github.com/richardbowden/terraform@v0.6.12-0.20160901200758-30ea22c25211/builtin/providers/scaleway/resource_scaleway_security_group_rule.go (about) 1 package scaleway 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/hashicorp/terraform/helper/schema" 8 "github.com/scaleway/scaleway-cli/pkg/api" 9 ) 10 11 func resourceScalewaySecurityGroupRule() *schema.Resource { 12 return &schema.Resource{ 13 Create: resourceScalewaySecurityGroupRuleCreate, 14 Read: resourceScalewaySecurityGroupRuleRead, 15 Update: resourceScalewaySecurityGroupRuleUpdate, 16 Delete: resourceScalewaySecurityGroupRuleDelete, 17 Schema: map[string]*schema.Schema{ 18 "security_group": &schema.Schema{ 19 Type: schema.TypeString, 20 Required: true, 21 }, 22 "action": &schema.Schema{ 23 Type: schema.TypeString, 24 Required: true, 25 ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { 26 value := v.(string) 27 if value != "accept" && value != "drop" { 28 errors = append(errors, fmt.Errorf("%q must be one of 'accept', 'drop'", k)) 29 } 30 return 31 }, 32 }, 33 "direction": &schema.Schema{ 34 Type: schema.TypeString, 35 Required: true, 36 ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { 37 value := v.(string) 38 if value != "inbound" && value != "outbound" { 39 errors = append(errors, fmt.Errorf("%q must be one of 'inbound', 'outbound'", k)) 40 } 41 return 42 }, 43 }, 44 "ip_range": &schema.Schema{ 45 Type: schema.TypeString, 46 Required: true, 47 }, 48 "protocol": &schema.Schema{ 49 Type: schema.TypeString, 50 Required: true, 51 ValidateFunc: func(v interface{}, k string) (ws []string, errors []error) { 52 value := v.(string) 53 if value != "ICMP" && value != "TCP" && value != "UDP" { 54 errors = append(errors, fmt.Errorf("%q must be one of 'ICMP', 'TCP', 'UDP", k)) 55 } 56 return 57 }, 58 }, 59 "port": &schema.Schema{ 60 Type: schema.TypeInt, 61 Optional: true, 62 }, 63 }, 64 } 65 } 66 67 func resourceScalewaySecurityGroupRuleCreate(d *schema.ResourceData, m interface{}) error { 68 scaleway := m.(*Client).scaleway 69 70 req := api.ScalewayNewSecurityGroupRule{ 71 Action: d.Get("action").(string), 72 Direction: d.Get("direction").(string), 73 IPRange: d.Get("ip_range").(string), 74 Protocol: d.Get("protocol").(string), 75 DestPortFrom: d.Get("port").(int), 76 } 77 78 err := scaleway.PostSecurityGroupRule(d.Get("security_group").(string), req) 79 if err != nil { 80 if serr, ok := err.(api.ScalewayAPIError); ok { 81 log.Printf("[DEBUG] Error creating Security Group Rule: %q\n", serr.APIMessage) 82 } 83 84 return err 85 } 86 87 resp, err := scaleway.GetSecurityGroupRules(d.Get("security_group").(string)) 88 if err != nil { 89 return err 90 } 91 92 for _, rule := range resp.Rules { 93 if rule.Action == req.Action && rule.Direction == req.Direction && rule.IPRange == req.IPRange && rule.Protocol == req.Protocol { 94 d.SetId(rule.ID) 95 break 96 } 97 } 98 99 if d.Id() == "" { 100 return fmt.Errorf("Failed to find created security group rule") 101 } 102 103 return resourceScalewaySecurityGroupRuleRead(d, m) 104 } 105 106 func resourceScalewaySecurityGroupRuleRead(d *schema.ResourceData, m interface{}) error { 107 scaleway := m.(*Client).scaleway 108 rule, err := scaleway.GetASecurityGroupRule(d.Get("security_group").(string), d.Id()) 109 110 if err != nil { 111 if serr, ok := err.(api.ScalewayAPIError); ok { 112 log.Printf("[DEBUG] error reading Security Group Rule: %q\n", serr.APIMessage) 113 114 if serr.StatusCode == 404 { 115 d.SetId("") 116 return nil 117 } 118 } 119 120 return err 121 } 122 123 d.Set("action", rule.Rules.Action) 124 d.Set("direction", rule.Rules.Direction) 125 d.Set("ip_range", rule.Rules.IPRange) 126 d.Set("protocol", rule.Rules.Protocol) 127 d.Set("port", rule.Rules.DestPortFrom) 128 129 return nil 130 } 131 132 func resourceScalewaySecurityGroupRuleUpdate(d *schema.ResourceData, m interface{}) error { 133 scaleway := m.(*Client).scaleway 134 135 var req = api.ScalewayNewSecurityGroupRule{ 136 Action: d.Get("action").(string), 137 Direction: d.Get("direction").(string), 138 IPRange: d.Get("ip_range").(string), 139 Protocol: d.Get("protocol").(string), 140 DestPortFrom: d.Get("port").(int), 141 } 142 143 if err := scaleway.PutSecurityGroupRule(req, d.Get("security_group").(string), d.Id()); err != nil { 144 log.Printf("[DEBUG] error updating Security Group Rule: %q", err) 145 146 return err 147 } 148 149 return resourceScalewaySecurityGroupRuleRead(d, m) 150 } 151 152 func resourceScalewaySecurityGroupRuleDelete(d *schema.ResourceData, m interface{}) error { 153 scaleway := m.(*Client).scaleway 154 155 err := scaleway.DeleteSecurityGroupRule(d.Get("security_group").(string), d.Id()) 156 if err != nil { 157 if serr, ok := err.(api.ScalewayAPIError); ok { 158 log.Printf("[DEBUG] error reading Security Group Rule: %q\n", serr.APIMessage) 159 160 if serr.StatusCode == 404 { 161 d.SetId("") 162 return nil 163 } 164 } 165 166 return err 167 } 168 169 d.SetId("") 170 return nil 171 }