github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/azurerm/resource_arm_eventhub_authorization_rule.go (about) 1 package azurerm 2 3 import ( 4 "fmt" 5 "log" 6 7 "net/http" 8 9 "github.com/Azure/azure-sdk-for-go/arm/eventhub" 10 "github.com/hashicorp/terraform/helper/schema" 11 ) 12 13 func resourceArmEventHubAuthorizationRule() *schema.Resource { 14 return &schema.Resource{ 15 Create: resourceArmEventHubAuthorizationRuleCreateUpdate, 16 Read: resourceArmEventHubAuthorizationRuleRead, 17 Update: resourceArmEventHubAuthorizationRuleCreateUpdate, 18 Delete: resourceArmEventHubAuthorizationRuleDelete, 19 Importer: &schema.ResourceImporter{ 20 State: schema.ImportStatePassthrough, 21 }, 22 23 Schema: map[string]*schema.Schema{ 24 "name": { 25 Type: schema.TypeString, 26 Required: true, 27 ForceNew: true, 28 }, 29 30 "namespace_name": { 31 Type: schema.TypeString, 32 Required: true, 33 ForceNew: true, 34 }, 35 36 "eventhub_name": { 37 Type: schema.TypeString, 38 Required: true, 39 ForceNew: true, 40 }, 41 42 "resource_group_name": { 43 Type: schema.TypeString, 44 Required: true, 45 ForceNew: true, 46 }, 47 48 "location": locationSchema(), 49 50 "listen": { 51 Type: schema.TypeBool, 52 Optional: true, 53 Default: false, 54 }, 55 56 "send": { 57 Type: schema.TypeBool, 58 Optional: true, 59 Default: false, 60 }, 61 62 "manage": { 63 Type: schema.TypeBool, 64 Optional: true, 65 Default: false, 66 }, 67 68 "primary_key": { 69 Type: schema.TypeString, 70 Computed: true, 71 }, 72 73 "primary_connection_string": { 74 Type: schema.TypeString, 75 Computed: true, 76 }, 77 78 "secondary_key": { 79 Type: schema.TypeString, 80 Computed: true, 81 }, 82 83 "secondary_connection_string": { 84 Type: schema.TypeString, 85 Computed: true, 86 }, 87 }, 88 } 89 } 90 91 func resourceArmEventHubAuthorizationRuleCreateUpdate(d *schema.ResourceData, meta interface{}) error { 92 client := meta.(*ArmClient).eventHubClient 93 log.Printf("[INFO] preparing arguments for Azure ARM EventHub Authorization Rule creation.") 94 95 name := d.Get("name").(string) 96 namespaceName := d.Get("namespace_name").(string) 97 eventHubName := d.Get("eventhub_name").(string) 98 location := d.Get("location").(string) 99 resGroup := d.Get("resource_group_name").(string) 100 101 rights, err := expandEventHubAuthorizationRuleAccessRights(d) 102 if err != nil { 103 return err 104 } 105 106 parameters := eventhub.SharedAccessAuthorizationRuleCreateOrUpdateParameters{ 107 Name: &name, 108 Location: &location, 109 SharedAccessAuthorizationRuleProperties: &eventhub.SharedAccessAuthorizationRuleProperties{ 110 Rights: rights, 111 }, 112 } 113 114 _, err = client.CreateOrUpdateAuthorizationRule(resGroup, namespaceName, eventHubName, name, parameters) 115 if err != nil { 116 return err 117 } 118 119 read, err := client.GetAuthorizationRule(resGroup, namespaceName, eventHubName, name) 120 if err != nil { 121 return err 122 } 123 124 if read.ID == nil { 125 return fmt.Errorf("Cannot read EventHub Authorization Rule %s (resource group %s) ID", name, resGroup) 126 } 127 128 d.SetId(*read.ID) 129 130 return resourceArmEventHubAuthorizationRuleRead(d, meta) 131 } 132 133 func resourceArmEventHubAuthorizationRuleRead(d *schema.ResourceData, meta interface{}) error { 134 client := meta.