Merge pull request #8320 from terraform-providers/f-aws_dx_gateway_as…

…sociation_proposal service/directconnect: First half of support for Gateway Association Proposals
hashicorp · Apr 24, 2019 · f825d98 · f825d98
2 parents 9268eb6 + 6b82e24
commit f825d98
Show file tree

Hide file tree

Showing 12 changed files with 517 additions and 1 deletion.
diff --git a/aws/data_source_aws_dx_gateway.go b/aws/data_source_aws_dx_gateway.go
@@ -22,6 +22,10 @@ func dataSourceAwsDxGateway() *schema.Resource {
 				Type:     schema.TypeString,
 				Required: true,
 			},
+			"owner_account_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 		},
 	}
 }
@@ -61,6 +65,7 @@ func dataSourceAwsDxGatewayRead(d *schema.ResourceData, meta interface{}) error
 
 	d.SetId(aws.StringValue(gateway.DirectConnectGatewayId))
 	d.Set("amazon_side_asn", strconv.FormatInt(aws.Int64Value(gateway.AmazonSideAsn), 10))
+	d.Set("owner_account_id", aws.StringValue(gateway.OwnerAccount))
 
 	return nil
 }
diff --git a/aws/data_source_aws_dx_gateway_test.go b/aws/data_source_aws_dx_gateway_test.go
@@ -28,6 +28,7 @@ func TestAccDataSourceAwsDxGateway_Basic(t *testing.T) {
 					resource.TestCheckResourceAttrPair(datasourceName, "amazon_side_asn", resourceName, "amazon_side_asn"),
 					resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"),
 					resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"),
+					resource.TestCheckResourceAttrPair(datasourceName, "owner_account_id", resourceName, "owner_account_id"),
 				),
 			},
 		},

diff --git a/aws/provider.go b/aws/provider.go
@@ -410,6 +410,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_dx_connection_association":                           resourceAwsDxConnectionAssociation(),
 			"aws_dx_gateway":                                          resourceAwsDxGateway(),
 			"aws_dx_gateway_association":                              resourceAwsDxGatewayAssociation(),
+			"aws_dx_gateway_association_proposal":                     resourceAwsDxGatewayAssociationProposal(),
 			"aws_dx_hosted_private_virtual_interface":                 resourceAwsDxHostedPrivateVirtualInterface(),
 			"aws_dx_hosted_private_virtual_interface_accepter":        resourceAwsDxHostedPrivateVirtualInterfaceAccepter(),
 			"aws_dx_hosted_public_virtual_interface":                  resourceAwsDxHostedPublicVirtualInterface(),

diff --git a/aws/resource_aws_dx_gateway.go b/aws/resource_aws_dx_gateway.go
@@ -33,6 +33,10 @@ func resourceAwsDxGateway() *schema.Resource {
 				ForceNew:     true,
 				ValidateFunc: validateAmazonSideAsn,
 			},
+			"owner_account_id": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
 		},
 
 		Timeouts: &schema.ResourceTimeout{
@@ -96,6 +100,7 @@ func resourceAwsDxGatewayRead(d *schema.ResourceData, meta interface{}) error {
 	dxGw := dxGwRaw.(*directconnect.Gateway)
 	d.Set("name", aws.StringValue(dxGw.DirectConnectGatewayName))
 	d.Set("amazon_side_asn", strconv.FormatInt(aws.Int64Value(dxGw.AmazonSideAsn), 10))
+	d.Set("owner_account_id", aws.StringValue(dxGw.OwnerAccount))
 
