Skip to content

Commit

Permalink
Allow associating WAF Policy to Application Gateway
Browse files Browse the repository at this point in the history
Fixes hashicorp#4667.

Signed-off-by: Sune Keller <[email protected]>
  • Loading branch information
sirlatrom committed Mar 13, 2020
1 parent 7066eab commit 3d83801
Showing 1 changed file with 42 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1276,6 +1276,21 @@ func resourceArmApplicationGateway() *schema.Resource {
},
},

"firewall_policy": {
Type: schema.TypeList,
Optional: true,
MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"id": {
Type: schema.TypeString,
Required: true,
ValidateFunc: validation.NoZeroValues,
},
},
},
},

"custom_error_configuration": {
Type: schema.TypeList,
Optional: true,
Expand Down Expand Up @@ -1430,6 +1445,15 @@ func resourceArmApplicationGatewayCreateUpdate(d *schema.ResourceData, meta inte
gateway.ApplicationGatewayPropertiesFormat.WebApplicationFirewallConfiguration = expandApplicationGatewayWafConfig(d)
}

if res, ok := d.GetOk("firewall_policy"); ok {
vs := res.([]interface{})
v := vs[0].(map[string]interface{})
id := v["id"].(string)
gateway.ApplicationGatewayPropertiesFormat.FirewallPolicy = &network.SubResource{
ID: &id,
}
}

if stopApplicationGateway {
future, err := client.Stop(ctx, resGroup, name)
if err != nil {
Expand Down Expand Up @@ -1608,6 +1632,10 @@ func resourceArmApplicationGatewayRead(d *schema.ResourceData, meta interface{})
if setErr := d.Set("waf_configuration", flattenApplicationGatewayWafConfig(props.WebApplicationFirewallConfiguration)); setErr != nil {
return fmt.Errorf("Error setting `waf_configuration`: %+v", setErr)
}

if setErr := d.Set("firewall_policy", flattenApplicationGatewayFirewallPolicy(props.FirewallPolicy)); setErr != nil {
return fmt.Errorf("Error setting `firewall_policy`: %+v", setErr)
}
}

return tags.FlattenAndSet(d, applicationGateway.Tags)
Expand Down Expand Up @@ -3591,6 +3619,20 @@ func flattenApplicationGatewayWafConfig(input *network.ApplicationGatewayWebAppl
return results
}

func flattenApplicationGatewayFirewallPolicy(input *network.SubResource) []interface{} {
results := make([]interface{}, 0)
if input == nil {
return results
}

output := make(map[string]interface{})

output["id"] = input.ID
results = append(results, output)

return results
}

func expandApplicationGatewayFirewallDisabledRuleGroup(d []interface{}) *[]network.ApplicationGatewayFirewallDisabledRuleGroup {
if len(d) == 0 {
return nil
Expand Down

0 comments on commit 3d83801

Please sign in to comment.