := wr.RetryWithToken(func(token *string) (interface{}, error) { 145 req := &waf.UpdateXssMatchSetInput{ 146 ChangeToken: token, 147 XssMatchSetId: aws.String(d.Id()), 148 } 149 150 xssMatchTuples := d.Get("xss_match_tuples").(*schema.Set) 151 for _, xssMatchTuple := range xssMatchTuples.List() { 152 xmt := xssMatchTuple.(map[string]interface{}) 153 xssMatchTupleUpdate := &waf.XssMatchSetUpdate{ 154 Action: aws.String(ChangeAction), 155 XssMatchTuple: &waf.XssMatchTuple{ 156 FieldToMatch: expandFieldToMatch(xmt["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})), 157 TextTransformation: aws.String(xmt["text_transformation"].(string)), 158 }, 159 } 160 req.Updates = append(req.Updates, xssMatchTupleUpdate) 161 } 162 163 return conn.UpdateXssMatchSet(req) 164 }) 165 if err != nil { 166 return errwrap.Wrapf("[ERROR] Error updating XssMatchSet: {{err}}", err) 167 } 168 169 return nil 170 }