Skip to content

Commit

Permalink
updates for live env support
Browse files Browse the repository at this point in the history
  • Loading branch information
@anGie44
anGie44 committed Nov 18, 2020
1 parent 4046b7b commit 70cc538
Show file tree
Hide file tree
Showing 17 changed files with 510 additions and 535 deletions.
2 changes: 1 addition & 1 deletion aws/internal/keyvaluetags/update_tags_gen.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions aws/internal/service/networkfirewall/finder/finder.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package finder

import (
"context"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/networkfirewall"
)
Expand Down
6 changes: 3 additions & 3 deletions aws/internal/service/networkfirewall/waiter/waiter.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ import (
)

const (
// Maximum amount of time to wait for a Firewall to be created
FirewallTimeout = 15 * time.Minute
// Maximum amount of time to wait for a Firewall to be created, updated, or deleted
FirewallTimeout = 20 * time.Minute
// Maximum amount of time to wait for a Firewall Policy to be deleted
FirewallPolicyTimeout = 10 * time.Minute
// Maximum amount of time to wait for a Rule Group to be deleted
Expand Down Expand Up @@ -57,7 +57,7 @@ func FirewallDeleted(ctx context.Context, conn *networkfirewall.NetworkFirewall,
Pending: []string{networkfirewall.FirewallStatusValueDeleting},
Target: []string{ResourceStatusDeleted},
Refresh: FirewallDeletedStatus(ctx, conn, arn),
Timeout: FirewallPolicyTimeout,
Timeout: FirewallTimeout,
}

outputRaw, err := stateConf.WaitForState()
Expand Down
10 changes: 7 additions & 3 deletions aws/networkfirewall_helpers.go
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,12 @@
package aws

import (
"regexp"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/networkfirewall"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
)

func customActionSchema() *schema.Schema {
Expand Down Expand Up @@ -43,9 +46,10 @@ func customActionSchema() *schema.Schema {
},
},
"action_name": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Type: schema.TypeString,
Required: true,
ForceNew: true,
ValidateFunc: validation.StringMatch(regexp.MustCompile(`^[a-zA-Z0-9]+$`), "must contain only alphanumeric characters"),
},
},
},
Expand Down
1 change: 0 additions & 1 deletion aws/provider.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -774,7 +774,6 @@ func Provider() *schema.Provider {
"aws_networkfirewall_firewall": resourceAwsNetworkFirewallFirewall(),
"aws_networkfirewall_firewall_policy": resourceAwsNetworkFirewallFirewallPolicy(),
"aws_networkfirewall_logging_configuration": resourceAwsNetworkFirewallLoggingConfiguration(),
"aws_networkfirewall_resource_policy": resourceAwsNetworkFirewallResourcePolicy(),
"aws_networkfirewall_rule_group": resourceAwsNetworkFirewallRuleGroup(),
"aws_opsworks_application": resourceAwsOpsworksApplication(),
"aws_opsworks_stack": resourceAwsOpsworksStack(),
Expand Down
14 changes: 8 additions & 6 deletions aws/resource_aws_networkfirewall_firewall.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,7 @@ func resourceAwsNetworkFirewallFirewallRead(ctx context.Context, d *schema.Resou
arn := aws.StringValue(firewall.FirewallArn)

d.Set("arn", arn)
d.Set("delete_protection", firewall.DeleteProtection)
d.Set("description", firewall.Description)
d.Set("name", firewall.FirewallName)
d.Set("firewall_policy_arn", firewall.FirewallPolicyArn)
Expand Down Expand Up @@ -309,16 +310,11 @@ func resourceAwsNetworkFirewallFirewallUpdate(ctx context.Context, d *schema.Res
return diag.FromErr(fmt.Errorf("error disassociating NetworkFirewall Firewall (%s) subnet: %w", arn, err))
}

respToken, err := waiter.FirewallUpdated(ctx, conn, arn)
_, err = waiter.FirewallUpdated(ctx, conn, arn)
if err != nil {
return diag.FromErr(fmt.Errorf("error waiting for NetworkFirewall Firewall (%s) to be updated: %w", d.Id(), err))

}
if respToken == nil {
return diag.FromErr(fmt.Errorf("error disassociating NetworkFirewall Firewall (%s) subnet: empty update_token", arn))
}

updateToken = respToken
}
}

Expand All @@ -343,10 +339,16 @@ func resourceAwsNetworkFirewallFirewallDelete(ctx context.Context, d *schema.Res

