github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/builtin/providers/aws/resource_aws_waf_xss_match_set.go (about) 1 package aws 2 3 import ( 4 "log" 5 6 "github.com/aws/aws-sdk-go/aws" 7 "github.com/aws/aws-sdk-go/aws/awserr" 8 "github.com/aws/aws-sdk-go/service/waf" 9 "github.com/hashicorp/errwrap" 10 "github.com/hashicorp/terraform/helper/schema" 11 ) 12 13 func resourceAwsWafXssMatchSet() *schema.Resource { 14 return &schema.Resource{ 15 Create: resourceAwsWafXssMatchSetCreate, 16 Read: resourceAwsWafXssMatchSetRead, 17 Update: resourceAwsWafXssMatchSetUpdate, 18 Delete: resourceAwsWafXssMatchSetDelete, 19 20 Schema: map[string]*schema.Schema{ 21 "name": &schema.Schema{ 22 Type: schema.TypeString, 23 Required: true, 24 ForceNew: true, 25 }, 26 "xss_match_tuples": &schema.Schema{ 27 Type: schema.TypeSet, 28 Required: true, 29 Elem: &schema.Resource{ 30 Schema: map[string]*schema.Schema{ 31 "field_to_match": { 32 Type: schema.TypeSet, 33 Required: true, 34 MaxItems: 1, 35 Elem: &schema.Resource{ 36 Schema: map[string]*schema.Schema{ 37 "data": { 38 Type: schema.TypeString, 39 Optional: true, 40 }, 41 "type": { 42 Type: schema.TypeString, 43 Required: true, 44 }, 45 }, 46 }, 47 }, 48 "text_transformation": &schema.Schema{ 49 Type: schema.TypeString, 50 Required: true, 51 }, 52 }, 53 }, 54 }, 55 }, 56 } 57 } 58 59 func resourceAwsWafXssMatchSetCreate(d *schema.ResourceData, meta interface{}) error { 60 conn := meta.(*AWSClient).wafconn 61 62 log.Printf("[INFO] Creating XssMatchSet: %s", d.Get("name").(string)) 63 64 // ChangeToken 65 var ct *waf.GetChangeTokenInput 66 67 res, err := conn.GetChangeToken(ct) 68 if err != nil { 69 return errwrap.Wrapf("[ERROR] Error getting change token: {{err}}", err) 70 } 71 72 params := &waf.CreateXssMatchSetInput{ 73 ChangeToken: res.ChangeToken, 74 Name: aws.String(d.Get("name").(string)), 75 } 76 77 resp, err := conn.CreateXssMatchSet(params) 78 79 if err != nil { 80 return errwrap.Wrapf("[ERROR] Error creating XssMatchSet: {{err}}", err) 81 } 82 83 d.SetId(*resp.XssMatchSet.XssMatchSetId) 84 85 return resourceAwsWafXssMatchSetUpdate(d, meta) 86 } 87 88 func resourceAwsWafXssMatchSetRead(d *schema.ResourceData, meta interface{}) error { 89 conn := meta.(*AWSClient).wafconn 90 log.Printf("[INFO] Reading XssMatchSet: %s", d.Get("name").(string)) 91 params := &waf.GetXssMatchSetInput{ 92 XssMatchSetId: aws.String(d.Id()), 93 } 94 95 resp, err := conn.GetXssMatchSet(params) 96 if err != nil { 97 if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "WAFNonexistentItemException" { 98 log.Printf("[WARN] WAF IPSet (%s) not found, error code (404)", d.Id()) 99 d.SetId("") 100 return nil 101 } 102 103 return err 104 } 105 106 d.Set("name", resp.XssMatchSet.Name) 107 108 return nil 109 } 110 111 func resourceAwsWafXssMatchSetUpdate(d *schema.ResourceData, meta interface{}) error { 112 log.Printf("[INFO] Updating XssMatchSet: %s", d.Get("name").(string)) 113 err := updateXssMatchSetResource(d, meta, waf.ChangeActionInsert) 114 if err != nil { 115 return errwrap.Wrapf("[ERROR] Error updating XssMatchSet: {{err}}", err) 116 } 117 return resourceAwsWafXssMatchSetRead(d, meta) 118 } 119 120 func resourceAwsWafXssMatchSetDelete(d *schema.ResourceData, meta interface{}) error { 121 conn := meta.(*AWSClient).wafconn 122 123 log.Printf("[INFO] Deleting XssMatchSet: %s", d.Get("name").(string)) 124 err := updateXssMatchSetResource(d, meta, waf.ChangeActionDelete) 125 if err != nil { 126 return errwrap.Wrapf("[ERROR] Error deleting XssMatchSet: {{err}}", err) 127 } 128 129 var ct *waf.GetChangeTokenInput 130 131 resp, err := conn.GetChangeToken(ct) 132 133 req := &waf.DeleteXssMatchSetInput{ 134 ChangeToken: resp.ChangeToken, 135 XssMatchSetId: aws.String(d.Id()), 136 } 137 138 _, err = conn.DeleteXssMatchSet(req) 139 140 if err != nil { 141 return errwrap.Wrapf("[ERROR] Error deleting XssMatchSet: {{err}}", err) 142 } 143 144 return nil 145 } 146 147 func updateXssMatchSetResource(d *schema.ResourceData, meta interface{}, ChangeAction string) error { 148 conn := meta.(*AWSClient).wafconn 149 150 var ct *waf.GetChangeTokenInput 151 152 resp, err := conn.GetChangeToken(ct) 153 if err != nil { 154 return errwrap.Wrapf("[ERROR] Error getting change token: {{err}}", err) 155 } 156 157 req := &waf.UpdateXssMatchSetInput{ 158 ChangeToken: resp.ChangeToken, 159 XssMatchSetId: aws.String(d.Id()), 160 } 161 162 xssMatchTuples := d.Get("xss_match_tuples").(*schema.Set) 163 for _, xssMatchTuple := range xssMatchTuples.List() { 164 xmt := xssMatchTuple.(map[string]interface{}) 165 xssMatchTupleUpdate := &waf.XssMatchSetUpdate{ 166 Action: aws.String(ChangeAction), 167 XssMatchTuple: &waf.XssMatchTuple{ 168 FieldToMatch: expandFieldToMatch(xmt["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})), 169 TextTransformation: aws.String(xmt["text_transformation"].(string)), 170 }, 171 } 172 req.Updates = append(req.Updates, xssMatchTupleUpdate) 173 } 174 175 _, err = conn.UpdateXssMatchSet(req) 176 if err != nil { 177 return errwrap.Wrapf("[ERROR] Error updating XssMatchSet: {{err}}", err) 178 } 179 180 return nil 181 }