Skip to content

Commit

Permalink
New Resources: azurerm_subnet_network_security_group_association / …
Browse files Browse the repository at this point in the history
…`azurerm_subnet_route_table_association` (#1933)

* New Resource: `azurerm_subnet_route_table_association`

```
$ acctests azurerm TestAccAzureRMSubnetRouteTableAssociation
=== RUN   TestAccAzureRMSubnetRouteTableAssociation_basic
--- PASS: TestAccAzureRMSubnetRouteTableAssociation_basic (145.86s)
=== RUN   TestAccAzureRMSubnetRouteTableAssociation_deleted
--- PASS: TestAccAzureRMSubnetRouteTableAssociation_deleted (103.94s)
PASS
ok  	github.com/terraform-providers/terraform-provider-azurerm/azurerm	250.163s
```

* New Resource: `azurerm_subnet_network_security_group_association`

```
$ acctests azurerm TestAccAzureRMSubnetNetworkSecurityGroupAssociation_
=== RUN   TestAccAzureRMSubnetNetworkSecurityGroupAssociation_basic
--- PASS: TestAccAzureRMSubnetNetworkSecurityGroupAssociation_basic (129.21s)
=== RUN   TestAccAzureRMSubnetNetworkSecurityGroupAssociation_deleted
--- PASS: TestAccAzureRMSubnetNetworkSecurityGroupAssociation_deleted (99.74s)
PASS
ok  	github.com/terraform-providers/terraform-provider-azurerm/azurerm	229.367s
```

* WIP# Please enter the commit message for your changes. Lines starting

* Subnet: documenting that both fields are required for the moment

* Handling the config being required on both for the moment
  • Loading branch information
tombuildsstuff authored Oct 13, 2018
1 parent c187201 commit 4027cdd
Show file tree
Hide file tree
Showing 12 changed files with 1,249 additions and 171 deletions.
320 changes: 161 additions & 159 deletions azurerm/provider.go

Large diffs are not rendered by default.

20 changes: 14 additions & 6 deletions azurerm/resource_arm_subnet.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,13 +42,15 @@ func resourceArmSubnet() *schema.Resource {
},

"network_security_group_id": {
Type: schema.TypeString,
Optional: true,
Type: schema.TypeString,
Optional: true,
Deprecated: "Use the `azurerm_subnet_network_security_group_association` resource instead.",
},

"route_table_id": {
Type: schema.TypeString,
Optional: true,
Type: schema.TypeString,
Optional: true,
Deprecated: "Use the `azurerm_subnet_route_table_association` resource instead.",
},

"ip_configurations": {
Expand Down Expand Up @@ -99,6 +101,8 @@ func resourceArmSubnetCreate(d *schema.ResourceData, meta interface{}) error {

azureRMLockByName(networkSecurityGroupName, networkSecurityGroupResourceName)
defer azureRMUnlockByName(networkSecurityGroupName, networkSecurityGroupResourceName)
} else {
properties.NetworkSecurityGroup = nil
}

if v, ok := d.GetOk("route_table_id"); ok {
Expand All @@ -114,6 +118,8 @@ func resourceArmSubnetCreate(d *schema.ResourceData, meta interface{}) error {

azureRMLockByName(routeTableName, routeTableResourceName)
defer azureRMUnlockByName(routeTableName, routeTableResourceName)
} else {
properties.RouteTable = nil
}

serviceEndpoints, serviceEndpointsErr := expandAzureRmServiceEndpoints(d)
Expand Down Expand Up @@ -184,9 +190,11 @@ func resourceArmSubnetRead(d *schema.ResourceData, meta interface{}) error {
d.Set("network_security_group_id", props.NetworkSecurityGroup.ID)
}

if props.RouteTable != nil {
d.Set("route_table_id", props.RouteTable.ID)
var routeTableId string
if props.RouteTable != nil && props.RouteTable.ID != nil {
routeTableId = *props.RouteTable.ID
}
d.Set("route_table_id", routeTableId)

ips := flattenSubnetIPConfigurations(props.IPConfigurations)
if err := d.Set("ip_configurations", ips); err != nil {
Expand Down
216 changes: 216 additions & 0 deletions azurerm/resource_arm_subnet_network_security_group_association.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,216 @@
package azurerm

import (
"fmt"
"log"

