Add support import for aws_waf_xss_match_set resource (#10485)

Output from acceptance testing (test failure unrelated): ``` --- PASS: TestAccAWSWafXssMatchSet_noTuples (18.48s) --- FAIL: TestAccAWSWafXssMatchSet_changeTuples (20.84s) --- PASS: TestAccAWSWafXssMatchSet_basic (27.02s) --- PASS: TestAccAWSWafXssMatchSet_changeNameForceNew (39.22s) --- PASS: TestAccAWSWafXssMatchSet_disappears (44.35s) ```
hashicorp · Nov 15, 2019 · 862ba1c · 862ba1c
1 parent f768e98
commit 862ba1c
Show file tree

Hide file tree

Showing 3 changed files with 97 additions and 81 deletions.
diff --git a/aws/resource_aws_waf_xss_match_set.go b/aws/resource_aws_waf_xss_match_set.go
@@ -5,6 +5,7 @@ import (
 	"log"
 
 	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/arn"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/service/waf"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
@@ -16,13 +17,20 @@ func resourceAwsWafXssMatchSet() *schema.Resource {
 		Read:   resourceAwsWafXssMatchSetRead,
 		Update: resourceAwsWafXssMatchSetUpdate,
 		Delete: resourceAwsWafXssMatchSetDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
 
 		Schema: map[string]*schema.Schema{
 			"name": {
 				Type:     schema.TypeString,
 				Required: true,
 				ForceNew: true,
 			},
+			"arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 			"xss_match_tuples": {
 				Type:     schema.TypeSet,
 				Optional: true,
@@ -89,7 +97,7 @@ func resourceAwsWafXssMatchSetRead(d *schema.ResourceData, meta interface{}) err
 
 	resp, err := conn.GetXssMatchSet(params)
 	if err != nil {
-		if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "WAFNonexistentItemException" {
+		if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == waf.ErrCodeNonexistentItemException {
 			log.Printf("[WARN] WAF IPSet (%s) not found, removing from state", d.Id())
 			d.SetId("")
 			return nil
@@ -101,6 +109,14 @@ func resourceAwsWafXssMatchSetRead(d *schema.ResourceData, meta interface{}) err
 	d.Set("name", resp.XssMatchSet.Name)
 	d.Set("xss_match_tuples", flattenWafXssMatchTuples(resp.XssMatchSet.XssMatchTuples))
 
+	arn := arn.ARN{
+		Partition: meta.(*AWSClient).partition,
+		Service:   "waf",
+		AccountID: meta.(*AWSClient).accountid,
+		Resource:  fmt.Sprintf("xssmatchset/%s", d.Id()),
+	}
+	d.Set("arn", arn.String())
+
 	return nil
 }
 

diff --git a/aws/resource_aws_waf_xss_match_set_test.go b/aws/resource_aws_waf_xss_match_set_test.go
@@ -2,6 +2,7 @@ package aws
 
 import (
 	"fmt"
+	"regexp"
 	"testing"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
@@ -16,6 +17,7 @@ import (
 func TestAccAWSWafXssMatchSet_basic(t *testing.T) {
 	var v waf.XssMatchSet
 	xssMatchSet := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5))
+	resourceName := "aws_waf_xss_match_set.xss_match_set"
 
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) },
@@ -25,29 +27,25 @@ func TestAccAWSWafXssMatchSet_basic(t *testing.T) {
 			{
 				Config: testAccAWSWafXssMatchSetConfig(xssMatchSet),
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &v),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "name", xssMatchSet),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.#", "1"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.2316364334.data", ""),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.2316364334.type", "QUERY_STRING"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.text_transformation", "NONE"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.#", "1"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.3756326843.data", ""),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.3756326843.type", "URI"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.text_transformation", "NONE"),
+					testAccCheckAWSWafXssMatchSetExists(resourceName, &v),
+					testAccMatchResourceAttrGlobalARN(resourceName, "arn", "waf", regexp.MustCompile(`xssmatchset/.+`)),
+					resource.TestCheckResourceAttr(resourceName, "name", xssMatchSet),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.2316364334.data", ""),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.2316364334.type", "QUERY_STRING"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.text_transformation", "NONE"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.3756326843.data", ""),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.3756326843.type", "URI"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.text_transformation", "NONE"),
 				),
 			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
@@ -56,6 +54,7 @@ func TestAccAWSWafXssMatchSet_changeNameForceNew(t *testing.T) {
 	var before, after waf.XssMatchSet
 	xssMatchSet := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5))
 	xssMatchSetNewName := fmt.Sprintf("xssMatchSetNewName-%s", acctest.RandString(5))
+	resourceName := "aws_waf_xss_match_set.xss_match_set"
 
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) },
@@ -65,30 +64,32 @@ func TestAccAWSWafXssMatchSet_changeNameForceNew(t *testing.T) {
 			{
 				Config: testAccAWSWafXssMatchSetConfig(xssMatchSet),
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &before),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "name", xssMatchSet),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"),
+					testAccCheckAWSWafXssMatchSetExists(resourceName, &before),
+					resource.TestCheckResourceAttr(resourceName, "name", xssMatchSet),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"),
 				),
 			},
 			{
 				Config: testAccAWSWafXssMatchSetConfigChangeName(xssMatchSetNewName),
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &after),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "name", xssMatchSetNewName),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"),
+					testAccCheckAWSWafXssMatchSetExists(resourceName, &after),
+					resource.TestCheckResourceAttr(resourceName, "name", xssMatchSetNewName),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"),
 				),
 			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
 
 func TestAccAWSWafXssMatchSet_disappears(t *testing.T) {
 	var v waf.XssMatchSet
 	xssMatchSet := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5))
+	resourceName := "aws_waf_xss_match_set.xss_match_set"
 
