github.com/peterbale/terraform@v0.9.0-beta2.0.20170315142748-5723acd55547/builtin/providers/azurerm/resource_arm_eventhub_authorization_rule.go (about) 1 package azurerm 2 3 import ( 4 "fmt" 5 "log" 6 7 "net/http" 8 9 "github.com/Azure/azure-sdk-for-go/arm/eventhub" 10 "github.com/hashicorp/terraform/helper/schema" 11 ) 12 13 func resourceArmEventHubAuthorizationRule() *schema.Resource { 14 return &schema.Resource{ 15 Create: resourceArmEventHubAuthorizationRuleCreateUpdate, 16 Read: resourceArmEventHubAuthorizationRuleRead, 17 Update: resourceArmEventHubAuthorizationRuleCreateUpdate, 18 Delete: resourceArmEventHubAuthorizationRuleDelete, 19 Importer: &schema.ResourceImporter{ 20 State: schema.ImportStatePassthrough, 21 }, 22 23 Schema: map[string]*schema.Schema{ 24 "name": { 25 Type: schema.TypeString, 26 Required: true, 27 ForceNew: true, 28 }, 29 30 "namespace_name": { 31 Type: schema.TypeString, 32 Required: true, 33 ForceNew: true, 34 }, 35 36 "eventhub_name": { 37 Type: schema.TypeString, 38 Required: true, 39 ForceNew: true, 40 }, 41 42 "resource_group_name": { 43 Type: schema.TypeString, 44 Required: true, 45 ForceNew: true, 46 }, 47 48 "location": { 49 Type: schema.TypeString, 50 Required: true, 51 ForceNew: true, 52 }, 53 54 "listen": { 55 Type: schema.TypeBool, 56 Optional: true, 57 Default: false, 58 }, 59 60 "send": { 61 Type: schema.TypeBool, 62 Optional: true, 63 Default: false, 64 }, 65 66 "manage": { 67 Type: schema.TypeBool, 68 Optional: true, 69 Default: false, 70 }, 71 72 "primary_key": { 73 Type: schema.TypeString, 74 Computed: true, 75 }, 76 77 "primary_connection_string": { 78 Type: schema.TypeString, 79 Computed: true, 80 }, 81 82 "secondary_key": { 83 Type: schema.TypeString, 84 Computed: true, 85 }, 86 87 "secondary_connection_string": { 88 Type: schema.TypeString, 89 Computed: true, 90 }, 91 }, 92 } 93 } 94 95 func resourceArmEventHubAuthorizationRuleCreateUpdate(d *schema.ResourceData, meta interface{}) error { 96 client := meta.(*ArmClient).eventHubClient 97 log.Printf("[INFO] preparing arguments for Azure ARM EventHub Authorization Rule creation.") 98 99 name := d.Get("name").(string) 100 namespaceName := d.Get("namespace_name").(string) 101 eventHubName := d.Get("eventhub_name").(string) 102 location := d.Get("location").(string) 103 resGroup := d.Get("resource_group_name").(string) 104 105 rights, err := expandEventHubAuthorizationRuleAccessRights(d) 106 if err != nil { 107 return err 108 } 109 110 parameters := eventhub.SharedAccessAuthorizationRuleCreateOrUpdateParameters{ 111 Name: &name, 112 Location: &location, 113 SharedAccessAuthorizationRuleProperties: &eventhub.SharedAccessAuthorizationRuleProperties{ 114 Rights: rights, 115 }, 116 } 117 118 _, err = client.CreateOrUpdateAuthorizationRule(resGroup, namespaceName, eventHubName, name, parameters) 119 if err != nil { 120 return err 121 } 122 123 read, err := client.GetAuthorizationRule(resGroup, namespaceName, eventHubName, name) 124 if err != nil { 125 return err 126 } 127 128 if read.ID == nil { 129 return fmt.Errorf("Cannot read EventHub Authorization Rule %s (resource group %s) ID", name, resGroup) 130 } 131 132 d.SetId(*read.ID) 133 134 return resourceArmEventHubAuthorizationRuleRead(d, meta) 135 } 136 137 func resourceArmEventHubAuthorizationRuleRead(d *schema.ResourceData, meta interface{}) error { 138 client := meta.