Merge pull request #529 from terraform-providers/redis-firewall-rule

New Resource: `azurerm_redis_firewall_rule`
hashicorp · Nov 6, 2017 · 59a8248 · 59a8248
2 parents b22557e + e0563d5
commit 59a8248
Show file tree

Hide file tree

Showing 6 changed files with 462 additions and 8 deletions.
diff --git a/azurerm/config.go b/azurerm/config.go
@@ -121,7 +121,8 @@ type ArmClient struct {
 
 	deploymentsClient resources.DeploymentsClient
 
-	redisClient redis.GroupClient
+	redisClient         redis.GroupClient
+	redisFirewallClient redis.FirewallRuleClient
 
 	trafficManagerProfilesClient  trafficmanager.ProfilesClient
 	trafficManagerEndpointsClient trafficmanager.EndpointsClient
@@ -579,12 +580,6 @@ func (c *Config) getArmClient() (*ArmClient, error) {
 	tmec.Sender = sender
 	client.trafficManagerEndpointsClient = tmec
 
-	rdc := redis.NewGroupClientWithBaseURI(endpoint, c.SubscriptionID)
-	setUserAgent(&rdc.Client)
-	rdc.Authorizer = auth
-	rdc.Sender = sender
-	client.redisClient = rdc
-
 	sesc := search.NewServicesClientWithBaseURI(endpoint, c.SubscriptionID)
 	setUserAgent(&sesc.Client)
 	sesc.Authorizer = auth
@@ -661,6 +656,7 @@ func (c *Config) getArmClient() (*ArmClient, error) {
 	client.registerDatabases(endpoint, c.SubscriptionID, auth, sender)
 	client.registerDisks(endpoint, c.SubscriptionID, auth, sender)
 	client.registerKeyVaultClients(endpoint, c.SubscriptionID, auth, keyVaultAuth, sender)
+	client.registerRedisClients(endpoint, c.SubscriptionID, auth, sender)
 
 	return &client, nil
 }
@@ -790,6 +786,20 @@ func (c *ArmClient) registerKeyVaultClients(endpoint, subscriptionId string, aut
 	c.keyVaultManagementClient = keyVaultManagementClient
 }
 
+func (c *ArmClient) registerRedisClients(endpoint, subscriptionId string, auth autorest.Authorizer, sender autorest.Sender) {
+	rdc := redis.NewGroupClientWithBaseURI(endpoint, subscriptionId)
+	setUserAgent(&rdc.Client)
+	rdc.Authorizer = auth
+	rdc.Sender = sender
+	c.redisClient = rdc
+
+	rdfc := redis.NewFirewallRuleClientWithBaseURI(endpoint, subscriptionId)
+	setUserAgent(&rdfc.Client)
+	rdfc.Authorizer = auth
+	rdfc.Sender = sender
+	c.redisFirewallClient = rdfc
+}
+
 func (armClient *ArmClient) getKeyForStorageAccount(resourceGroupName, storageAccountName string) (string, bool, error) {
 	accountKeys, err := armClient.storageServiceClient.ListKeys(resourceGroupName, storageAccountName)
 	if accountKeys.StatusCode == http.StatusNotFound {

diff --git a/azurerm/provider.go b/azurerm/provider.go
@@ -140,6 +140,7 @@ func Provider() terraform.ResourceProvider {
 			"azurerm_postgresql_server":           resourceArmPostgreSQLServer(),
 			"azurerm_public_ip":                   resourceArmPublicIp(),
 			"azurerm_redis_cache":                 resourceArmRedisCache(),
+			"azurerm_redis_firewall_rule":         resourceArmRedisFirewallRule(),
 			"azurerm_resource_group":              resourceArmResourceGroup(),
 			"azurerm_role_assignment":             resourceArmRoleAssignment(),
 			"azurerm_role_definition":             resourceArmRoleDefinition(),