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) },
@@ -98,7 +99,7 @@ func TestAccAWSWafXssMatchSet_disappears(t *testing.T) {
 			{
 				Config: testAccAWSWafXssMatchSetConfig(xssMatchSet),
 				Check: resource.ComposeTestCheckFunc(
-					testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &v),
+					testAccCheckAWSWafXssMatchSetExists(resourceName, &v),
 					testAccCheckAWSWafXssMatchSetDisappears(&v),
 				),
 				ExpectNonEmptyPlan: true,
@@ -110,6 +111,7 @@ func TestAccAWSWafXssMatchSet_disappears(t *testing.T) {
 func TestAccAWSWafXssMatchSet_changeTuples(t *testing.T) {
 	var before, after waf.XssMatchSet
 	setName := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5))
+	resourceName := "aws_waf_xss_match_set.xss_match_set"
 
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) },
@@ -119,62 +121,48 @@ func TestAccAWSWafXssMatchSet_changeTuples(t *testing.T) {
 			{
 				Config: testAccAWSWafXssMatchSetConfig(setName),
 				Check: resource.ComposeAggregateTestCheckFunc(
-					testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &before),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "name", setName),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.#", "1"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.2316364334.data", ""),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.2316364334.type", "QUERY_STRING"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.text_transformation", "NONE"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.#", "1"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.3756326843.data", ""),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.3756326843.type", "URI"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.text_transformation", "NONE"),
+					testAccCheckAWSWafXssMatchSetExists(resourceName, &before),
+					resource.TestCheckResourceAttr(resourceName, "name", setName),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.2316364334.data", ""),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.2316364334.type", "QUERY_STRING"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.text_transformation", "NONE"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.3756326843.data", ""),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.3756326843.type", "URI"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.text_transformation", "NONE"),
 				),
 			},
 			{
 				Config: testAccAWSWafXssMatchSetConfig_changeTuples(setName),
 				Check: resource.ComposeAggregateTestCheckFunc(
-					testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &after),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "name", setName),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2893682529.field_to_match.#", "1"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2893682529.field_to_match.4253810390.data", "GET"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2893682529.field_to_match.4253810390.type", "METHOD"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2893682529.text_transformation", "HTML_ENTITY_DECODE"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.4270311415.field_to_match.#", "1"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.4270311415.field_to_match.281401076.data", ""),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.4270311415.field_to_match.281401076.type", "BODY"),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.4270311415.text_transformation", "CMD_LINE"),
+					testAccCheckAWSWafXssMatchSetExists(resourceName, &after),
+					resource.TestCheckResourceAttr(resourceName, "name", setName),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2893682529.field_to_match.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2893682529.field_to_match.4253810390.data", "GET"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2893682529.field_to_match.4253810390.type", "METHOD"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2893682529.text_transformation", "HTML_ENTITY_DECODE"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.4270311415.field_to_match.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.4270311415.field_to_match.281401076.data", ""),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.4270311415.field_to_match.281401076.type", "BODY"),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.4270311415.text_transformation", "CMD_LINE"),
 				),
 			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
 
 func TestAccAWSWafXssMatchSet_noTuples(t *testing.T) {
 	var ipset waf.XssMatchSet
 	setName := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5))
+	resourceName := "aws_waf_xss_match_set.xss_match_set"
 
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) },
@@ -184,13 +172,16 @@ func TestAccAWSWafXssMatchSet_noTuples(t *testing.T) {
 			{
 				Config: testAccAWSWafXssMatchSetConfig_noTuples(setName),
 				Check: resource.ComposeAggregateTestCheckFunc(
-					testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &ipset),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "name", setName),
-					resource.TestCheckResourceAttr(
-						"aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "0"),
+					testAccCheckAWSWafXssMatchSetExists(resourceName, &ipset),
+					resource.TestCheckResourceAttr(resourceName, "name", setName),
+					resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "0"),
 				),
 			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
 		},
 	})
 }
@@ -285,7 +276,7 @@ func testAccCheckAWSWafXssMatchSetDestroy(s *terraform.State) error {
 
 		// Return nil if the XssMatchSet is already destroyed
 		if awsErr, ok := err.(awserr.Error); ok {
-			if awsErr.Code() == "WAFNonexistentItemException" {
+			if awsErr.Code() == waf.ErrCodeNonexistentItemException {
 				return nil
 			}
 		}

diff --git a/website/docs/r/waf_xss_match_set.html.markdown b/website/docs/r/waf_xss_match_set.html.markdown
@@ -71,3 +71,12 @@ The following arguments are supported:
 In addition to all arguments above, the following attributes are exported:
 
 * `id` - The ID of the WAF XssMatchSet.
+* `arn` - Amazon Resource Name (ARN)
+
+## Import
+
+WAF XSS Match Set can be imported using their ID, e.g.
+
+```
+$ terraform import aws_waf_xss_match_set.example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc
+```