github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_waf_ipset.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "log" 6 7 "github.com/aws/aws-sdk-go/aws" 8 "github.com/aws/aws-sdk-go/aws/awserr" 9 "github.com/aws/aws-sdk-go/service/waf" 10 "github.com/hashicorp/terraform/helper/schema" 11 ) 12 13 func resourceAwsWafIPSet() *schema.Resource { 14 return &schema.Resource{ 15 Create: resourceAwsWafIPSetCreate, 16 Read: resourceAwsWafIPSetRead, 17 Update: resourceAwsWafIPSetUpdate, 18 Delete: resourceAwsWafIPSetDelete, 19 20 Schema: map[string]*schema.Schema{ 21 "name": &schema.Schema{ 22 Type: schema.TypeString, 23 Required: true, 24 ForceNew: true, 25 }, 26 "ip_set_descriptors": &schema.Schema{ 27 Type: schema.TypeSet, 28 Optional: true, 29 Elem: &schema.Resource{ 30 Schema: map[string]*schema.Schema{ 31 "type": &schema.Schema{ 32 Type: schema.TypeString, 33 Required: true, 34 }, 35 "value": &schema.Schema{ 36 Type: schema.TypeString, 37 Required: true, 38 }, 39 }, 40 }, 41 }, 42 }, 43 } 44 } 45 46 func resourceAwsWafIPSetCreate(d *schema.ResourceData, meta interface{}) error { 47 conn := meta.(*AWSClient).wafconn 48 49 // ChangeToken 50 var ct *waf.GetChangeTokenInput 51 52 res, err := conn.GetChangeToken(ct) 53 if err != nil { 54 return fmt.Errorf("Error getting change token: %s", err) 55 } 56 57 params := &waf.CreateIPSetInput{ 58 ChangeToken: res.ChangeToken, 59 Name: aws.String(d.Get("name").(string)), 60 } 61 62 resp, err := conn.CreateIPSet(params) 63 if err != nil { 64 return err 65 } 66 d.SetId(*resp.IPSet.IPSetId) 67 return resourceAwsWafIPSetUpdate(d, meta) 68 } 69 70 func resourceAwsWafIPSetRead(d *schema.ResourceData, meta interface{}) error { 71 conn := meta.(*AWSClient).wafconn 72 73 params := &waf.GetIPSetInput{ 74 IPSetId: aws.String(d.Id()), 75 } 76 77 resp, err := conn.GetIPSet(params) 78 if err != nil { 79 if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "WAFNonexistentItemException" { 80 log.Printf("[WARN] WAF IPSet (%s) not found, error code (404)", d.Id()) 81 d.SetId("") 82 return nil 83 } 84 85 return err 86 } 87 88 var IPSetDescriptors []map[string]interface{} 89 90 for _, IPSetDescriptor := range resp.IPSet.IPSetDescriptors { 91 IPSet := map[string]interface{}{ 92 "type": *IPSetDescriptor.Type, 93 "value": *IPSetDescriptor.Value, 94 } 95 IPSetDescriptors = append(IPSetDescriptors, IPSet) 96 } 97 98 d.Set("ip_set_descriptors", IPSetDescriptors) 99 100 d.Set("name", resp.IPSet.Name) 101 102 return nil 103 } 104 105 func resourceAwsWafIPSetUpdate(d *schema.ResourceData, meta interface{}) error { 106 err := updateIPSetResource(d, meta, waf.ChangeActionInsert) 107 if err != nil { 108 return fmt.Errorf("Error Updating WAF IPSet: %s", err) 109 } 110 return resourceAwsWafIPSetRead(d, meta) 111 } 112 113 func resourceAwsWafIPSetDelete(d *schema.ResourceData, meta interface{}) error { 114 conn := meta.(*AWSClient).wafconn 115 err := updateIPSetResource(d, meta, waf.ChangeActionDelete) 116 if err != nil { 117 return fmt.Errorf("Error Removing IPSetDescriptors: %s", err) 118 } 119 120 // ChangeToken 121 var ct *waf.GetChangeTokenInput 122 123 resp, err := conn.GetChangeToken(ct) 124 125 req := &waf.DeleteIPSetInput{ 126 ChangeToken: resp.ChangeToken, 127 IPSetId: aws.String(d.Id()), 128 } 129 log.Printf("[INFO] Deleting WAF IPSet") 130 _, err = conn.DeleteIPSet(req) 131 132 if err != nil { 133 return fmt.Errorf("Error Deleting WAF IPSet: %s", err) 134 } 135 136 return nil 137 } 138 139 func updateIPSetResource(d *schema.ResourceData, meta interface{}, ChangeAction string) error { 140 conn := meta.(*AWSClient).wafconn 141 142 // ChangeToken 143 var ct *waf.GetChangeTokenInput 144 145 resp, err := conn.GetChangeToken(ct) 146 if err != nil { 147 return fmt.Errorf("Error getting change token: %s", err) 148 } 149 150 req := &waf.UpdateIPSetInput{ 151 ChangeToken: resp.ChangeToken, 152 IPSetId: aws.String(d.Id()), 153 } 154 155 IPSetDescriptors := d.Get("ip_set_descriptors").(*schema.Set) 156 for _, IPSetDescriptor := range IPSetDescriptors.List() { 157 IPSet := IPSetDescriptor.(map[string]interface{}) 158 IPSetUpdate := &waf.IPSetUpdate{ 159 Action: aws.String(ChangeAction), 160 IPSetDescriptor: &waf.IPSetDescriptor{ 161 Type: aws.String(IPSet["type"].(string)), 162 Value: aws.String(IPSet["value"].(string)), 163 }, 164 } 165 req.Updates = append(req.Updates, IPSetUpdate) 166 } 167 168 _, err = conn.UpdateIPSet(req) 169 if err != nil { 170 return fmt.Errorf("Error Updating WAF IPSet: %s", err) 171 } 172 173 return nil 174 }