github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/openstack/resource_openstack_fw_rule_v1.go

github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/builtin/providers/openstack/resource_openstack_fw_rule_v1.go (about)

     1  package openstack
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  
     7  	"github.com/hashicorp/terraform/helper/schema"
     8  	"github.com/rackspace/gophercloud/openstack/networking/v2/extensions/fwaas/policies"
     9  	"github.com/rackspace/gophercloud/openstack/networking/v2/extensions/fwaas/rules"
    10  )
    11  
    12  func resourceFWRuleV1() *schema.Resource {
    13  	return &schema.Resource{
    14  		Create: resourceFWRuleV1Create,
    15  		Read:   resourceFWRuleV1Read,
    16  		Update: resourceFWRuleV1Update,
    17  		Delete: resourceFWRuleV1Delete,
    18  
    19  		Schema: map[string]*schema.Schema{
    20  			"region": &schema.Schema{
    21  				Type:        schema.TypeString,
    22  				Required:    true,
    23  				ForceNew:    true,
    24  				DefaultFunc: envDefaultFuncAllowMissing("OS_REGION_NAME"),
    25  			},
    26  			"name": &schema.Schema{
    27  				Type:     schema.TypeString,
    28  				Optional: true,
    29  			},
    30  			"description": &schema.Schema{
    31  				Type:     schema.TypeString,
    32  				Optional: true,
    33  			},
    34  			"protocol": &schema.Schema{
    35  				Type:     schema.TypeString,
    36  				Required: true,
    37  			},
    38  			"action": &schema.Schema{
    39  				Type:     schema.TypeString,
    40  				Required: true,
    41  			},
    42  			"ip_version": &schema.Schema{
    43  				Type:     schema.TypeInt,
    44  				Optional: true,
    45  				Default:  4,
    46  			},
    47  			"source_ip_address": &schema.Schema{
    48  				Type:     schema.TypeString,
    49  				Optional: true,
    50  			},
    51  			"destination_ip_address": &schema.Schema{
    52  				Type:     schema.TypeString,
    53  				Optional: true,
    54  			},
    55  			"source_port": &schema.Schema{
    56  				Type:     schema.TypeString,
    57  				Optional: true,
    58  			},
    59  			"destination_port": &schema.Schema{
    60  				Type:     schema.TypeString,
    61  				Optional: true,
    62  			},
    63  			"enabled": &schema.Schema{
    64  				Type:     schema.TypeBool,
    65  				Optional: true,
    66  				Default:  true,
    67  			},
    68  			"tenant_id": &schema.Schema{
    69  				Type:     schema.TypeString,
    70  				Optional: true,
    71  				ForceNew: true,
    72  			},
    73  		},
    74  	}
    75  }
    76  
    77  func resourceFWRuleV1Create(d *schema.ResourceData, meta interface{}) error {
    78  
    79  	config := meta.(*Config)
    80  	networkingClient, err := config.networkingV2Client(d.Get("region").(string))
    81  	if err != nil {
    82  		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
    83  	}
    84  
    85  	enabled := d.Get("enabled").(bool)
    86  
    87  	ruleConfiguration := rules.CreateOpts{
    88  		Name:                 d.Get("name").(string),
    89  		Description:          d.Get("description").(string),
    90  		Protocol:             d.Get("protocol").(string),
    91  		Action:               d.Get("action").(string),
    92  		IPVersion:            d.Get("ip_version").(int),
    93  		SourceIPAddress:      d.Get("source_ip_address").(string),
    94  		DestinationIPAddress: d.Get("destination_ip_address").(string),
    95  		SourcePort:           d.Get("source_port").(string),
    96  		DestinationPort:      d.Get("destination_port").(string),
    97  		Enabled:              &enabled,
    98  		TenantID:             d.Get("tenant_id").(string),
    99  	}
   100  
   101  	log.Printf("[DEBUG] Create firewall rule: %#v", ruleConfiguration)
   102  
   103  	rule, err := rules.Create(networkingClient, ruleConfiguration).Extract()
   104  
   105  	if err != nil {
   106  		return err
   107  	}
   108  
   109  	log.Printf("[DEBUG] Firewall rule with id %s : %#v", rule.ID, rule)
