github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/builtin/providers/aws/resource_aws_wafregional_ipset.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/waf" 10 "github.com/aws/aws-sdk-go/service/wafregional" 11 "github.com/hashicorp/terraform/helper/schema" 12 ) 13 14 func resourceAwsWafRegionalIPSet() *schema.Resource { 15 return &schema.Resource{ 16 Create: resourceAwsWafRegionalIPSetCreate, 17 Read: resourceAwsWafRegionalIPSetRead, 18 Update: resourceAwsWafRegionalIPSetUpdate, 19 Delete: resourceAwsWafRegionalIPSetDelete, 20 21 Schema: map[string]*schema.Schema{ 22 "name": &schema.Schema{ 23 Type: schema.TypeString, 24 Required: true, 25 ForceNew: true, 26 }, 27 "ip_set_descriptor": &schema.Schema{ 28 Type: schema.TypeSet, 29 Optional: true, 30 Elem: &schema.Resource{ 31 Schema: map[string]*schema.Schema{ 32 "type": &schema.Schema{ 33 Type: schema.TypeString, 34 Required: true, 35 }, 36 "value": &schema.Schema{ 37 Type: schema.TypeString, 38 Required: true, 39 }, 40 }, 41 }, 42 }, 43 }, 44 } 45 } 46 47 func resourceAwsWafRegionalIPSetCreate(d *schema.ResourceData, meta interface{}) error { 48 conn := meta.(*AWSClient).wafregionalconn 49 region := meta.(*AWSClient).region 50 51 wr := newWafRegionalRetryer(conn, region) 52 out, err := wr.RetryWithToken(func(token *string) (interface{}, error) { 53 params := &waf.CreateIPSetInput{ 54 ChangeToken: token, 55 Name: aws.String(d.Get("name").(string)), 56 } 57 return conn.CreateIPSet(params) 58 }) 59 if err != nil { 60 return err 61 } 62 resp := out.(*waf.CreateIPSetOutput) 63 d.SetId(*resp.IPSet.IPSetId) 64 return resourceAwsWafRegionalIPSetUpdate(d, meta) 65 } 66 67 func resourceAwsWafRegionalIPSetRead(d *schema.ResourceData, meta interface{}) error { 68 conn := meta.(*AWSClient).wafregionalconn 69 70 params := &waf.GetIPSetInput{ 71 IPSetId: aws.String(d.Id()), 72 } 73 74 resp, err := conn.GetIPSet(params) 75 if err != nil { 76 if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "WAFNonexistentItemException" { 77 log.Printf("[WARN] WAF IPSet (%s) not found, error code (404)", d.Id()) 78 d.SetId("") 79 return nil 80 } 81 82 return err 83 } 84 85 d.Set("ip_set_descriptor", flattenWafIpSetDescriptorWR(resp.IPSet.IPSetDescriptors)) 86 d.Set("name", resp.IPSet.Name) 87 88 return nil 89 } 90 91 func flattenWafIpSetDescriptorWR(in []*waf.IPSetDescriptor) []interface{} { 92 descriptors := make([]interface{}, len(in), len(in)) 93 94 for i, descriptor := range in { 95 d := map[string]interface{}{ 96 "type": *descriptor.Type, 97 "value": *descriptor.Value, 98 } 99 descriptors[i] = d 100 } 101 102 return descriptors 103 } 104 105 func resourceAwsWafRegionalIPSetUpdate(d *schema.ResourceData, meta interface{}) error { 106 conn := meta.(*AWSClient).wafregionalconn 107 region := meta.(*AWSClient).region 108 109 if d.HasChange("ip_set_descriptor") { 110 o, n := d.GetChange("ip_set_descriptor") 111 oldD, newD := o.(*schema.Set).List(), n.(*schema.Set).List() 112 113 err := updateIPSetResourceWR(d.Id(), oldD, newD, conn, region) 114 if err != nil { 115 return fmt.Errorf("Error Updating WAF IPSet: %s", err) 116 } 117 } 118 return resourceAwsWafRegionalIPSetRead(d, meta) 119 } 120 121 func resourceAwsWafRegionalIPSetDelete(d *schema.ResourceData, meta interface{}) error { 122 conn := meta.(*AWSClient).wafregionalconn 123 region := meta.(*AWSClient).region 124 125 oldD := d.Get("ip_set_descriptor").(*schema.Set).List() 126 127 if len(oldD) > 0 { 128 noD := []interface{}{} 129 err := updateIPSetResourceWR(d.Id(), oldD, noD, conn, region) 130 131 if err != nil { 132 return fmt.Errorf("Error Removing IPSetDescriptors: %s", err) 133 } 134 } 135 136 wr := newWafRegionalRetryer(conn, region) 137 _, err := wr.RetryWithToken(func(token *string) (interface{}, error) { 138 req := &waf.DeleteIPSetInput{ 139 ChangeToken: token, 140 IPSetId: aws.String(d.Id()), 141 } 142 log.Printf("[INFO] Deleting WAF IPSet") 143 return conn.DeleteIPSet(req) 144 }) 145 if err != nil { 146 return fmt.Errorf("Error Deleting WAF IPSet: %s", err) 147 } 148 149 return nil 150 } 151 152 func updateIPSetResourceWR(id string, oldD, newD []interface{}, conn *wafregional.WAFRegional, region string) error { 153 154 wr := newWafRegionalRetryer(conn, region) 155 _, err := wr.RetryWithToken(func(token *string) (interface{}, error) { 156 req := &waf.UpdateIPSetInput{ 157 ChangeToken: token, 158 IPSetId: aws.String(id), 159 Updates: diffWafIpSetDescriptors(oldD, newD), 160 } 161 log.Printf("[INFO] Updating IPSet descriptor: %s", req) 162 163 return conn.UpdateIPSet(req) 164 }) 165 if err != nil { 166 return fmt.Errorf("Error Updating WAF IPSet: %s", err) 167 } 168 169 return nil 170 }