Merge pull request #3367 from terraform-providers/f-api-management-ap…

…i-policy New Resource: `azurerm_api_management_api_policy`
hashicorp · May 4, 2019 · 3aaf076 · 3aaf076
2 parents c89b300 + 8622cea
commit 3aaf076
Show file tree

Hide file tree

Showing 6 changed files with 486 additions and 0 deletions.
diff --git a/azurerm/config.go b/azurerm/config.go
@@ -131,6 +131,7 @@ type ArmClient struct {
 
 	// API Management
 	apiManagementApiClient                  apimanagement.APIClient
+	apiManagementApiPoliciesClient          apimanagement.APIPolicyClient
 	apiManagementApiOperationsClient        apimanagement.APIOperationClient
 	apiManagementApiSchemasClient           apimanagement.APISchemaClient
 	apiManagementApiVersionSetClient        apimanagement.APIVersionSetClient
@@ -538,6 +539,10 @@ func (c *ArmClient) registerApiManagementServiceClients(endpoint, subscriptionId
 	c.configureClient(&apisClient.Client, auth)
 	c.apiManagementApiClient = apisClient
 
+	apiPoliciesClient := apimanagement.NewAPIPolicyClientWithBaseURI(endpoint, subscriptionId)
+	c.configureClient(&apiPoliciesClient.Client, auth)
+	c.apiManagementApiPoliciesClient = apiPoliciesClient
+
 	apiOperationsClient := apimanagement.NewAPIOperationClientWithBaseURI(endpoint, subscriptionId)
 	c.configureClient(&apiOperationsClient.Client, auth)
 	c.apiManagementApiOperationsClient = apiOperationsClient

diff --git a/azurerm/provider.go b/azurerm/provider.go
@@ -176,6 +176,7 @@ func Provider() terraform.ResourceProvider {
 			"azurerm_api_management":                         resourceArmApiManagementService(),
 			"azurerm_api_management_api":                     resourceArmApiManagementApi(),
 			"azurerm_api_management_api_operation":           resourceArmApiManagementApiOperation(),
+			"azurerm_api_management_api_policy":              resourceArmApiManagementApiPolicy(),
 			"azurerm_api_management_api_schema":              resourceArmApiManagementApiSchema(),
 			"azurerm_api_management_api_version_set":         resourceArmApiManagementApiVersionSet(),
 			"azurerm_api_management_authorization_server":    resourceArmApiManagementAuthorizationServer(),

