From aca6a338bcdab626d1b59a233075ac050e8e00d4 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Wed, 21 Jun 2017 20:37:37 +0000 Subject: [PATCH 01/19] For new Application Gateway Resource: Incorporated changes from https://github.com/brandontosch/terraform/tree/brandontosch/GH-8670 Also made slight change of 'app' gateway to 'application' gateway throughout code --- azurerm/config.go | 4 +- azurerm/provider.go | 1 + azurerm/resource_arm_application_gateway.go | 1677 +++++++++++++++++ .../resource_arm_application_gateway_test.cer | 21 + .../resource_arm_application_gateway_test.go | 1263 +++++++++++++ .../resource_arm_application_gateway_test.pfx | Bin 0 -> 4213 bytes 6 files changed, 2964 insertions(+), 2 deletions(-) create mode 100644 azurerm/resource_arm_application_gateway.go create mode 100644 azurerm/resource_arm_application_gateway_test.cer create mode 100644 azurerm/resource_arm_application_gateway_test.go create mode 100644 azurerm/resource_arm_application_gateway_test.pfx diff --git a/azurerm/config.go b/azurerm/config.go index eb784b7afd13..194f40c29028 100644 --- a/azurerm/config.go +++ b/azurerm/config.go @@ -69,7 +69,7 @@ type ArmClient struct { automationCredentialClient automation.CredentialClient automationScheduleClient automation.ScheduleClient - appGatewayClient network.ApplicationGatewaysClient + applicationGatewayClient network.ApplicationGatewaysClient ifaceClient network.InterfacesClient expressRouteCircuitClient network.ExpressRouteCircuitsClient loadBalancerClient network.LoadBalancersClient @@ -322,7 +322,7 @@ func (c *Config) getArmClient() (*ArmClient, error) { setUserAgent(&agc.Client) agc.Authorizer = auth agc.Sender = sender - client.appGatewayClient = agc + client.applicationGatewayClient = agc crc := containerregistry.NewRegistriesClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&crc.Client) diff --git a/azurerm/provider.go b/azurerm/provider.go index 11a5cfe4ac32..77ddd4682c36 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -70,6 +70,7 @@ func Provider() terraform.ResourceProvider { }, ResourcesMap: map[string]*schema.Resource{ + "azurerm_application_gateway": resourceArmApplicationGateway(), "azurerm_application_insights": resourceArmApplicationInsights(), "azurerm_app_service": resourceArmAppService(), "azurerm_app_service_plan": resourceArmAppServicePlan(), diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go new file mode 100644 index 000000000000..bfacaa140881 --- /dev/null +++ b/azurerm/resource_arm_application_gateway.go @@ -0,0 +1,1677 @@ +package azurerm + +import ( + "bytes" + "encoding/base64" + "fmt" + "log" + "net/http" + "path" + "time" + + "github.com/Azure/azure-sdk-for-go/arm/network" + "github.com/hashicorp/errwrap" + "github.com/hashicorp/terraform/helper/hashcode" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/helper/validation" + "github.com/jen20/riviera/azure" +) + +func resourceArmApplicationGateway() *schema.Resource { + return &schema.Resource{ + Create: resourceArmApplicationGatewayCreate, + Read: resourceArmApplicationGatewayRead, + Update: resourceArmApplicationGatewayCreate, + Delete: resourceArmApplicationGatewayDelete, + + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + + "location": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + StateFunc: azureRMNormalizeLocation, + }, + + "resource_group_name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + + "sku": { + Type: schema.TypeSet, + Required: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.StandardSmall), + string(network.StandardMedium), + string(network.StandardLarge), + string(network.WAFLarge), + string(network.WAFMedium), + }, true), + }, + + "tier": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.Standard), + string(network.WAF), + }, true), + }, + + "capacity": { + Type: schema.TypeInt, + Required: true, + ValidateFunc: validation.IntBetween(1, 10), + }, + }, + }, + Set: hashApplicationGatewaySku, + }, + + "disabled_ssl_protocols": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.TLSv10), + string(network.TLSv11), + string(network.TLSv12), + }, true), + }, + }, + + "waf_configuration": { + Type: schema.TypeSet, + Optional: true, + MaxItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "enabled": { + Type: schema.TypeBool, + Required: true, + }, + + "firewall_mode": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.Detection), + string(network.Prevention), + }, true), + }, + }, + }, + Set: hashApplicationGatewayWafConfig, + }, + + "gateway_ip_configuration": { + Type: schema.TypeList, + Required: true, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "subnet_id": { + Type: schema.TypeString, + