github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/builtin/providers/aws/resource_aws_ssm_patch_baseline.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/service/ssm" 9 "github.com/hashicorp/terraform/helper/schema" 10 ) 11 12 func resourceAwsSsmPatchBaseline() *schema.Resource { 13 return &schema.Resource{ 14 Create: resourceAwsSsmPatchBaselineCreate, 15 Read: resourceAwsSsmPatchBaselineRead, 16 Delete: resourceAwsSsmPatchBaselineDelete, 17 18 Schema: map[string]*schema.Schema{ 19 "name": { 20 Type: schema.TypeString, 21 Required: true, 22 ForceNew: true, 23 }, 24 25 "description": { 26 Type: schema.TypeString, 27 Optional: true, 28 ForceNew: true, 29 }, 30 31 "global_filter": { 32 Type: schema.TypeList, 33 Optional: true, 34 ForceNew: true, 35 MaxItems: 4, 36 Elem: &schema.Resource{ 37 Schema: map[string]*schema.Schema{ 38 "key": { 39 Type: schema.TypeString, 40 Required: true, 41 }, 42 "values": { 43 Type: schema.TypeList, 44 Required: true, 45 Elem: &schema.Schema{Type: schema.TypeString}, 46 }, 47 }, 48 }, 49 }, 50 51 "approval_rule": { 52 Type: schema.TypeList, 53 Optional: true, 54 ForceNew: true, 55 Elem: &schema.Resource{ 56 Schema: map[string]*schema.Schema{ 57 "approve_after_days": { 58 Type: schema.TypeInt, 59 Required: true, 60 }, 61 62 "patch_filter": { 63 Type: schema.TypeList, 64 Required: true, 65 MaxItems: 10, 66 Elem: &schema.Resource{ 67 Schema: map[string]*schema.Schema{ 68 "key": { 69 Type: schema.TypeString, 70 Required: true, 71 }, 72 "values": { 73 Type: schema.TypeList, 74 Required: true, 75 Elem: &schema.Schema{Type: schema.TypeString}, 76 }, 77 }, 78 }, 79 }, 80 }, 81 }, 82 }, 83 84 "approved_patches": { 85 Type: schema.TypeSet, 86 Optional: true, 87 ForceNew: true, 88 Elem: &schema.Schema{Type: schema.TypeString}, 89 Set: schema.HashString, 90 }, 91 92 "rejected_patches": { 93 Type: schema.TypeSet, 94 Optional: true, 95 ForceNew: true, 96 Elem: &schema.Schema{Type: schema.TypeString}, 97 Set: schema.HashString, 98 }, 99 }, 100 } 101 } 102 103 func resourceAwsSsmPatchBaselineCreate(d *schema.ResourceData, meta interface{}) error { 104 ssmconn := meta.(*AWSClient).ssmconn 105 106 params := &ssm.CreatePatchBaselineInput{ 107 Name: aws.String(d.Get("name").(string)), 108 } 109 110 if v, ok := d.GetOk("description"); ok { 111 params.Description = aws.String(v.(string)) 112 } 113 114 if v, ok := d.GetOk("approved_patches"); ok && v.(*schema.Set).Len() > 0 { 115 params.ApprovedPatches = expandStringList(v.(*schema.Set).List()) 116 } 117 118 if v, ok := d.GetOk("rejected_patches"); ok && v.(*schema.Set).Len() > 0 { 119 params.RejectedPatches = expandStringList(v.(*schema.Set).List()) 120 } 121 122 if _, ok := d.GetOk("global_filter"); ok { 123 params.GlobalFilters = expandAwsSsmPatchFilterGroup(d) 124 } 125 126 if _, ok := d.GetOk("approval_rule"); ok { 127 params.ApprovalRules = expandAwsSsmPatchRuleGroup(d) 128 } 129 130 resp, err := ssmconn.CreatePatchBaseline(params) 131 if err != nil { 132 return err 133 } 134 135 d.SetId(*resp.BaselineId) 136 return resourceAwsSsmPatchBaselineRead(d, meta) 137 } 138 139 func resourceAwsSsmPatchBaselineRead(d *schema.ResourceData, meta interface{}) error { 140 ssmconn := meta.(*AWSClient).ssmconn 141 142 params := &ssm.GetPatchBaselineInput{ 143 BaselineId: aws.String(d.Id()), 144 } 145 146 resp, err := ssmconn.GetPatchBaseline(params) 147 if err != nil { 148 return err 149 } 150 151 d.Set("name", resp.Name) 152 d.Set("description", resp.Description) 153 d.Set("approved_patches", flattenStringList(resp.ApprovedPatches)) 154 d.Set("rejected_patches", flattenStringList(resp.RejectedPatches)) 155 156 if err := d.Set("global_filter", flattenAwsSsmPatchFilterGroup(resp.GlobalFilters)); err != nil { 157 return fmt.Errorf("[DEBUG] Error setting global filters error: %#v", err) 158 } 159 160 if err := d.Set("approval_rule", flattenAwsSsmPatchRuleGroup(resp.ApprovalRules)); err != nil { 161 return fmt.Errorf("[DEBUG] Error setting approval rules error: %#v", err) 162 } 163 164 return nil 165 } 166 167 func resourceAwsSsmPatchBaselineDelete(d *schema.ResourceData, meta interface{}) error { 168 ssmconn := meta.(*AWSClient).ssmconn 169 170 log.Printf("[INFO] Deleting SSM Patch Baseline: %s", d.Id()) 171 172 params := &ssm.DeletePatchBaselineInput{ 173 BaselineId: aws.String(d.Id()), 174 } 175 176 _, err := ssmconn.DeletePatchBaseline(params) 177 if err != nil { 178 return err 179 } 180 181 return nil 182 } 183 184 func expandAwsSsmPatchFilterGroup(d *schema.ResourceData) *ssm.PatchFilterGroup { 185 var filters []*ssm.PatchFilter 186 187 filterConfig := d.Get("global_filter").([]interface{}) 188 189 for _, fConfig := range filterConfig { 190 config := fConfig.(map[string]interface{}) 191 192 filter := &ssm.PatchFilter{ 193 Key: aws.String(config["key"].(string)), 194 Values: expandStringList(config["values"].([]interface{})), 195 } 196 197 filters = append(filters, filter) 198 } 199 200 return &ssm.PatchFilterGroup{ 201 PatchFilters: filters, 202 } 203 } 204 205 func flattenAwsSsmPatchFilterGroup(group *ssm.PatchFilterGroup) []map[string]interface{} { 206 if len(group.PatchFilters) == 0 { 207 return nil 208 } 209 210 result := make([]map[string]interface{}, 0, len(group.PatchFilters)) 211 212 for _, filter := range group.PatchFilters { 213 f := make(map[string]interface{}) 214 f["key"] = *filter.Key 215 f["values"] = flattenStringList(filter.Values) 216 217 result = append(result, f) 218 } 219 220 return result 221 } 222 223 func expandAwsSsmPatchRuleGroup(d *schema.ResourceData) *ssm.PatchRuleGroup { 224 var rules []*ssm.PatchRule 225 226 ruleConfig := d.Get("approval_rule").([]interface{}) 227 228 for _, rConfig := range ruleConfig { 229 rCfg := rConfig.(map[string]interface{}) 230 231 var filters []*ssm.PatchFilter 232 filterConfig := rCfg["patch_filter"].([]interface{}) 233 234 for _, fConfig := range filterConfig { 235 fCfg := fConfig.(map[string]interface{}) 236 237 filter := &ssm.PatchFilter{ 238 Key: aws.String(fCfg["key"].(string)), 239 Values: expandStringList(fCfg["values"].([]interface{})), 240 } 241 242 filters = append(filters, filter) 243 } 244 245 filterGroup := &ssm.PatchFilterGroup{ 246 PatchFilters: filters, 247 } 248 249 rule := &ssm.PatchRule{ 250 ApproveAfterDays: aws.Int64(int64(rCfg["approve_after_days"].(int))), 251 PatchFilterGroup: filterGroup, 252 } 253 254 rules = append(rules, rule) 255 } 256 257 return &ssm.PatchRuleGroup{ 258 PatchRules: rules, 259 } 260 } 261 262 func flattenAwsSsmPatchRuleGroup(group *ssm.PatchRuleGroup) []map[string]interface{} { 263 if len(group.PatchRules) == 0 { 264 return nil 265 } 266 267 result := make([]map[string]interface{}, 0, len(group.PatchRules)) 268 269 for _, rule := range group.PatchRules { 270 r := make(map[string]interface{}) 271 r["approve_after_days"] = *rule.ApproveAfterDays 272 r["patch_filter"] = flattenAwsSsmPatchFilterGroup(rule.PatchFilterGroup) 273 result = append(result, r) 274 } 275 276 return result 277 }