   110  
   111  	d.SetId(rule.ID)
   112  
   113  	return resourceFWRuleV1Read(d, meta)
   114  }
   115  
   116  func resourceFWRuleV1Read(d *schema.ResourceData, meta interface{}) error {
   117  	log.Printf("[DEBUG] Retrieve information about firewall rule: %s", d.Id())
   118  
   119  	config := meta.(*Config)
   120  	networkingClient, err := config.networkingV2Client(d.Get("region").(string))
   121  	if err != nil {
   122  		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
   123  	}
   124  
   125  	rule, err := rules.Get(networkingClient, d.Id()).Extract()
   126  
   127  	if err != nil {
   128  		return CheckDeleted(d, err, "FW rule")
   129  	}
   130  
   131  	d.Set("protocol", rule.Protocol)
   132  	d.Set("action", rule.Action)
   133  
   134  	d.Set("name", rule.Name)
   135  	d.Set("description", rule.Description)
   136  	d.Set("ip_version", rule.IPVersion)
   137  	d.Set("source_ip_address", rule.SourceIPAddress)
   138  	d.Set("destination_ip_address", rule.DestinationIPAddress)
   139  	d.Set("source_port", rule.SourcePort)
   140  	d.Set("destination_port", rule.DestinationPort)
   141  	d.Set("enabled", rule.Enabled)
   142  
   143  	return nil
   144  }
   145  
   146  func resourceFWRuleV1Update(d *schema.ResourceData, meta interface{}) error {
   147  	config := meta.(*Config)
   148  	networkingClient, err := config.networkingV2Client(d.Get("region").(string))
   149  	if err != nil {
   150  		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
   151  	}
   152  
   153  	opts := rules.UpdateOpts{}
   154  
   155  	if d.HasChange("name") {
   156  		opts.Name = d.Get("name").(string)
   157  	}
   158  	if d.HasChange("description") {
   159  		opts.Description = d.Get("description").(string)
   160  	}
   161  	if d.HasChange("protocol") {
   162  		opts.Protocol = d.Get("protocol").(string)
   163  	}
   164  	if d.HasChange("action") {
   165  		opts.Action = d.Get("action").(string)
   166  	}
   167  	if d.HasChange("ip_version") {
   168  		opts.IPVersion = d.Get("ip_version").(int)
   169  	}
   170  	if d.HasChange("source_ip_address") {
   171  		sourceIPAddress := d.Get("source_ip_address").(string)
   172  		opts.SourceIPAddress = &sourceIPAddress
   173  	}
   174  	if d.HasChange("destination_ip_address") {
   175  		destinationIPAddress := d.Get("destination_ip_address").(string)
   176  		opts.DestinationIPAddress = &destinationIPAddress
   177  	}
   178  	if d.HasChange("source_port") {
   179  		sourcePort := d.Get("source_port").(string)
   180  		opts.SourcePort = &sourcePort
   181  	}
   182  	if d.HasChange("destination_port") {
   183  		destinationPort := d.Get("destination_port").(string)
   184  		opts.DestinationPort = &destinationPort
   185  	}
   186  	if d.HasChange("enabled") {
   187  		enabled := d.Get("enabled").(bool)
   188  		opts.Enabled = &enabled
   189  	}
   190  
   191  	log.Printf("[DEBUG] Updating firewall rules: %#v", opts)
   192  
   193  	err = rules.Update(networkingClient, d.Id(), opts).Err
   194  	if err != nil {
   195  		return err
   196  	}
   197  
   198  	return resourceFWRuleV1Read(d, meta)
   199  }
   200  
   201  func resourceFWRuleV1Delete(d *schema.ResourceData, meta interface{}) error {
   202  	log.Printf("[DEBUG] Destroy firewall rule: %s", d.Id())
   203  
   204  	config := meta.(*Config)
   205  	networkingClient, err := config.networkingV2Client(d.Get("region").(string))
   206  	if err != nil {
   207  		return fmt.Errorf("Error creating OpenStack networking client: %s", err)
   208  	}
   209  
   210  	rule, err := rules.Get(networkingClient, d.Id()).Extract()
   211  	if err != nil {
   212  		return err
   213  	}
   214  
   215  	if rule.PolicyID != "" {
   216  		err := policies.RemoveRule(networkingClient, rule.PolicyID, rule.ID)
   217  		if err != nil {
   218  			return err
   219  		}
   220  	}
   221  
   222  	return rules.Delete(networkingClient, d.Id()).Err
   223  }