Skip to content

Commit

Permalink
azurerm_firewall_policy_rule_collection_group - support description,d…
Browse files Browse the repository at this point in the history 
…estination_addresses,destination_urls,terminate_tls,web_categories (#13190)

Fixes #11438
Fixes #12944
Fixes #12086
  • Loading branch information
@gro1m
gro1m authored Sep 3, 2021
1 parent 7322842 commit cc28a21
Show file tree
Hide file tree
Showing 3 changed files with 410 additions and 28 deletions.
75 changes: 66 additions & 9 deletions internal/services/firewall/firewall_policy_rule_collection_group_resource.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@ import (

"github.com/Azure/azure-sdk-for-go/services/network/mgmt/2021-02-01/network"
"github.com/hashicorp/go-azure-helpers/response"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
"github.com/hashicorp/terraform-provider-azurerm/helpers/tf"
azValidate "github.com/hashicorp/terraform-provider-azurerm/helpers/validate"
"github.com/hashicorp/terraform-provider-azurerm/internal/clients"
"github.com/hashicorp/terraform-provider-azurerm/internal/locks"
"github.com/hashicorp/terraform-provider-azurerm/internal/services/firewall/parse"
"github.com/hashicorp/terraform-provider-azurerm/internal/services/firewall/validate"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
"github.com/hashicorp/terraform-provider-azurerm/internal/timeouts"
"github.com/hashicorp/terraform-provider-azurerm/utils"
)
Expand Down Expand Up @@ -95,9 +95,14 @@ func resourceFirewallPolicyRuleCollectionGroup() *pluginsdk.Resource {
Required: true,
ValidateFunc: validate.FirewallPolicyRuleName(),
},
"description": {
Type: pluginsdk.TypeString,
Optional: true,
ValidateFunc: validate.FirewallPolicyRuleName(),
},
"protocols": {
Type: pluginsdk.TypeSet,
Required: true,
Optional: true,
Elem: &pluginsdk.Resource{
Schema: map[string]*pluginsdk.Schema{
"type": {
Expand Down Expand Up @@ -136,6 +141,18 @@ func resourceFirewallPolicyRuleCollectionGroup() *pluginsdk.Resource {
ValidateFunc: validation.StringIsNotEmpty,
},
},
"destination_addresses": {
Type: pluginsdk.TypeSet,
Optional: true,
Elem: &pluginsdk.Schema{
Type: pluginsdk.TypeString,
ValidateFunc: validation.Any(
validation.IsIPAddress,
validation.IsCIDR,
validation.StringInSlice([]string{`*`}, false),
),
},
},
"destination_fqdns": {
Type: pluginsdk.TypeSet,
Optional: true,
Expand All @@ -144,6 +161,14 @@ func resourceFirewallPolicyRuleCollectionGroup() *pluginsdk.Resource {
ValidateFunc: validation.StringIsNotEmpty,
},
},
"destination_urls": {
Type: pluginsdk.TypeSet,
Optional: true,
Elem: &pluginsdk.Schema{
Type: pluginsdk.TypeString,
ValidateFunc: validation.StringIsNotEmpty,
},
},
"destination_fqdn_tags": {
Type: pluginsdk.TypeSet,
Optional: true,
Expand All @@ -152,6 +177,18 @@ func resourceFirewallPolicyRuleCollectionGroup() *pluginsdk.Resource {
ValidateFunc: validation.StringIsNotEmpty,
},
},
"terminate_tls": {
Type: pluginsdk.TypeBool,
Optional: true,
},
"web_categories": {
Type: pluginsdk.TypeSet,
Optional: true,
Elem: &pluginsdk.Schema{
Type: pluginsdk.TypeString,
ValidateFunc: validation.StringIsNotEmpty,
},
},
},
},
},
Expand Down Expand Up @@ -564,13 +601,18 @@ func expandFirewallPolicyRuleApplication(input []interface{}) *[]network.BasicFi
})
}
output := &network.ApplicationRule{
Name: utils.String(condition["name"].(string)),
RuleType: network.RuleTypeApplicationRule,
Protocols: &protocols,
SourceAddresses: utils.ExpandStringSlice(condition["source_addresses"].(*pluginsdk.Set).List()),
SourceIPGroups: utils.ExpandStringSlice(condition["source_ip_groups"].(*pluginsdk.Set).List()),
TargetFqdns: utils.ExpandStringSlice(condition["destination_fqdns"].(*pluginsdk.Set).List()),
FqdnTags: utils.ExpandStringSlice(condition["destination_fqdn_tags"].(*pluginsdk.Set).List()),
Name: utils.String(condition["name"].(string)),
Description: utils.String(condition["description"].(string)),
RuleType: network.RuleTypeApplicationRule,
Protocols: &protocols,
SourceAddresses: utils.ExpandStringSlice(condition["source_addresses"].(*pluginsdk.Set).List()),
SourceIPGroups: utils.ExpandStringSlice(condition["source_ip_groups"].(*pluginsdk.Set).List()),
DestinationAddresses: utils.ExpandStringSlice(condition["destination_addresses"].(*pluginsdk.Set).List()),
TargetFqdns: utils.ExpandStringSlice(condition["destination_fqdns"].(*pluginsdk.Set).List()),
TargetUrls: utils.ExpandStringSlice(condition["destination_urls"].(*pluginsdk.Set).List()),
FqdnTags: utils.ExpandStringSlice(condition["destination_fqdn_tags"].(*pluginsdk.Set).List()),
TerminateTLS: utils.Bool(condition["terminate_tls"].(bool)),
WebCategories: utils.ExpandStringSlice(condition["web_categories"].(*pluginsdk.Set).List()),
}
result = append(result, output)
}
Expand Down Expand Up @@ -739,6 +781,16 @@ func flattenFirewallPolicyRuleApplication(input *[]network.BasicFirewallPolicyRu
name = *rule.Name
}

var description string
if rule.Description != nil {
description = *rule.Description
}

var terminate_tls bool
if rule.TerminateTLS != nil {
terminate_tls = *rule.TerminateTLS
}

protocols := make([]interface{}, 0)
if rule.Protocols != nil {
for _, protocol := range *rule.Protocols {
Expand All @@ -755,11 +807,16 @@ func flattenFirewallPolicyRuleApplication(input *[]network.BasicFirewallPolicyRu

output = append(output, map[string]interface{}{
"name": name,
"description": description,
"protocols": protocols,
"source_addresses": utils.FlattenStringSlice(rule.SourceAddresses),
"source_ip_groups": utils.FlattenStringSlice(rule.SourceIPGroups),
"destination_addresses": utils.FlattenStringSlice(rule.DestinationAddresses),
"destination_urls": utils.FlattenStringSlice(rule.TargetUrls),
"destination_fqdns": utils.FlattenStringSlice(rule.TargetFqdns),
"destination_fqdn_tags": utils.FlattenStringSlice(rule.FqdnTags),
"terminate_tls": terminate_tls,
"web_categories": utils.FlattenStringSlice(rule.WebCategories),
})
}

Expand Down
Loading

0 comments on commit cc28a21

Please sign in to comment.