_, err := conn.DeleteFirewallWithContext(ctx, input)
if err != nil {
if tfawserr.ErrCodeEquals(err, networkfirewall.ErrCodeResourceNotFoundException) {
return nil
}
return diag.FromErr(fmt.Errorf("error deleting NetworkFirewall Firewall (%s): %w", d.Id(), err))
}

if _, err := waiter.FirewallDeleted(ctx, conn, d.Id()); err != nil {
if tfawserr.ErrCodeEquals(err, networkfirewall.ErrCodeResourceNotFoundException) {
return nil
}
return diag.FromErr(fmt.Errorf("error waiting for NetworkFirewall Firewall (%s) to delete: %w", d.Id(), err))
}

Expand Down
6 changes: 6 additions & 0 deletions aws/resource_aws_networkfirewall_firewall_policy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -240,10 +240,16 @@ func resourceAwsNetworkFirewallFirewallPolicyDelete(ctx context.Context, d *sche
}

if err != nil {
if tfawserr.ErrCodeEquals(err, networkfirewall.ErrCodeResourceNotFoundException) {
return nil
}
return diag.FromErr(fmt.Errorf("error deleting NetworkFirewall Firewall Policy (%s): %w", d.Id(), err))
}

if _, err := waiter.FirewallPolicyDeleted(ctx, conn, d.Id()); err != nil {
if tfawserr.ErrCodeEquals(err, networkfirewall.ErrCodeResourceNotFoundException) {
return nil
}
return diag.FromErr(fmt.Errorf("error waiting for NetworkFirewall Firewall Policy (%s) to delete: %w", d.Id(), err))
}

