github.com/econnell/terraform@v0.5.4-0.20150722160631-78eb236786a4/builtin/providers/aws/resource_aws_flow_log.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awsutil" 9 "github.com/aws/aws-sdk-go/service/ec2" 10 "github.com/hashicorp/terraform/helper/schema" 11 ) 12 13 func resourceAwsFlowLog() *schema.Resource { 14 return &schema.Resource{ 15 Create: resourceAwsLogFlowCreate, 16 Read: resourceAwsLogFlowRead, 17 Delete: resourceAwsLogFlowDelete, 18 19 Schema: map[string]*schema.Schema{ 20 "iam_role_arn": &schema.Schema{ 21 Type: schema.TypeString, 22 Required: true, 23 ForceNew: true, 24 }, 25 26 "log_group_name": &schema.Schema{ 27 Type: schema.TypeString, 28 Required: true, 29 ForceNew: true, 30 }, 31 32 "vpc_id": &schema.Schema{ 33 Type: schema.TypeString, 34 Optional: true, 35 ForceNew: true, 36 ConflictsWith: []string{"subnet_id", "eni_id"}, 37 }, 38 39 "subnet_id": &schema.Schema{ 40 Type: schema.TypeString, 41 Optional: true, 42 ForceNew: true, 43 ConflictsWith: []string{"eni_id", "vpc_id"}, 44 }, 45 46 "eni_id": &schema.Schema{ 47 Type: schema.TypeString, 48 Optional: true, 49 ForceNew: true, 50 ConflictsWith: []string{"subnet_id", "vpc_id"}, 51 }, 52 53 "traffic_type": &schema.Schema{ 54 Type: schema.TypeString, 55 Required: true, 56 ForceNew: true, 57 }, 58 }, 59 } 60 } 61 62 func resourceAwsLogFlowCreate(d *schema.ResourceData, meta interface{}) error { 63 conn := meta.(*AWSClient).ec2conn 64 65 types := []struct { 66 ID string 67 Type string 68 }{ 69 {ID: d.Get("vpc_id").(string), Type: "VPC"}, 70 {ID: d.Get("subnet_id").(string), Type: "Subnet"}, 71 {ID: d.Get("eni_id").(string), Type: "NetworkInterface"}, 72 } 73 74 var resourceId string 75 var resourceType string 76 for _, t := range types { 77 if t.ID != "" { 78 resourceId = t.ID 79 resourceType = t.Type 80 break 81 } 82 } 83 84 if resourceId == "" || resourceType == "" { 85 return fmt.Errorf("Error: Flow Logs require either a VPC, Subnet, or ENI ID") 86 } 87 88 opts := &ec2.CreateFlowLogsInput{ 89 DeliverLogsPermissionARN: aws.String(d.Get("iam_role_arn").(string)), 90 LogGroupName: aws.String(d.Get("log_group_name").(string)), 91 ResourceIDs: []*string{aws.String(resourceId)}, 92 ResourceType: aws.String(resourceType), 93 TrafficType: aws.String(d.Get("traffic_type").(string)), 94 } 95 96 log.Printf( 97 "[DEBUG] Flow Log Create configuration: %s", awsutil.StringValue(opts)) 98 resp, err := conn.CreateFlowLogs(opts) 99 if err != nil { 100 return fmt.Errorf("Error creating Flow Log for (%s), error: %s", resourceId, err) 101 } 102 103 if len(resp.FlowLogIDs) > 1 { 104 return fmt.Errorf("Error: multiple Flow Logs created for (%s)", resourceId) 105 } 106 107 d.SetId(*resp.FlowLogIDs[0]) 108 109 return resourceAwsLogFlowRead(d, meta) 110 } 111 112 func resourceAwsLogFlowRead(d *schema.ResourceData, meta interface{}) error { 113 conn := meta.(*AWSClient).ec2conn 114 115 opts := &ec2.DescribeFlowLogsInput{ 116 FlowLogIDs: []*string{aws.String(d.Id())}, 117 } 118 119 resp, err := conn.DescribeFlowLogs(opts) 120 if err != nil { 121 log.Printf("[WARN] Error describing Flow Logs for id (%s)", d.Id()) 122 d.SetId("") 123 return nil 124 } 125 126 if len(resp.FlowLogs) == 0 { 127 log.Printf("[WARN] No Flow Logs found for id (%s)", d.Id()) 128 d.SetId("") 129 return nil 130 } 131 132 fl := resp.FlowLogs[0] 133 134 d.Set("traffic_type", fl.TrafficType) 135 d.Set("log_group_name", fl.LogGroupName) 136 d.Set("iam_role_arn", fl.DeliverLogsPermissionARN) 137 138 return nil 139 } 140 141 func resourceAwsLogFlowDelete(d *schema.ResourceData, meta interface{}) error { 142 conn := meta.(*AWSClient).ec2conn 143 144 log.Printf( 145 "[DEBUG] Flow Log Destroy: %s", d.Id()) 146 _, err := conn.DeleteFlowLogs(&ec2.DeleteFlowLogsInput{ 147 FlowLogIDs: []*string{aws.String(d.Id())}, 148 }) 149 150 if err != nil { 151 return fmt.Errorf("[WARN] Error deleting Flow Log with ID (%s), error: %s", d.Id(), err) 152 } 153 154 return nil 155 }