From 862ba1c98139138dd66bb44f1122da547212da34 Mon Sep 17 00:00:00 2001 From: Ilia Lazebnik Date: Fri, 15 Nov 2019 14:59:04 +0200 Subject: [PATCH] Add support import for aws_waf_xss_match_set resource (#10485) Output from acceptance testing (test failure unrelated): ``` --- PASS: TestAccAWSWafXssMatchSet_noTuples (18.48s) --- FAIL: TestAccAWSWafXssMatchSet_changeTuples (20.84s) --- PASS: TestAccAWSWafXssMatchSet_basic (27.02s) --- PASS: TestAccAWSWafXssMatchSet_changeNameForceNew (39.22s) --- PASS: TestAccAWSWafXssMatchSet_disappears (44.35s) ``` --- aws/resource_aws_waf_xss_match_set.go | 18 ++- aws/resource_aws_waf_xss_match_set_test.go | 151 ++++++++---------- .../docs/r/waf_xss_match_set.html.markdown | 9 ++ 3 files changed, 97 insertions(+), 81 deletions(-) diff --git a/aws/resource_aws_waf_xss_match_set.go b/aws/resource_aws_waf_xss_match_set.go index 823cac3514d..da671ca09b2 100644 --- a/aws/resource_aws_waf_xss_match_set.go +++ b/aws/resource_aws_waf_xss_match_set.go @@ -5,6 +5,7 @@ import ( "log" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/waf" "github.com/hashicorp/terraform-plugin-sdk/helper/schema" @@ -16,6 +17,9 @@ func resourceAwsWafXssMatchSet() *schema.Resource { Read: resourceAwsWafXssMatchSetRead, Update: resourceAwsWafXssMatchSetUpdate, Delete: resourceAwsWafXssMatchSetDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, Schema: map[string]*schema.Schema{ "name": { @@ -23,6 +27,10 @@ func resourceAwsWafXssMatchSet() *schema.Resource { Required: true, ForceNew: true, }, + "arn": { + Type: schema.TypeString, + Computed: true, + }, "xss_match_tuples": { Type: schema.TypeSet, Optional: true, @@ -89,7 +97,7 @@ func resourceAwsWafXssMatchSetRead(d *schema.ResourceData, meta interface{}) err resp, err := conn.GetXssMatchSet(params) if err != nil { - if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "WAFNonexistentItemException" { + if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == waf.ErrCodeNonexistentItemException { log.Printf("[WARN] WAF IPSet (%s) not found, removing from state", d.Id()) d.SetId("") return nil @@ -101,6 +109,14 @@ func resourceAwsWafXssMatchSetRead(d *schema.ResourceData, meta interface{}) err d.Set("name", resp.XssMatchSet.Name) d.Set("xss_match_tuples", flattenWafXssMatchTuples(resp.XssMatchSet.XssMatchTuples)) + arn := arn.ARN{ + Partition: meta.(*AWSClient).partition, + Service: "waf", + AccountID: meta.(*AWSClient).accountid, + Resource: fmt.Sprintf("xssmatchset/%s", d.Id()), + } + d.Set("arn", arn.String()) + return nil } diff --git a/aws/resource_aws_waf_xss_match_set_test.go b/aws/resource_aws_waf_xss_match_set_test.go index 84df10e330c..4c19716d84a 100644 --- a/aws/resource_aws_waf_xss_match_set_test.go +++ b/aws/resource_aws_waf_xss_match_set_test.go @@ -2,6 +2,7 @@ package aws import ( "fmt" + "regexp" "testing" "github.com/hashicorp/terraform-plugin-sdk/helper/resource" @@ -16,6 +17,7 @@ import ( func TestAccAWSWafXssMatchSet_basic(t *testing.T) { var v waf.XssMatchSet xssMatchSet := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5)) + resourceName := "aws_waf_xss_match_set.xss_match_set" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, @@ -25,29 +27,25 @@ func TestAccAWSWafXssMatchSet_basic(t *testing.T) { { Config: testAccAWSWafXssMatchSetConfig(xssMatchSet), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &v), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "name", xssMatchSet), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.#", "1"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.2316364334.data", ""), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.2316364334.type", "QUERY_STRING"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.text_transformation", "NONE"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.#", "1"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.3756326843.data", ""), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.3756326843.type", "URI"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.text_transformation", "NONE"), + testAccCheckAWSWafXssMatchSetExists(resourceName, &v), + testAccMatchResourceAttrGlobalARN(resourceName, "arn", "waf", regexp.MustCompile(`xssmatchset/.+`)), + resource.TestCheckResourceAttr(resourceName, "name", xssMatchSet), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.2316364334.data", ""), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.2316364334.type", "QUERY_STRING"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.text_transformation", "NONE"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.3756326843.data", ""), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.3756326843.type", "URI"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.text_transformation", "NONE"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -56,6 +54,7 @@ func TestAccAWSWafXssMatchSet_changeNameForceNew(t *testing.T) { var before, after waf.XssMatchSet xssMatchSet := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5)) xssMatchSetNewName := fmt.Sprintf("xssMatchSetNewName-%s", acctest.RandString(5)) + resourceName := "aws_waf_xss_match_set.xss_match_set" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, @@ -65,23 +64,24 @@ func TestAccAWSWafXssMatchSet_changeNameForceNew(t *testing.T) { { Config: testAccAWSWafXssMatchSetConfig(xssMatchSet), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &before), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "name", xssMatchSet), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"), + testAccCheckAWSWafXssMatchSetExists(resourceName, &before), + resource.TestCheckResourceAttr(resourceName, "name", xssMatchSet), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"), ), }, { Config: testAccAWSWafXssMatchSetConfigChangeName(xssMatchSetNewName), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &after), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "name", xssMatchSetNewName), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"), + testAccCheckAWSWafXssMatchSetExists(resourceName, &after), + resource.TestCheckResourceAttr(resourceName, "name", xssMatchSetNewName), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -89,6 +89,7 @@ func TestAccAWSWafXssMatchSet_changeNameForceNew(t *testing.T) { func TestAccAWSWafXssMatchSet_disappears(t *testing.T) { var v waf.XssMatchSet xssMatchSet := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5)) + resourceName := "aws_waf_xss_match_set.xss_match_set" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, @@ -98,7 +99,7 @@ func TestAccAWSWafXssMatchSet_disappears(t *testing.T) { { Config: testAccAWSWafXssMatchSetConfig(xssMatchSet), Check: resource.ComposeTestCheckFunc( - testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &v), + testAccCheckAWSWafXssMatchSetExists(resourceName, &v), testAccCheckAWSWafXssMatchSetDisappears(&v), ), ExpectNonEmptyPlan: true, @@ -110,6 +111,7 @@ func TestAccAWSWafXssMatchSet_disappears(t *testing.T) { func TestAccAWSWafXssMatchSet_changeTuples(t *testing.T) { var before, after waf.XssMatchSet setName := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5)) + resourceName := "aws_waf_xss_match_set.xss_match_set" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, @@ -119,55 +121,40 @@ func TestAccAWSWafXssMatchSet_changeTuples(t *testing.T) { { Config: testAccAWSWafXssMatchSetConfig(setName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &before), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "name", setName), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.#", "1"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.2316364334.data", ""), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.field_to_match.2316364334.type", "QUERY_STRING"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2018581549.text_transformation", "NONE"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.#", "1"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.3756326843.data", ""), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.field_to_match.3756326843.type", "URI"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2786024938.text_transformation", "NONE"), + testAccCheckAWSWafXssMatchSetExists(resourceName, &before), + resource.TestCheckResourceAttr(resourceName, "name", setName), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.2316364334.data", ""), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.field_to_match.2316364334.type", "QUERY_STRING"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2018581549.text_transformation", "NONE"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.3756326843.data", ""), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.field_to_match.3756326843.type", "URI"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2786024938.text_transformation", "NONE"), ), }, { Config: testAccAWSWafXssMatchSetConfig_changeTuples(setName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &after), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "name", setName), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "2"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2893682529.field_to_match.#", "1"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2893682529.field_to_match.4253810390.data", "GET"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2893682529.field_to_match.4253810390.type", "METHOD"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.2893682529.text_transformation", "HTML_ENTITY_DECODE"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.4270311415.field_to_match.#", "1"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.4270311415.field_to_match.281401076.data", ""), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.4270311415.field_to_match.281401076.type", "BODY"), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.4270311415.text_transformation", "CMD_LINE"), + testAccCheckAWSWafXssMatchSetExists(resourceName, &after), + resource.TestCheckResourceAttr(resourceName, "name", setName), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "2"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2893682529.field_to_match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2893682529.field_to_match.4253810390.data", "GET"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2893682529.field_to_match.4253810390.type", "METHOD"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.2893682529.text_transformation", "HTML_ENTITY_DECODE"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.4270311415.field_to_match.#", "1"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.4270311415.field_to_match.281401076.data", ""), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.4270311415.field_to_match.281401076.type", "BODY"), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.4270311415.text_transformation", "CMD_LINE"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -175,6 +162,7 @@ func TestAccAWSWafXssMatchSet_changeTuples(t *testing.T) { func TestAccAWSWafXssMatchSet_noTuples(t *testing.T) { var ipset waf.XssMatchSet setName := fmt.Sprintf("xssMatchSet-%s", acctest.RandString(5)) + resourceName := "aws_waf_xss_match_set.xss_match_set" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSWaf(t) }, @@ -184,13 +172,16 @@ func TestAccAWSWafXssMatchSet_noTuples(t *testing.T) { { Config: testAccAWSWafXssMatchSetConfig_noTuples(setName), Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckAWSWafXssMatchSetExists("aws_waf_xss_match_set.xss_match_set", &ipset), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "name", setName), - resource.TestCheckResourceAttr( - "aws_waf_xss_match_set.xss_match_set", "xss_match_tuples.#", "0"), + testAccCheckAWSWafXssMatchSetExists(resourceName, &ipset), + resource.TestCheckResourceAttr(resourceName, "name", setName), + resource.TestCheckResourceAttr(resourceName, "xss_match_tuples.#", "0"), ), }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -285,7 +276,7 @@ func testAccCheckAWSWafXssMatchSetDestroy(s *terraform.State) error { // Return nil if the XssMatchSet is already destroyed if awsErr, ok := err.(awserr.Error); ok { - if awsErr.Code() == "WAFNonexistentItemException" { + if awsErr.Code() == waf.ErrCodeNonexistentItemException { return nil } } diff --git a/website/docs/r/waf_xss_match_set.html.markdown b/website/docs/r/waf_xss_match_set.html.markdown index 334d332e74a..001eef59691 100644 --- a/website/docs/r/waf_xss_match_set.html.markdown +++ b/website/docs/r/waf_xss_match_set.html.markdown @@ -71,3 +71,12 @@ The following arguments are supported: In addition to all arguments above, the following attributes are exported: * `id` - The ID of the WAF XssMatchSet. +* `arn` - Amazon Resource Name (ARN) + +## Import + +WAF XSS Match Set can be imported using their ID, e.g. + +``` +$ terraform import aws_waf_xss_match_set.example a1b2c3d4-d5f6-7777-8888-9999aaaabbbbcccc +``` \ No newline at end of file