(*ArmClient).eventHubClient 139 140 id, err := parseAzureResourceID(d.Id()) 141 if err != nil { 142 return err 143 } 144 resGroup := id.ResourceGroup 145 namespaceName := id.Path["namespaces"] 146 eventHubName := id.Path["eventhubs"] 147 name := id.Path["authorizationRules"] 148 149 resp, err := client.GetAuthorizationRule(resGroup, namespaceName, eventHubName, name) 150 if err != nil { 151 return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule %s: %s", name, err) 152 } 153 if resp.StatusCode == http.StatusNotFound { 154 d.SetId("") 155 return nil 156 } 157 158 keysResp, err := client.ListKeys(resGroup, namespaceName, eventHubName, name) 159 if err != nil { 160 return fmt.Errorf("Error making Read request on Azure EventHub Authorization Rule List Keys %s: %s", name, err) 161 } 162 163 d.Set("name", name) 164 d.Set("eventhub_name", eventHubName) 165 d.Set("namespace_name", namespaceName) 166 d.Set("resource_group_name", resGroup) 167 d.Set("location", azureRMNormalizeLocation(*resp.Location)) 168 169 flattenEventHubAuthorizationRuleAccessRights(d, resp) 170 171 d.Set("primary_key", keysResp.PrimaryKey) 172 d.Set("primary_connection_string", keysResp.PrimaryConnectionString) 173 d.Set("secondary_key", keysResp.SecondaryKey) 174 d.Set("secondary_connection_string", keysResp.SecondaryConnectionString) 175 176 return nil 177 } 178 179 func resourceArmEventHubAuthorizationRuleDelete(d *schema.ResourceData, meta interface{}) error { 180 eventhubClient := meta.(*ArmClient).eventHubClient 181 182 id, err := parseAzureResourceID(d.Id()) 183 if err != nil { 184 return err 185 } 186 resGroup := id.ResourceGroup 187 namespaceName := id.Path["namespaces"] 188 eventHubName := id.Path["eventhubs"] 189 name := id.Path["authorizationRules"] 190 191 resp, err := eventhubClient.DeleteAuthorizationRule(resGroup, namespaceName, eventHubName, name) 192 193 if resp.StatusCode != http.StatusOK { 194 return fmt.Errorf("Error issuing Azure ARM delete request of EventHub Authorization Rule '%s': %s", name, err) 195 } 196 197 return nil 198 } 199 200 func expandEventHubAuthorizationRuleAccessRights(d *schema.ResourceData) (*[]eventhub.AccessRights, error) { 201 canSend := d.Get("send").(bool) 202 canListen := d.Get("listen").(bool) 203 canManage := d.Get("manage").(bool) 204 rights := []eventhub.AccessRights{} 205 if canListen { 206 rights = append(rights, eventhub.Listen) 207 } 208 209 if canSend { 210 rights = append(rights, eventhub.Send) 211 } 212 213 if canManage { 214 rights = append(rights, eventhub.Manage) 215 } 216 217 if len(rights) == 0 { 218 return nil, fmt.Errorf("At least one Authorization Rule State must be enabled (e.g. Listen/Manage/Send)") 219 } 220 221 if canManage && !(canListen && canSend) { 222 return nil, fmt.Errorf("In order to enable the 'Manage' Authorization Rule - both the 'Listen' and 'Send' rules must be enabled") 223 } 224 225 return &rights, nil 226 } 227 228 func flattenEventHubAuthorizationRuleAccessRights(d *schema.ResourceData, resp eventhub.SharedAccessAuthorizationRuleResource) { 229 230 var canListen = false 231 var canSend = false 232 var canManage = false 233 234 for _, right := range *resp.Rights { 235 switch right { 236 case eventhub.Listen: 237 canListen = true 238 case eventhub.Send: 239 canSend = true 240 case eventhub.Manage: 241 canManage = true 242 default: 243 log.Printf("[DEBUG] Unknown Authorization Rule Right '%s'", right) 244 } 245 } 246 247 d.Set("listen", canListen) 248 d.Set("send", canSend) 249 d.Set("manage", canManage) 250 }