github.com/minamijoyo/terraform@v0.7.8-0.20161029001309-18b3736ba44b/builtin/providers/azure/resource_azure_sql_database_server_firewall_rule.go (about) 1 package azure 2 3 import ( 4 "fmt" 5 "log" 6 "strings" 7 8 "github.com/Azure/azure-sdk-for-go/management/sql" 9 "github.com/hashicorp/terraform/helper/schema" 10 ) 11 12 // resourceAzureSqlDatabaseServerFirewallRule returns the *schema.Resource 13 // associated to a firewall rule of a database server in Azure. 14 func resourceAzureSqlDatabaseServerFirewallRule() *schema.Resource { 15 return &schema.Resource{ 16 Create: resourceAzureSqlDatabaseServerFirewallRuleCreate, 17 Read: resourceAzureSqlDatabaseServerFirewallRuleRead, 18 Update: resourceAzureSqlDatabaseServerFirewallRuleUpdate, 19 Delete: resourceAzureSqlDatabaseServerFirewallRuleDelete, 20 21 Schema: map[string]*schema.Schema{ 22 "name": &schema.Schema{ 23 Type: schema.TypeString, 24 Required: true, 25 ForceNew: true, 26 }, 27 "database_server_names": &schema.Schema{ 28 Type: schema.TypeSet, 29 Required: true, 30 ForceNew: true, 31 Elem: &schema.Schema{ 32 Type: schema.TypeString, 33 }, 34 Set: schema.HashString, 35 }, 36 "start_ip": &schema.Schema{ 37 Type: schema.TypeString, 38 Required: true, 39 }, 40 "end_ip": &schema.Schema{ 41 Type: schema.TypeString, 42 Required: true, 43 }, 44 }, 45 } 46 } 47 48 // resourceAzureSqlDatabaseServerFirewallRuleCreate does all the necessary API 49 // calls to create the SQL Database Server Firewall Rule on Azure. 50 func resourceAzureSqlDatabaseServerFirewallRuleCreate(d *schema.ResourceData, meta interface{}) error { 51 sqlClient := meta.(*Client).sqlClient 52 53 name := d.Get("name").(string) 54 params := sql.FirewallRuleCreateParams{ 55 Name: name, 56 StartIPAddress: d.Get("start_ip").(string), 57 EndIPAddress: d.Get("end_ip").(string), 58 } 59 60 // loop over all the database servers and apply the firewall rule to each: 61 serverNames := d.Get("database_server_names").(*schema.Set).List() 62 for _, srv := range serverNames { 63 serverName := srv.(string) 64 65 log.Printf("[INFO] Sending Azure Database Server Firewall Rule %q creation request for Server %q.", name, serverName) 66 if err := sqlClient.CreateFirewallRule(serverName, params); err != nil { 67 return fmt.Errorf("Error creating Azure Database Server Firewall Rule %q for Server %q: %s", name, serverName, err) 68 } 69 } 70 71 d.SetId(name) 72 return nil 73 } 74 75 // resourceAzureSqlDatabaseServerFirewallRuleRead does all the necessary API 76 // calls to read the state of the SQL Database Server Firewall Rule on Azure. 77 func resourceAzureSqlDatabaseServerFirewallRuleRead(d *schema.ResourceData, meta interface{}) error { 78 sqlClient := meta.(*Client).sqlClient 79 80 name := d.Get("name").(string) 81 remaining := schema.NewSet(schema.HashString, nil) 82 83 // for each of our servers; check to see if the rule is still present: 84 var found bool 85 for _, srv := range d.Get("database_server_names").(*schema.Set).List() { 86 serverName := srv.(string) 87 88 log.Printf("[INFO] Sending Azure Database Server Firewall Rule list query for server %q.", serverName) 89 rules, err := sqlClient.ListFirewallRules(serverName) 90 if err != nil { 91 if strings.Contains(err.Error(), "does not exist") { 92 // it means that the database server this rule belonged to has 93 // been deleted in the meantime. 94 continue 95 } else { 96 return fmt.Errorf("Error getting Azure Firewall Rules for Database Server %q: %s", serverName, err) 97 } 98 99 } 100 101 // look for our rule: 102 for _, rule := range rules.FirewallRules { 103 if rule.Name == name { 104 found = true 105 remaining.Add(serverName) 106 107 break 108 } 109 } 110 } 111 112 // check to see if there is still any Database Server still having this rule: 113 if !found { 114 d.SetId("") 115 return nil 116 } 117 118 // else; update the list of Database Servers still having this rule: 119 d.Set("database_server_names", remaining) 120 return nil 121 } 122 123 // resourceAzureSqlDatabaseServerFirewallRuleUpdate does all the necessary API 124 // calls to update the state of the SQL Database Server Firewall Rule on Azure. 