Skip to content

Commit

Permalink
service/ec2: New Resources for EC2 Traffic Mirroring (#9372)
Browse files Browse the repository at this point in the history
Output from acceptance testing:

```
--- PASS: TestAccAWSEc2TrafficMirrorFilter_basic (19.81s)
--- PASS: TestAccAWSEc2TrafficMirrorFilterRule_basic (20.82s)
--- PASS: TestAccAWSEc2TrafficMirrorTarget_eni (63.62s)
--- PASS: TestAccAWSEc2TrafficMirrorTarget_nlb (240.87s)
--- PASS: TestAccAWSEc2TrafficMirrorSession_basic (282.32s)
```
johnthedev97 authored Feb 21, 2020
1 parent 286667c commit 473cfe9
Showing 14 changed files with 1,975 additions and 0 deletions.
4 changes: 4 additions & 0 deletions aws/provider.go
Original file line number Diff line number Diff line change
@@ -490,6 +490,10 @@ func Provider() terraform.ResourceProvider {
"aws_ec2_client_vpn_endpoint": resourceAwsEc2ClientVpnEndpoint(),
"aws_ec2_client_vpn_network_association": resourceAwsEc2ClientVpnNetworkAssociation(),
"aws_ec2_fleet": resourceAwsEc2Fleet(),
"aws_ec2_traffic_mirror_filter": resourceAwsEc2TrafficMirrorFilter(),
"aws_ec2_traffic_mirror_filter_rule": resourceAwsEc2TrafficMirrorFilterRule(),
"aws_ec2_traffic_mirror_target": resourceAwsEc2TrafficMirrorTarget(),
"aws_ec2_traffic_mirror_session": resourceAwsEc2TrafficMirrorSession(),
"aws_ec2_transit_gateway": resourceAwsEc2TransitGateway(),
"aws_ec2_transit_gateway_route": resourceAwsEc2TransitGatewayRoute(),
"aws_ec2_transit_gateway_route_table": resourceAwsEc2TransitGatewayRouteTable(),
131 changes: 131 additions & 0 deletions aws/resource_aws_ec2_traffic_mirror_filter.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
package aws

import (
"fmt"
"log"

"github.com/hashicorp/terraform-plugin-sdk/helper/validation"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
)

func resourceAwsEc2TrafficMirrorFilter() *schema.Resource {
return &schema.Resource{
Create: resourceAwsEc2TrafficMirrorinFilterCreate,
Read: resourceAwsEc2TrafficMirrorFilterRead,
Update: resourceAwsEc2TrafficMirrorFilterUpdate,
Delete: resourceAwsEc2TrafficMirrorFilterDelete,
Importer: &schema.ResourceImporter{
State: schema.ImportStatePassthrough,
},
Schema: map[string]*schema.Schema{
"description": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
},
"network_services": {
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{
Type: schema.TypeString,
ValidateFunc: validation.StringInSlice([]string{
"amazon-dns",
}, false),
},
},
},
}
}

func resourceAwsEc2TrafficMirrorinFilterCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn

input := &ec2.CreateTrafficMirrorFilterInput{}

if description, ok := d.GetOk("description"); ok {
input.Description = aws.String(description.(string))
}

out, err := conn.CreateTrafficMirrorFilter(input)
if err != nil {
return fmt.Errorf("Error while creating traffic filter %s", err)
}

d.SetId(*out.TrafficMirrorFilter.TrafficMirrorFilterId)

return resourceAwsEc2TrafficMirrorFilterUpdate(d, meta)
}

func resourceAwsEc2TrafficMirrorFilterUpdate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn

if d.HasChange("network_services") {
input := &ec2.ModifyTrafficMirrorFilterNetworkServicesInput{
TrafficMirrorFilterId: aws.String(d.Id()),
}

o, n := d.GetChange("network_services")
newServices := n.(*schema.Set).Difference(o.(*schema.Set)).List()
if len(newServices) > 0 {
input.AddNetworkServices = expandStringList(newServices)
}

removeServices := o.(*schema.Set).Difference(n.(*schema.Set)).List()
if len(removeServices) > 0 {
input.RemoveNetworkServices = expandStringList(removeServices)
}

_, err := conn.ModifyTrafficMirrorFilterNetworkServices(input)
if err != nil {
return fmt.Errorf("error modifying EC2 Traffic Mirror Filter (%s) network services: %w", d.Id(), err)
}
}

return resourceAwsEc2TrafficMirrorFilterRead(d, meta)
}

func resourceAwsEc2TrafficMirrorFilterRead(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn

input := &ec2.DescribeTrafficMirrorFiltersInput{
TrafficMirrorFilterIds: aws.StringSlice([]string{d.Id()}),
}

out, err := conn.DescribeTrafficMirrorFilters(input)
if err != nil {
return fmt.Errorf("Error describing traffic mirror filter %v: %v", d.Id(), err)
}

if len(out.TrafficMirrorFilters) == 0 {
log.Printf("[WARN] EC2 Traffic Mirror Filter (%s) not found, removing from state", d.Id())
d.SetId("")
return nil
}

d.SetId(*out.TrafficMirrorFilters[0].TrafficMirrorFilterId)
d.Set("description", out.TrafficMirrorFilters[0].Description)

if err := d.Set("network_services", aws.StringValueSlice(out.TrafficMirrorFilters[0].NetworkServices)); err != nil {
return fmt.Errorf("error setting network_services for filter %v: %s", d.Id(), err)
}

return nil
}

func resourceAwsEc2TrafficMirrorFilterDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn

input := &ec2.DeleteTrafficMirrorFilterInput{
TrafficMirrorFilterId: aws.String(d.Id()),
}

_, err := conn.DeleteTrafficMirrorFilter(input)
if err != nil {
return fmt.Errorf("Error deleting traffic mirror filter %v: %v", d.Id(), err)
}

return nil
}
Loading

0 comments on commit 473cfe9

Please sign in to comment.