Skip to content

Commit

Permalink
New Resources: azurerm_firewall & `azurerm_firewall_network_rule_co…
Browse files Browse the repository at this point in the history
…llection` (#1627)

* add firewall resource skeleton

* basic test

* create method

* complete firewall resource

* begin network rule resource

* add firewall import

* fix firewall tests

* tweak firewall tests

* complete network rule collection

* start docs

* nil checks

* update nil checks

* update find rule collection

* formatting updates

* docs

* rename files

* rename arm_azure_firewall to arm_firewall

* formatting

* rename doc

* rename nrc doc

* WaitForCompletionRef

* Refactoring of Azure Firewall:

- Locking on the Firewall Name
- Handling resources being deleted outside of Terraform
- Removing some crash points
- Making the Protocol and Action type case-sensitive
- Refactoring the virtual resource to allow for
- Parsing the ID rather than using the config for the delete and read functions (so delete's are successful when the config's gone)
- Rewriting some of the tests for the Network Rule Collections, to check the resource's state rather than the object
- Updating the documentation (and including Import support for Network Rule Collections)

* Deleting the separate test file

* Adding validation to fields

```
$ acctests azurerm TestValidateFirewallName

=== RUN   TestValidateFirewallName
--- PASS: TestValidateFirewallName (0.00s)
PASS
ok  	github.com/terraform-providers/terraform-provider-azurerm/azurerm	0.344s
```

* Renaming the fix ip method

* Fixing issues highlighted in code review

* Fixing the test check function to load the firewall, rather than the collection

* Fixing a bad refactor

* Fixing a broken test

* Docs: adding a sidebar link
  • Loading branch information
hbuckle authored and tombuildsstuff committed Sep 13, 2018
1 parent caf6732 commit 08ef14e
Show file tree
Hide file tree
Showing 10 changed files with 2,022 additions and 0 deletions.
5 changes: 5 additions & 0 deletions azurerm/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,7 @@ type ArmClient struct {
// Networking
applicationGatewayClient network.ApplicationGatewaysClient
applicationSecurityGroupsClient network.ApplicationSecurityGroupsClient
azureFirewallsClient network.AzureFirewallsClient
expressRouteAuthsClient network.ExpressRouteCircuitAuthorizationsClient
expressRouteCircuitClient network.ExpressRouteCircuitsClient
expressRoutePeeringsClient network.ExpressRouteCircuitPeeringsClient
Expand Down Expand Up @@ -758,6 +759,10 @@ func (c *ArmClient) registerNetworkingClients(endpoint, subscriptionId string, a
c.configureClient(&appSecurityGroupsClient.Client, auth)
c.applicationSecurityGroupsClient = appSecurityGroupsClient

azureFirewallsClient := network.NewAzureFirewallsClientWithBaseURI(endpoint, subscriptionId)
c.configureClient(&azureFirewallsClient.Client, auth)
c.azureFirewallsClient = azureFirewallsClient

expressRouteAuthsClient := network.NewExpressRouteCircuitAuthorizationsClientWithBaseURI(endpoint, subscriptionId)
c.configureClient(&expressRouteAuthsClient.Client, auth)
c.expressRouteAuthsClient = expressRouteAuthsClient
Expand Down
42 changes: 42 additions & 0 deletions azurerm/helpers/azure/firewall.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
package azure

import (
"fmt"

"github.com/Azure/azure-sdk-for-go/services/network/mgmt/2018-04-01/network"
)

// The API requires InternalPublicIPAddress to be set when for a CreateOrUpdate
// operation, but Get operations return the property as PublicIPAddress
// so we need to go through and copy the value to the correct property.
func FirewallFixIPConfiguration(input *[]network.AzureFirewallIPConfiguration) (*[]network.AzureFirewallIPConfiguration, error) {
if input == nil {
return nil, fmt.Errorf("`input` was nil")
}

results := make([]network.AzureFirewallIPConfiguration, 0)
for _, config := range *input {
if config.Subnet == nil || config.Subnet.ID == nil {
return nil, fmt.Errorf("`config.Subnet.ID` was nil")
}

if config.PublicIPAddress == nil || config.PublicIPAddress.ID == nil {
return nil, fmt.Errorf("`config.PublicIPAddress.ID` was nil")
}

result := network.AzureFirewallIPConfiguration{
Name: config.Name,
AzureFirewallIPConfigurationPropertiesFormat: &network.AzureFirewallIPConfigurationPropertiesFormat{
Subnet: &network.SubResource{
ID: config.Subnet.ID,
},
InternalPublicIPAddress: &network.SubResource{
ID: config.PublicIPAddress.ID,
},
},
}
results = append(results, result)
}

return &results, nil
}
2 changes: 2 additions & 0 deletions azurerm/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,8 @@ func Provider() terraform.ResourceProvider {
"azurerm_automation_schedule": resourceArmAutomationSchedule(),
"azurerm_autoscale_setting": resourceArmAutoScaleSetting(),
"azurerm_availability_set": resourceArmAvailabilitySet(),
"azurerm_firewall": resourceArmFirewall(),
"azurerm_firewall_network_rule_collection": resourceArmFirewallNetworkRuleCollection(),
"azurerm_cdn_endpoint": resourceArmCdnEndpoint(),
"azurerm_cdn_profile": resourceArmCdnProfile(),
"azurerm_container_registry": resourceArmContainerRegistry(),
Expand Down
Loading

0 comments on commit 08ef14e

Please sign in to comment.