Expand Down
46 changes: 23 additions & 23 deletions aws/resource_aws_networkfirewall_firewall_policy_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_basic(t *testing.T) {
resourceName := "aws_networkfirewall_firewall_policy.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -117,7 +117,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_statefulRuleGroupReference(t *testi
ruleGroupResourceName := "aws_networkfirewall_rule_group.test.0"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -145,7 +145,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_updateStatefulRuleGroupReference(t
ruleGroupResourceName := "aws_networkfirewall_rule_group.test.0"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -186,7 +186,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_multipleStatefulRuleGroupReferences
ruleGroupResourceName2 := "aws_networkfirewall_rule_group.test.1"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -224,7 +224,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_statelessRuleGroupReference(t *test
ruleGroupResourceName := "aws_networkfirewall_rule_group.test.0"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -266,7 +266,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_updateStatelessRuleGroupReference(t
ruleGroupResourceName := "aws_networkfirewall_rule_group.test.0"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -311,7 +311,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_multipleStatelessRuleGroupReference
ruleGroupResourceName2 := "aws_networkfirewall_rule_group.test.1"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -357,7 +357,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_statelessCustomAction(t *testing.T)
resourceName := "aws_networkfirewall_firewall_policy.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand All @@ -371,7 +371,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_statelessCustomAction(t *testing.T)
"action_definition.#": "1",
"action_definition.0.publish_metric_action.#": "1",
"action_definition.0.publish_metric_action.0.dimension.#": "1",
"action_name": rName,
"action_name": "CustomAction",
}),
),
},
Expand All @@ -389,7 +389,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_updateStatelessCustomAction(t *test
resourceName := "aws_networkfirewall_firewall_policy.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand All @@ -406,7 +406,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_updateStatelessCustomAction(t *test
resource.TestCheckResourceAttr(resourceName, "firewall_policy.#", "1"),
resource.TestCheckResourceAttr(resourceName, "firewall_policy.0.stateless_custom_action.#", "1"),
tfawsresource.TestCheckTypeSetElemNestedAttrs(resourceName, "firewall_policy.0.stateless_custom_action.*", map[string]string{
"action_name": rName,
"action_name": "CustomAction",
"action_definition.#": "1",
"action_definition.0.publish_metric_action.#": "1",
"action_definition.0.publish_metric_action.0.dimension.#": "1",
Expand Down Expand Up @@ -448,7 +448,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_multipleStatelessCustomActions(t *t
resourceName := "aws_networkfirewall_firewall_policy.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand All @@ -459,13 +459,13 @@ func TestAccAwsNetworkFirewallFirewallPolicy_multipleStatelessCustomActions(t *t
resource.TestCheckResourceAttr(resourceName, "firewall_policy.#", "1"),
resource.TestCheckResourceAttr(resourceName, "firewall_policy.0.stateless_custom_action.#", "2"),
tfawsresource.TestCheckTypeSetElemNestedAttrs(resourceName, "firewall_policy.0.stateless_custom_action.*", map[string]string{
"action_name": rName,
"action_name": "CustomAction",
"action_definition.#": "1",
"action_definition.0.publish_metric_action.#": "1",
"action_definition.0.publish_metric_action.0.dimension.#": "1",
}),
tfawsresource.TestCheckTypeSetElemNestedAttrs(resourceName, "firewall_policy.0.stateless_custom_action.*", map[string]string{
"action_name": "CustomAction",
"action_name": "CustomAction2",
"action_definition.#": "1",
"action_definition.0.publish_metric_action.#": "1",
"action_definition.0.publish_metric_action.0.dimension.#": "1",
Expand All @@ -479,7 +479,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_multipleStatelessCustomActions(t *t
resource.TestCheckResourceAttr(resourceName, "firewall_policy.#", "1"),
resource.TestCheckResourceAttr(resourceName, "firewall_policy.0.stateless_custom_action.#", "1"),
tfawsresource.TestCheckTypeSetElemNestedAttrs(resourceName, "firewall_policy.0.stateless_custom_action.*", map[string]string{
"action_name": rName,
"action_name": "CustomAction",
"action_definition.#": "1",
"action_definition.0.publish_metric_action.#": "1",
"action_definition.0.publish_metric_action.0.dimension.#": "1",
Expand All @@ -501,7 +501,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceAndCustom
ruleGroupResourceName := "aws_networkfirewall_rule_group.test.0"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand All @@ -513,7 +513,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_statefulRuleGroupReferenceAndCustom
resource.TestCheckResourceAttr(resourceName, "firewall_policy.0.stateful_rule_group_reference.#", "1"),
tfawsresource.TestCheckTypeSetElemAttrPair(resourceName, "firewall_policy.0.stateful_rule_group_reference.*.resource_arn", ruleGroupResourceName, "arn"),
tfawsresource.TestCheckTypeSetElemNestedAttrs(resourceName, "firewall_policy.0.stateless_custom_action.*", map[string]string{
"action_name": rName,
"action_name": "CustomAction",
"action_definition.#": "1",
"action_definition.0.publish_metric_action.#": "1",
"action_definition.0.publish_metric_action.0.dimension.#": "1",
Expand Down Expand Up @@ -543,7 +543,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_tags(t *testing.T) {
resourceName := "aws_networkfirewall_firewall_policy.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -585,7 +585,7 @@ func TestAccAwsNetworkFirewallFirewallPolicy_disappears(t *testing.T) {
resourceName := "aws_networkfirewall_firewall_policy.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckHasIAMRole(t, "AWSPrivatePreviewRoleForVPCFirewall") },
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAwsNetworkFirewallFirewallPolicyDestroy,
Steps: []resource.TestStep{
Expand Down Expand Up @@ -868,7 +868,7 @@ resource "aws_networkfirewall_firewall_policy" "test" {
stateless_fragment_default_actions = ["aws:drop"]
stateless_default_actions = ["aws:pass"]
stateless_custom_action {
action_name = %[1]q
action_name = "CustomAction"
action_definition {
publish_metric_action {
dimension {
Expand Down Expand Up @@ -919,7 +919,7 @@ resource "aws_networkfirewall_firewall_policy" "test" {
}
}
}
action_name = %[1]q
action_name = "CustomAction"
}
stateless_custom_action {
action_definition {
Expand All @@ -929,7 +929,7 @@ resource "aws_networkfirewall_firewall_policy" "test" {
}
}
}
action_name = "CustomAction"
action_name = "CustomAction2"
}
}
}
Expand All @@ -956,7 +956,7 @@ resource "aws_networkfirewall_firewall_policy" "test" {
}
}
}
action_name = %[1]q
action_name = "CustomAction"
}
}
}
Expand Down
Loading

0 comments on commit 70cc538

Please sign in to comment.