github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/aws/resource_aws_flow_log.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/service/ec2" 9 "github.com/hashicorp/terraform/helper/schema" 10 ) 11 12 func resourceAwsFlowLog() *schema.Resource { 13 return &schema.Resource{ 14 Create: resourceAwsLogFlowCreate, 15 Read: resourceAwsLogFlowRead, 16 Delete: resourceAwsLogFlowDelete, 17 18 Schema: map[string]*schema.Schema{ 19 "iam_role_arn": &schema.Schema{ 20 Type: schema.TypeString, 21 Required: true, 22 ForceNew: true, 23 }, 24 25 "log_group_name": &schema.Schema{ 26 Type: schema.TypeString, 27 Required: true, 28 ForceNew: true, 29 }, 30 31 "vpc_id": &schema.Schema{ 32 Type: schema.TypeString, 33 Optional: true, 34 ForceNew: true, 35 ConflictsWith: []string{"subnet_id", "eni_id"}, 36 }, 37 38 "subnet_id": &schema.Schema{ 39 Type: schema.TypeString, 40 Optional: true, 41 ForceNew: true, 42 ConflictsWith: []string{"eni_id", "vpc_id"}, 43 }, 44 45 "eni_id": &schema.Schema{ 46 Type: schema.TypeString, 47 Optional: true, 48 ForceNew: true, 49 ConflictsWith: []string{"subnet_id", "vpc_id"}, 50 }, 51 52 "traffic_type": &schema.Schema{ 53 Type: schema.TypeString, 54 Required: true, 55 ForceNew: true, 56 }, 57 }, 58 } 59 } 60 61 func resourceAwsLogFlowCreate(d *schema.ResourceData, meta interface{}) error { 62 conn := meta.(*AWSClient).ec2conn 63 64 types := []struct { 65 ID string 66 Type string 67 }{ 68 {ID: d.Get("vpc_id").(string), Type: "VPC"}, 69 {ID: d.Get("subnet_id").(string), Type: "Subnet"}, 70 {ID: d.Get("eni_id").(string), Type: "NetworkInterface"}, 71 } 72 73 var resourceId string 74 var resourceType string 75 for _, t := range types { 76 if t.ID != "" { 77 resourceId = t.ID 78 resourceType = t.Type 79 break 80 } 81 } 82 83 if resourceId == "" || resourceType == "" { 84 return fmt.Errorf("Error: Flow Logs require either a VPC, Subnet, or ENI ID") 85 } 86 87 opts := &ec2.CreateFlowLogsInput{ 88 DeliverLogsPermissionArn: aws.String(d.Get("iam_role_arn").(string)), 89 LogGroupName: aws.String(d.Get("log_group_name").(string)), 90 ResourceIds: []*string{aws.String(resourceId)}, 91 ResourceType: aws.String(resourceType), 92 TrafficType: aws.String(d.Get("traffic_type").(string)), 93 } 94 95 log.Printf( 96 "[DEBUG] Flow Log Create configuration: %s", opts) 97 resp, err := conn.CreateFlowLogs(opts) 98 if err != nil { 99 return fmt.Errorf("Error creating Flow Log for (%s), error: %s", resourceId, err) 100 } 101 102 if len(resp.FlowLogIds) > 1 { 103 return fmt.Errorf("Error: multiple Flow Logs created for (%s)", resourceId) 104 } 105 106 d.SetId(*resp.FlowLogIds[0]) 107 108 return resourceAwsLogFlowRead(d, meta) 109 } 110 111 func resourceAwsLogFlowRead(d *schema.ResourceData, meta interface{}) error { 112 conn := meta.(*AWSClient).ec2conn 113 114 opts := &ec2.DescribeFlowLogsInput{ 115 FlowLogIds: []*string{aws.String(d.Id())}, 116 } 117 118 resp, err := conn.DescribeFlowLogs(opts) 119 if err != nil { 120 log.Printf("[WARN] Error describing Flow Logs for id (%s)", d.Id()) 121 d.SetId("") 122 return nil 123 } 124 125 if len(resp.FlowLogs) == 0 { 126 log.Printf("[WARN] No Flow Logs found for id (%s)", d.Id()) 127 d.SetId("") 128 return nil 129 } 130 131 fl := resp.FlowLogs[0] 132 133 d.Set("traffic_type", fl.TrafficType) 134 d.Set("log_group_name", fl.LogGroupName) 135 d.Set("iam_role_arn", fl.DeliverLogsPermissionArn) 136 137 return nil 138 } 139 140 func resourceAwsLogFlowDelete(d *schema.ResourceData, meta interface{}) error { 141 conn := meta.(*AWSClient).ec2conn 142 143 log.Printf( 144 "[DEBUG] Flow Log Destroy: %s", d.Id()) 145 _, err := conn.DeleteFlowLogs(&ec2.DeleteFlowLogsInput{ 146 FlowLogIds: []*string{aws.String(d.Id())}, 147 }) 148 149 if err != nil { 150 return fmt.Errorf("[WARN] Error deleting Flow Log with ID (%s), error: %s", d.Id(), err) 151 } 152 153 return nil 154 }