 	return nil
 }

diff --git a/aws/resource_aws_dx_gateway_association_proposal.go b/aws/resource_aws_dx_gateway_association_proposal.go
@@ -0,0 +1,197 @@
+package aws
+
+import (
+	"fmt"
+	"log"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/directconnect"
+	"github.com/hashicorp/terraform/helper/schema"
+)
+
+func resourceAwsDxGatewayAssociationProposal() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAwsDxGatewayAssociationProposalCreate,
+		Read:   resourceAwsDxGatewayAssociationProposalRead,
+		Delete: resourceAwsDxGatewayAssociationProposalDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"allowed_prefixes": {
+				Type:     schema.TypeSet,
+				Optional: true,
+				Computed: true,
+				ForceNew: true,
+				Elem:     &schema.Schema{Type: schema.TypeString},
+			},
+			"dx_gateway_id": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"dx_gateway_owner_account_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validateAwsAccountId,
+			},
+			"vpn_gateway_id": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+		},
+	}
+}
+
+func resourceAwsDxGatewayAssociationProposalCreate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).dxconn
+
+	input := &directconnect.CreateDirectConnectGatewayAssociationProposalInput{
+		AddAllowedPrefixesToDirectConnectGateway: expandDirectConnectGatewayAssociationProposalAllowedPrefixes(d.Get("allowed_prefixes").(*schema.Set).List()),
+		DirectConnectGatewayId:                   aws.String(d.Get("dx_gateway_id").(string)),
+		DirectConnectGatewayOwnerAccount:         aws.String(d.Get("dx_gateway_owner_account_id").(string)),
+		GatewayId:                                aws.String(d.Get("vpn_gateway_id").(string)),
+	}
+
+	log.Printf("[DEBUG] Creating Direct Connect Gateway Association Proposal: %s", input)
+	output, err := conn.CreateDirectConnectGatewayAssociationProposal(input)
+
+	if err != nil {
+		return fmt.Errorf("error creating Direct Connect Gateway Association Proposal: %s", err)
+	}
+
+	d.SetId(aws.StringValue(output.DirectConnectGatewayAssociationProposal.ProposalId))
+
+	return resourceAwsDxGatewayAssociationProposalRead(d, meta)
+}
+
+func resourceAwsDxGatewayAssociationProposalRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).dxconn
+
+	proposal, err := describeDirectConnectGatewayAssociationProposal(conn, d.Id())
+
+	if err != nil {
+		return fmt.Errorf("error reading Direct Connect Gateway Association Proposal (%s): %s", d.Id(), err)
+	}
+
+	if proposal == nil {
+		log.Printf("[WARN] Direct Connect Gateway Association Proposal (%s) not found, removing from state", d.Id())
+		d.SetId("")
+		return nil
+	}
+
+	if aws.StringValue(proposal.ProposalState) == directconnect.GatewayAssociationProposalStateDeleted {
+		log.Printf("[WARN] Direct Connect Gateway Association Proposal (%s) deleted, removing from state", d.Id())
+		d.SetId("")
+		return nil
+	}
+
+	if proposal.AssociatedGateway == nil {
+		return fmt.Errorf("error reading Direct Connect Gateway Association Proposal (%s): missing associated gateway information", d.Id())
+	}
+
+	if err := d.Set("allowed_prefixes", flattenDirectConnectGatewayAssociationProposalAllowedPrefixes(proposal.RequestedAllowedPrefixesToDirectConnectGateway)); err != nil {
+		return fmt.Errorf("error setting allowed_prefixes: %s", err)
+	}
+
+	d.Set("dx_gateway_id", aws.StringValue(proposal.DirectConnectGatewayId))
+	d.Set("dx_gateway_owner_account_id", aws.StringValue(proposal.DirectConnectGatewayOwnerAccount))
+	d.Set("vpn_gateway_id", aws.StringValue(proposal.AssociatedGateway.Id))
+
+	return nil
+}
+
+func resourceAwsDxGatewayAssociationProposalDelete(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).dxconn
+
+	input := &directconnect.DeleteDirectConnectGatewayAssociationProposalInput{
+		ProposalId: aws.String(d.Id()),
+	}
+
+	log.Printf("[DEBUG] Deleting Direct Connect Gateway Association Proposal: %s", d.Id())
+
+	_, err := conn.DeleteDirectConnectGatewayAssociationProposal(input)
+
+	if err != nil {
+		return fmt.Errorf("error deleting Direct Connect Gateway Association Proposal (%s): %s", d.Id(), err)
+	}
+
+	return nil
+}
+
+func describeDirectConnectGatewayAssociationProposal(conn *directconnect.DirectConnect, proposalID string) (*directconnect.GatewayAssociationProposal, error) {
+	input := &directconnect.DescribeDirectConnectGatewayAssociationProposalsInput{
+		ProposalId: aws.String(proposalID),
+	}
+
+	for {
+		output, err := conn.DescribeDirectConnectGatewayAssociationProposals(input)
+
+		if err != nil {
+			return nil, err
+		}
+
+		if output == nil {
+			continue
+		}
+
+		for _, proposal := range output.DirectConnectGatewayAssociationProposals {
+			if aws.StringValue(proposal.ProposalId) == proposalID {
+				return proposal, nil
+			}
+		}
+
+		if aws.StringValue(output.NextToken) == "" {
+			break
+		}
+
+		input.NextToken = output.NextToken
+	}
+
+	return nil, nil
+}
+
+func expandDirectConnectGatewayAssociationProposalAllowedPrefixes(allowedPrefixes []interface{}) []*directconnect.RouteFilterPrefix {
+	if len(allowedPrefixes) == 0 {
+		return nil
+	}
+
+	var routeFilterPrefixes []*directconnect.RouteFilterPrefix
+
+	for _, allowedPrefixRaw := range allowedPrefixes {
+		if allowedPrefixRaw == nil {
+			continue
+		}
+
+		routeFilterPrefix := &directconnect.RouteFilterPrefix{
+			Cidr: aws.String(allowedPrefixRaw.(string)),
+		}
+
+		routeFilterPrefixes = append(routeFilterPrefixes, routeFilterPrefix)
+	}
+
+	return routeFilterPrefixes
+}
+
+func flattenDirectConnectGatewayAssociationProposalAllowedPrefixes(routeFilterPrefixes []*directconnect.RouteFilterPrefix) []interface{} {
+	if len(routeFilterPrefixes) == 0 {
+		return []interface{}{}
+	}
+
+	var allowedPrefixes []interface{}
+
+	for _, routeFilterPrefix := range routeFilterPrefixes {
+		if routeFilterPrefix == nil {
+			continue
+		}
+
+		allowedPrefix := aws.StringValue(routeFilterPrefix.Cidr)
+
+		allowedPrefixes = append(allowedPrefixes, allowedPrefix)
+	}
+
+	return allowedPrefixes
+}