diff --git a/azurerm/resource_arm_api_management_api_policy.go b/azurerm/resource_arm_api_management_api_policy.go
@@ -0,0 +1,164 @@
+package azurerm
+
+import (
+	"fmt"
+	"log"
+
+	"github.com/Azure/azure-sdk-for-go/services/apimanagement/mgmt/2018-01-01/apimanagement"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/suppress"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmApiManagementApiPolicy() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmApiManagementAPIPolicyCreateUpdate,
+		Read:   resourceArmApiManagementAPIPolicyRead,
+		Update: resourceArmApiManagementAPIPolicyCreateUpdate,
+		Delete: resourceArmApiManagementAPIPolicyDelete,
+		Importer: &schema.ResourceImporter{
+			State: schema.ImportStatePassthrough,
+		},
+
+		Schema: map[string]*schema.Schema{
+			"resource_group_name": resourceGroupNameSchema(),
+
+			"api_management_name": azure.SchemaApiManagementName(),
+
+			"api_name": azure.SchemaApiManagementChildName(),
+
+			"xml_content": {
+				Type:             schema.TypeString,
+				Optional:         true,
+				Computed:         true,
+				ConflictsWith:    []string{"xml_link"},
+				DiffSuppressFunc: suppress.XmlDiff,
+			},
+
+			"xml_link": {
+				Type:          schema.TypeString,
+				Optional:      true,
+				ConflictsWith: []string{"xml_content"},
+			},
+		},
+	}
+}
+
+func resourceArmApiManagementAPIPolicyCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).apiManagementApiPoliciesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	resourceGroup := d.Get("resource_group_name").(string)
+	serviceName := d.Get("api_management_name").(string)
+	apiName := d.Get("api_name").(string)
+
+	if requireResourcesToBeImported && d.IsNewResource() {
+		existing, err := client.Get(ctx, resourceGroup, serviceName, apiName)
+		if err != nil {
+			if !utils.ResponseWasNotFound(existing.Response) {
+				return fmt.Errorf("Error checking for presence of existing API Policy (API Management Service %q / API %q / Resource Group %q): %s", serviceName, apiName, resourceGroup, err)
+			}
+		}
+
+		if existing.ID != nil && *existing.ID != "" {
+			return tf.ImportAsExistsError("azurerm_api_management_api_policy", *existing.ID)
+		}
+	}
+
+	parameters := apimanagement.PolicyContract{}
+
+	xmlContent := d.Get("xml_content").(string)
+	xmlLink := d.Get("xml_link").(string)
+
+	if xmlContent != "" {
+		parameters.PolicyContractProperties = &apimanagement.PolicyContractProperties{
+			ContentFormat: apimanagement.XML,
+			PolicyContent: utils.String(xmlContent),
+		}
+	}
+
+	if xmlLink != "" {
+		parameters.PolicyContractProperties = &apimanagement.PolicyContractProperties{
+			ContentFormat: apimanagement.XMLLink,
+			PolicyContent: utils.String(xmlLink),
+		}
+	}
+
+	if parameters.PolicyContractProperties == nil {
+		return fmt.Errorf("Either `xml_content` or `xml_link` must be set")
+	}
+
+	if _, err := client.CreateOrUpdate(ctx, resourceGroup, serviceName, apiName, parameters, ""); err != nil {
+		return fmt.Errorf("Error creating or updating API Policy (Resource Group %q / API Management Service %q / API %q): %+v", resourceGroup, serviceName, apiName, err)
+	}
+
+	resp, err := client.Get(ctx, resourceGroup, serviceName, apiName)
+	if err != nil {
+		return fmt.Errorf("Error retrieving API Policy (Resource Group %q / API Management Service %q / API %q): %+v", resourceGroup, serviceName, apiName, err)
+	}
+	if resp.ID == nil {
+		return fmt.Errorf("Cannot read ID for API Policy (Resource Group %q / API Management Service %q / API %q): %+v", resourceGroup, serviceName, apiName, err)
+	}
+	d.SetId(*resp.ID)
+
+	return resourceArmApiManagementAPIPolicyRead(d, meta)
+}
+
+func resourceArmApiManagementAPIPolicyRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).apiManagementApiPoliciesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := parseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	serviceName := id.Path["service"]
+	apiName := id.Path["apis"]
+
+	resp, err := client.Get(ctx, resourceGroup, serviceName, apiName)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			log.Printf("[DEBUG] API Policy (Resource Group %q / API Management Service %q / API %q) was not found - removing from state!", resourceGroup, serviceName, apiName)
+			d.SetId("")
+			return nil
+		}
+
+		return fmt.Errorf("Error making Read request for API Policy (Resource Group %q / API Management Service %q / API %q): %+v", resourceGroup, serviceName, apiName, err)
+	}
+
+	d.Set("resource_group_name", resourceGroup)
+	d.Set("api_management_name", serviceName)
+	d.Set("api_name", apiName)
+
+	if properties := resp.PolicyContractProperties; properties != nil {
+		// when you submit an `xml_link` to the API, the API downloads this link and stores it as `xml_content`
+		// as such there is no way to set `xml_link` and we'll let Terraform handle it
+		d.Set("xml_content", properties.PolicyContent)
+	}
+
+	return nil
+}
+
+func resourceArmApiManagementAPIPolicyDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).apiManagementApiPoliciesClient
+	ctx := meta.(*ArmClient).StopContext
+
+	id, err := parseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	serviceName := id.Path["service"]
+	apiName := id.Path["apis"]
+
+	if resp, err := client.Delete(ctx, resourceGroup, serviceName, apiName, ""); err != nil {
+		if !utils.ResponseWasNotFound(resp) {
+			return fmt.Errorf("Error deleting API Policy (Resource Group %q / API Management Service %q / API %q): %+v", resourceGroup, serviceName, apiName, err)
+		}
+	}
+
+	return nil
+}