"github.com/Azure/azure-sdk-for-go/services/network/mgmt/2018-04-01/network"
"github.com/hashicorp/terraform/helper/schema"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
)

func resourceArmSubnetNetworkSecurityGroupAssociation() *schema.Resource {
return &schema.Resource{
Create: resourceArmSubnetNetworkSecurityGroupAssociationCreate,
Read: resourceArmSubnetNetworkSecurityGroupAssociationRead,
Delete: resourceArmSubnetNetworkSecurityGroupAssociationDelete,
Importer: &schema.ResourceImporter{
State: schema.ImportStatePassthrough,
},

Schema: map[string]*schema.Schema{
"subnet_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: azure.ValidateResourceID,
},

"network_security_group_id": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: azure.ValidateResourceID,
},
},
}
}

func resourceArmSubnetNetworkSecurityGroupAssociationCreate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*ArmClient).subnetClient
ctx := meta.(*ArmClient).StopContext

log.Printf("[INFO] preparing arguments for Subnet <-> Network Security Group Association creation.")

subnetId := d.Get("subnet_id").(string)
networkSecurityGroupId := d.Get("network_security_group_id").(string)

parsedSubnetId, err := parseAzureResourceID(subnetId)
if err != nil {
return err
}

networkSecurityGroupName, err := parseNetworkSecurityGroupName(networkSecurityGroupId)
if err != nil {
return err
}

azureRMLockByName(networkSecurityGroupName, networkSecurityGroupResourceName)
defer azureRMUnlockByName(networkSecurityGroupName, networkSecurityGroupResourceName)

subnetName := parsedSubnetId.Path["subnets"]
virtualNetworkName := parsedSubnetId.Path["virtualNetworks"]
resourceGroup := parsedSubnetId.ResourceGroup

azureRMLockByName(virtualNetworkName, virtualNetworkResourceName)
defer azureRMUnlockByName(virtualNetworkName, virtualNetworkResourceName)

subnet, err := client.Get(ctx, resourceGroup, virtualNetworkName, subnetName, "")
if err != nil {
if utils.ResponseWasNotFound(subnet.Response) {
return fmt.Errorf("Subnet %q (Virtual Network %q / Resource Group %q) was not found!", subnetName, virtualNetworkName, resourceGroup)
}

return fmt.Errorf("Error retrieving Subnet %q (Virtual Network %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

if props := subnet.SubnetPropertiesFormat; props != nil {
props.NetworkSecurityGroup = &network.SecurityGroup{
ID: utils.String(networkSecurityGroupId),
}
}

future, err := client.CreateOrUpdate(ctx, resourceGroup, virtualNetworkName, subnetName, subnet)
if err != nil {
return fmt.Errorf("Error updating Route Table Association for Subnet %q (Virtual Network %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

err = future.WaitForCompletionRef(ctx, client.Client)
if err != nil {
return fmt.Errorf("Error waiting for completion of Route Table Association for Subnet %q (VN %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

read, err := client.Get(ctx, resourceGroup, virtualNetworkName, subnetName, "")
if err != nil {
return fmt.Errorf("Error retrieving Subnet %q (Virtual Network %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

d.SetId(*read.ID)

return resourceArmSubnetNetworkSecurityGroupAssociationRead(d, meta)
}

func resourceArmSubnetNetworkSecurityGroupAssociationRead(d *schema.ResourceData, meta interface{}) error {
client := meta.(*ArmClient).subnetClient
ctx := meta.(*ArmClient).StopContext

id, err := parseAzureResourceID(d.Id())
if err != nil {
return err
}
resourceGroup := id.ResourceGroup
virtualNetworkName := id.Path["virtualNetworks"]
subnetName := id.Path["subnets"]

resp, err := client.Get(ctx, resourceGroup, virtualNetworkName, subnetName, "")