125 func resourceAzureSqlDatabaseServerFirewallRuleUpdate(d *schema.ResourceData, meta interface{}) error { 126 sqlClient := meta.(*Client).sqlClient 127 128 var found bool 129 name := d.Get("name").(string) 130 updateParams := sql.FirewallRuleUpdateParams{ 131 Name: name, 132 StartIPAddress: d.Get("start_ip").(string), 133 EndIPAddress: d.Get("end_ip").(string), 134 } 135 136 // for each of the Database Servers our rules concerns; issue the update: 137 remaining := schema.NewSet(schema.HashString, nil) 138 for _, srv := range d.Get("database_server_names").(*schema.Set).List() { 139 serverName := srv.(string) 140 141 log.Printf("[INFO] Issuing Azure Database Server Firewall Rule list for Database Server %q: %s.", name, serverName) 142 rules, err := sqlClient.ListFirewallRules(serverName) 143 if err != nil { 144 if strings.Contains(err.Error(), "does not exist") { 145 // it means that the database server this rule belonged to has 146 // been deleted in the meantime. 147 continue 148 } else { 149 return fmt.Errorf("Error getting Azure Firewall Rules for Database Server %q: %s", serverName, err) 150 } 151 152 } 153 154 // look for our rule: 155 for _, rule := range rules.FirewallRules { 156 if rule.Name == name { 157 // take note of the fact that this Database Server still has 158 // this rule: 159 found = true 160 remaining.Add(serverName) 161 162 // go ahead and update the rule: 163 log.Printf("[INFO] Issuing update of Azure Database Server Firewall Rule %q in Server %q.", name, serverName) 164 if err := sqlClient.UpdateFirewallRule(serverName, name, updateParams); err != nil { 165 return fmt.Errorf("Error updating Azure Database Server Firewall Rule %q for Server %q: %s", name, serverName, err) 166 } 167 168 break 169 } 170 } 171 } 172 173 // check to see if the rule is still exists on any of the servers: 174 if !found { 175 d.SetId("") 176 return nil 177 } 178 179 // else; update the list with the remaining Servers: 180 d.Set("database_server_names", remaining) 181 return nil 182 } 183 184 // resourceAzureSqlDatabaseServerFirewallRuleDelete does all the necessary API 185 // calls to delete the SQL Database Server Firewall Rule on Azure. 186 func resourceAzureSqlDatabaseServerFirewallRuleDelete(d *schema.ResourceData, meta interface{}) error { 187 sqlClient := meta.(*Client).sqlClient 188 189 name := d.Get("name").(string) 190 for _, srv := range d.Get("database_server_names").(*schema.Set).List() { 191 serverName := srv.(string) 192 193 log.Printf("[INFO] Sending Azure Database Server Firewall Rule list query for Server %q.", serverName) 194 rules, err := sqlClient.ListFirewallRules(serverName) 195 if err != nil { 196 if strings.Contains(err.Error(), "does not exist") { 197 // it means that the database server this rule belonged to has 198 // been deleted in the meantime. 199 continue 200 } else { 201 return fmt.Errorf("Error getting Azure Firewall Rules for Database Server %q: %s", serverName, err) 202 } 203 204 } 205 206 // look for our rule: 207 for _, rule := range rules.FirewallRules { 208 if rule.Name == name { 209 // go ahead and delete the rule: 210 log.Printf("[INFO] Issuing deletion of Azure Database Server Firewall Rule %q in Server %q.", name, serverName) 211 if err := sqlClient.DeleteFirewallRule(serverName, name); err != nil { 212 if strings.Contains(err.Error(), "Cannot open server") { 213 break 214 } 215 return fmt.Errorf("Error deleting Azure Database Server Firewall Rule %q for Server %q: %s", name, serverName, err) 216 } 217 218 break 219 } 220 } 221 222 } 223 224 return nil 225 }