diff --git a/azurerm/resource_arm_redis_firewall_rule.go b/azurerm/resource_arm_redis_firewall_rule.go
@@ -0,0 +1,150 @@
+package azurerm
+
+import (
+	"fmt"
+	"log"
+
+	"regexp"
+
+	"github.com/Azure/azure-sdk-for-go/arm/redis"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func resourceArmRedisFirewallRule() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceArmRedisFirewallRuleCreateUpdate,
+		Read:   resourceArmRedisFirewallRuleRead,
+		Update: resourceArmRedisFirewallRuleCreateUpdate,
+		Delete: resourceArmRedisFirewallRuleDelete,
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validateRedisFirewallRuleName,
+			},
+
+			"redis_cache_name": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+
+			"resource_group_name": resourceGroupNameSchema(),
+
+			"start_ip": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+
+			"end_ip": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+		},
+	}
+}
+
+func resourceArmRedisFirewallRuleCreateUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).redisFirewallClient
+	log.Printf("[INFO] preparing arguments for AzureRM Redis Firewall Rule creation.")
+
+	name := d.Get("name").(string)
+	cacheName := d.Get("redis_cache_name").(string)
+	resourceGroup := d.Get("resource_group_name").(string)
+	startIP := d.Get("start_ip").(string)
+	endIP := d.Get("end_ip").(string)
+
+	parameters := redis.FirewallRule{
+		Name: &name,
+		FirewallRuleProperties: &redis.FirewallRuleProperties{
+			StartIP: utils.String(startIP),
+			EndIP:   utils.String(endIP),
+		},
+	}
+
+	_, err := client.CreateOrUpdate(resourceGroup, cacheName, name, parameters)
+	if err != nil {
+		return err
+	}
+
+	read, err := client.Get(resourceGroup, cacheName, name)
+	if err != nil {
+		return err
+	}
+	if read.ID == nil {
+		return fmt.Errorf("Cannot read Redis Firewall Rule %q (cache %q / resource group %q) ID", name, cacheName, resourceGroup)
+	}
+
+	d.SetId(*read.ID)
+
+	return resourceArmRedisFirewallRuleRead(d, meta)
+}
+
+func resourceArmRedisFirewallRuleRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).redisFirewallClient
+
+	id, err := parseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	cacheName := id.Path["Redis"]
+	name := id.Path["firewallRules"]
+
+	resp, err := client.Get(resourceGroup, cacheName, name)
+
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			log.Printf("[DEBUG] Redis Firewall Rule %q was not found in Cache %q / Resource Group %q - removing from state", name, cacheName, resourceGroup)
+			d.SetId("")
+			return nil
+		}
+
+		return fmt.Errorf("Error making Read request on Azure Redis Firewall Rule %q: %+v", name, err)
+	}
+
+	d.Set("name", name)
+	d.Set("redis_cache_name", cacheName)
+	d.Set("resource_group_name", resourceGroup)
+	if props := resp.FirewallRuleProperties; props != nil {
+		d.Set("start_ip", props.StartIP)
+		d.Set("end_ip", props.EndIP)
+	}
+
+	return nil
+}
+
+func resourceArmRedisFirewallRuleDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*ArmClient).redisFirewallClient
+
+	id, err := parseAzureResourceID(d.Id())
+	if err != nil {
+		return err
+	}
+	resourceGroup := id.ResourceGroup
+	cacheName := id.Path["Redis"]
+	name := id.Path["firewallRules"]
+
+	resp, err := client.Delete(resourceGroup, cacheName, name)
+
+	if err != nil {
+		if !utils.ResponseWasNotFound(resp) {
+			return fmt.Errorf("Error issuing AzureRM delete request of Redis Firewall Rule %q (cache %q / resource group %q): %+v", name, cacheName, resourceGroup, err)
+		}
+	}
+
+	return nil
+}
+
+func validateRedisFirewallRuleName(v interface{}, k string) (ws []string, es []error) {
+	value := v.(string)
+
+	if matched := regexp.MustCompile(`^[0-9a-zA-Z]+$`).Match([]byte(value)); !matched {
+		es = append(es, fmt.Errorf("%q may only contain alphanumeric characters", k))
+	}
+
+	return
+}