if err != nil {
if utils.ResponseWasNotFound(resp.Response) {
log.Printf("[DEBUG] Subnet %q (Virtual Network %q / Resource Group %q) could not be found - removing from state!", subnetName, virtualNetworkName, resourceGroup)
d.SetId("")
return nil
}
return fmt.Errorf("Error retrieving Subnet %q (Virtual Network %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

props := resp.SubnetPropertiesFormat
if props == nil {
return fmt.Errorf("Error: `properties` was nil for Subnet %q (Virtual Network %q / Resource Group %q)", subnetName, virtualNetworkName, resourceGroup)
}

securityGroup := props.NetworkSecurityGroup
if securityGroup == nil {
log.Printf("[DEBUG] Subnet %q (Virtual Network %q / Resource Group %q) doesn't have a Network Security Group - removing from state!", subnetName, virtualNetworkName, resourceGroup)
d.SetId("")
return nil
}

d.Set("subnet_id", resp.ID)
d.Set("network_security_group_id", securityGroup.ID)

return nil
}

func resourceArmSubnetNetworkSecurityGroupAssociationDelete(d *schema.ResourceData, meta interface{}) error {
client := meta.(*ArmClient).subnetClient
ctx := meta.(*ArmClient).StopContext

id, err := parseAzureResourceID(d.Id())
if err != nil {
return err
}
resourceGroup := id.ResourceGroup
virtualNetworkName := id.Path["virtualNetworks"]
subnetName := id.Path["subnets"]

// retrieve the subnet
read, err := client.Get(ctx, resourceGroup, virtualNetworkName, subnetName, "")
if err != nil {
if utils.ResponseWasNotFound(read.Response) {
log.Printf("[DEBUG] Subnet %q (Virtual Network %q / Resource Group %q) could not be found - removing from state!", subnetName, virtualNetworkName, resourceGroup)
return nil
}

return fmt.Errorf("Error retrieving Subnet %q (Virtual Network %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

props := read.SubnetPropertiesFormat
if props == nil {
return fmt.Errorf("`Properties` was nil for Subnet %q (Virtual Network %q / Resource Group %q)", subnetName, virtualNetworkName, resourceGroup)
}

if props.NetworkSecurityGroup == nil || props.NetworkSecurityGroup.ID == nil {
log.Printf("[DEBUG] Subnet %q (Virtual Network %q / Resource Group %q) has no Network Security Group - removing from state!", subnetName, virtualNetworkName, resourceGroup)
return nil
}

// once we have the network security group id to lock on, lock on that
networkSecurityGroupName, err := parseNetworkSecurityGroupName(*props.NetworkSecurityGroup.ID)
if err != nil {
return err
}

azureRMLockByName(networkSecurityGroupName, networkSecurityGroupResourceName)
defer azureRMUnlockByName(networkSecurityGroupName, networkSecurityGroupResourceName)

azureRMLockByName(virtualNetworkName, virtualNetworkResourceName)
defer azureRMUnlockByName(virtualNetworkName, virtualNetworkResourceName)

azureRMLockByName(subnetName, subnetResourceName)
defer azureRMUnlockByName(subnetName, subnetResourceName)

// then re-retrieve it to ensure we've got the latest state
read, err = client.Get(ctx, resourceGroup, virtualNetworkName, subnetName, "")
if err != nil {
if utils.ResponseWasNotFound(read.Response) {
log.Printf("[DEBUG] Subnet %q (Virtual Network %q / Resource Group %q) could not be found - removing from state!", subnetName, virtualNetworkName, resourceGroup)
return nil
}

return fmt.Errorf("Error retrieving Subnet %q (Virtual Network %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

read.SubnetPropertiesFormat.NetworkSecurityGroup = nil

future, err := client.CreateOrUpdate(ctx, resourceGroup, virtualNetworkName, subnetName, read)
if err != nil {
return fmt.Errorf("Error removing Network Security Group Association from Subnet %q (Virtual Network %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

if err = future.WaitForCompletionRef(ctx, client.Client); err != nil {
return fmt.Errorf("Error waiting for removal of Network Security Group Association from Subnet %q (Virtual Network %q / Resource Group %q): %+v", subnetName, virtualNetworkName, resourceGroup, err)
}

return nil
}
Loading

0 comments on commit 4027cdd

Please sign in to comment.