github.com/pmcatominey/terraform@v0.7.0-rc2.0.20160708105029-1401a52a5cc5/builtin/providers/openstack/resource_openstack_fw_rule_v1.go (about)

     1  package openstack
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  
     7  	"github.com/hashicorp/terraform/helper/schema"
     8  	"github.com/rackspace/gophercloud/openstack/networking/v2/extensions/fwaas/policies"
     9  	"github.com/rackspace/gophercloud/openstack/networking/v2/extensions/fwaas/rules"
    10  )
    11  
    12  func resourceFWRuleV1() *schema.Resource {
    13  	return &schema.Resource{
    14  		Create: resourceFWRuleV1Create,
    15  		Read:   resourceFWRuleV1Read,
    16  		Update: resourceFWRuleV1Update,
    17  		Delete: resourceFWRuleV1Delete,
    18  		Importer: &schema.ResourceImporter{
    19  			State: schema.ImportStatePassthrough,
    20  		},
    21  
    22  		Schema: map[string]*schema.Schema{
    23  			"region": &schema.Schema{
    24  				Type:        schema.TypeString,
    25  				Required:    true,
    26  				ForceNew:    true,
    27  				DefaultFunc: schema.EnvDefaultFunc("OS_REGION_NAME", ""),
    28  			},
    29  			"name": &schema.Schema{
    30  				Type:     schema.TypeString,
    31  				Optional: true,
    32  			},
    33  			"description": &schema.Schema{
    34  				Type:     schema.TypeString,
    35  				Optional: true,
    36  			},
    37  			"protocol": &schema.Schema{
    38  				Type:     schema.TypeString,
    39  				Required: true,
    40  			},
    41  			"action": &schema.Schema{
    42  				Type:     schema.TypeString,
    43  				Required: true,
    44  			},
    45  			"ip_version": &schema.Schema{
    46  				Type:     schema.TypeInt,
    47  				Optional: true,
    48  				Default:  4,
    49  			},
    50  			"source_ip_address": &schema.Schema{
    51  				Type:     schema.TypeString,
    52  				Optional: true,
    53  			},
    54  			"destination_ip_address": &schema.Schema{
    55  				Type:     schema.TypeString,
    56  				Optional: true,
    57  			},
    58  			"source_port": &schema.Schema{
    59  				Type:     schema.TypeString,
    60  				Optional: true,
    61  			},
    62  			"destination_port": &schema.Schema{
    63  				Type:     schema.TypeString,
    64  				Optional: true,
    65  			},
    66  			"enabled": &schema.Schema{
    67  				Type:     schema.TypeBool,
    68  				Optional: true,
    69  				Default:  true,
    70  			},
    71  			"tenant_id": &schema.Schema{
    72  				Type:     schema.TypeString,
    73  				Optional: true,
    74  				ForceNew: true,
    75  			},
    76  		},
    77  	}
    78  }
    79  
    80  func resourceFWRuleV1Create(d *schema.ResourceData, meta interface{}) error {
    81  
    82  	config := meta.(*Config)
    83  	networkingClient, err := config.networkingV2Client(d.Get("region").(string))
    84  	if err != nil {
    85  		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
    86  	}
    87  
    88  	enabled := d.Get("enabled").(bool)
    89  
    90  	ruleConfiguration := rules.CreateOpts{
    91  		Name:                 d.Get("name").(string),
    92  		Description:          d.Get("description").(string),
    93  		Protocol:             d.Get("protocol").(string),
    94  		Action:               d.Get("action").(string),
    95  		IPVersion:            d.Get("ip_version").(int),
    96  		SourceIPAddress:      d.Get("source_ip_address").(string),
    97  		DestinationIPAddress: d.Get("destination_ip_address").(string),
    98  		SourcePort:           d.Get("source_port").(string),
    99  		DestinationPort:      d.Get("destination_port").(string),
   100  		Enabled:              &enabled,
   101  		TenantID:             d.Get("tenant_id").(string),
   102  	}
   103  
   104  	log.Printf("[DEBUG] Create firewall rule: %#v", ruleConfiguration)
   105  
   106  	rule, err := rules.Create(networkingClient, ruleConfiguration).Extract()
   107  
   108  	if err != nil {
   109  		return err
   110  	}
   111  
   112  	log.Printf("[DEBUG] Firewall rule with id %s : %#v", rule.ID, rule)