(*ArmClient).eventHubClient 135 136 id, err := parseAzureResourceID(d.Id()) 137 if err != nil { 138 return err 139 } 140 resGroup := id.ResourceGroup 141 namespaceName := id.Path["namespaces"] 142 eventHubName := id.Path["eventhubs"] 143 name := id.Path["authorizationRules"] 144 145 resp, err := client.GetAuthorizationRule(resGroup, namespaceName, eventHubName, name) 146 if err != nil { 147 return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule %s: %+v", name, err) 148 } 149 if resp.StatusCode == http.StatusNotFound { 150 d.SetId("") 151 return nil 152 } 153 154 keysResp, err := client.ListKeys(resGroup, namespaceName, eventHubName, name) 155 if err != nil { 156 return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule List Keys %s: %+v", name, err) 157 } 158 159 d.Set("name", name) 160 d.Set("eventhub_name", eventHubName) 161 d.Set("namespace_name", namespaceName) 162 d.Set("resource_group_name", resGroup) 163 d.Set("location", azureRMNormalizeLocation(*resp.Location)) 164 165 flattenEventHubAuthorizationRuleAccessRights(d, resp) 166 167 d.Set("primary_key", keysResp.PrimaryKey) 168 d.Set("primary_connection_string", keysResp.PrimaryConnectionString) 169 d.Set("secondary_key", keysResp.SecondaryKey) 170 d.Set("secondary_connection_string", keysResp.SecondaryConnectionString) 171 172 return nil 173 } 174 175 func resourceArmEventHubAuthorizationRuleDelete(d *schema.ResourceData, meta interface{}) error { 176 eventhubClient := meta.(*ArmClient).eventHubClient 177 178 id, err := parseAzureResourceID(d.Id()) 179 if err != nil { 180 return err 181 } 182 resGroup := id.ResourceGroup 183 namespaceName := id.Path["namespaces"] 184 eventHubName := id.Path["eventhubs"] 185 name := id.Path["authorizationRules"] 186 187 resp, err := eventhubClient.DeleteAuthorizationRule(resGroup, namespaceName, eventHubName, name) 188 189 if resp.StatusCode != http.StatusOK { 190 return fmt.Errorf("Error issuing Azure ARM delete request of EventHub Authorization Rule '%s': %+v", name, err) 191 } 192 193 return nil 194 } 195 196 func expandEventHubAuthorizationRuleAccessRights(d *schema.ResourceData) (*[]eventhub.AccessRights, error) { 197 canSend := d.Get("send").(bool) 198 canListen := d.Get("listen").(bool) 199 canManage := d.Get("manage").(bool) 200 rights := []eventhub.AccessRights{} 201 if canListen { 202 rights = append(rights, eventhub.Listen) 203 } 204 205 if canSend { 206 rights = append(rights, eventhub.Send) 207 } 208 209 if canManage { 210 rights = append(rights, eventhub.Manage) 211 } 212 213 if len(rights) == 0 { 214 return nil, fmt.Errorf("At least one Authorization Rule State must be enabled (e.g. Listen/Manage/Send)") 215 } 216 217 if canManage && !(canListen && canSend) { 218 return nil, fmt.Errorf("In order to enable the 'Manage' Authorization Rule - both the 'Listen' and 'Send' rules must be enabled") 219 } 220 221 return &rights, nil 222 } 223 224 func flattenEventHubAuthorizationRuleAccessRights(d *schema.ResourceData, resp eventhub.SharedAccessAuthorizationRuleResource) { 225 226 var canListen = false 227 var canSend = false 228 var canManage = false 229 230 for _, right := range *resp.Rights { 231 switch right { 232 case eventhub.Listen: 233 canListen = true 234 case eventhub.Send: 235 canSend = true 236 case eventhub.Manage: 237 canManage = true 238 default: 239 log.Printf("[DEBUG] Unknown Authorization Rule Right '%s'", right) 240 } 241 } 242 243 d.Set("listen", canListen) 244 d.Set("send", canSend) 245 d.Set("manage", canManage) 246 }