   113  
   114  	d.SetId(rule.ID)
   115  
   116  	return resourceFWRuleV1Read(d, meta)
   117  }
   118  
   119  func resourceFWRuleV1Read(d *schema.ResourceData, meta interface{}) error {
   120  	log.Printf("[DEBUG] Retrieve information about firewall rule: %s", d.Id())
   121  
   122  	config := meta.(*Config)
   123  	networkingClient, err := config.networkingV2Client(d.Get("region").(string))
   124  	if err != nil {
   125  		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
   126  	}
   127  
   128  	rule, err := rules.Get(networkingClient, d.Id()).Extract()
   129  	if err != nil {
   130  		return CheckDeleted(d, err, "FW rule")
   131  	}
   132  
   133  	log.Printf("[DEBUG] Read OpenStack Firewall Rule %s: %#v", d.Id(), rule)
   134  
   135  	d.Set("protocol", rule.Protocol)
   136  	d.Set("action", rule.Action)
   137  	d.Set("name", rule.Name)
   138  	d.Set("description", rule.Description)
   139  	d.Set("ip_version", rule.IPVersion)
   140  	d.Set("source_ip_address", rule.SourceIPAddress)
   141  	d.Set("destination_ip_address", rule.DestinationIPAddress)
   142  	d.Set("source_port", rule.SourcePort)
   143  	d.Set("destination_port", rule.DestinationPort)
   144  	d.Set("enabled", rule.Enabled)
   145  
   146  	return nil
   147  }
   148  
   149  func resourceFWRuleV1Update(d *schema.ResourceData, meta interface{}) error {
   150  	config := meta.(*Config)
   151  	networkingClient, err := config.networkingV2Client(d.Get("region").(string))
   152  	if err != nil {
   153  		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
   154  	}
   155  
   156  	opts := rules.UpdateOpts{}
   157  
   158  	if d.HasChange("name") {
   159  		opts.Name = d.Get("name").(string)
   160  	}
   161  	if d.HasChange("description") {
   162  		opts.Description = d.Get("description").(string)
   163  	}
   164  	if d.HasChange("protocol") {
   165  		opts.Protocol = d.Get("protocol").(string)
   166  	}
   167  	if d.HasChange("action") {
   168  		opts.Action = d.Get("action").(string)
   169  	}
   170  	if d.HasChange("ip_version") {
   171  		opts.IPVersion = d.Get("ip_version").(int)
   172  	}
   173  	if d.HasChange("source_ip_address") {
   174  		sourceIPAddress := d.Get("source_ip_address").(string)
   175  		opts.SourceIPAddress = &sourceIPAddress
   176  	}
   177  	if d.HasChange("destination_ip_address") {
   178  		destinationIPAddress := d.Get("destination_ip_address").(string)
   179  		opts.DestinationIPAddress = &destinationIPAddress
   180  	}
   181  	if d.HasChange("source_port") {
   182  		sourcePort := d.Get("source_port").(string)
   183  		opts.SourcePort = &sourcePort
   184  	}
   185  	if d.HasChange("destination_port") {
   186  		destinationPort := d.Get("destination_port").(string)
   187  		opts.DestinationPort = &destinationPort
   188  	}
   189  	if d.HasChange("enabled") {
   190  		enabled := d.Get("enabled").(bool)
   191  		opts.Enabled = &enabled
   192  	}
   193  
   194  	log.Printf("[DEBUG] Updating firewall rules: %#v", opts)
   195  
   196  	err = rules.Update(networkingClient, d.Id(), opts).Err
   197  	if err != nil {
   198  		return err
   199  	}
   200  
   201  	return resourceFWRuleV1Read(d, meta)
   202  }
   203  
   204  func resourceFWRuleV1Delete(d *schema.ResourceData, meta interface{}) error {
   205  	log.Printf("[DEBUG] Destroy firewall rule: %s", d.Id())
   206  
   207  	config := meta.(*Config)
   208  	networkingClient, err := config.networkingV2Client(d.Get("region").(string))
   209  	if err != nil {
   210  		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
   211  	}
   212  
   213  	rule, err := rules.Get(networkingClient, d.Id()).Extract()
   214  	if err != nil {
   215  		return err
   216  	}
   217  
   218  	if rule.PolicyID != "" {
   219  		err := policies.RemoveRule(networkingClient, rule.PolicyID, rule.ID)
   220  		if err != nil {
   221  			return err
   222  		}
   223  	}
   224  
   225  	return rules.Delete(networkingClient, d.Id()).Err
   226  }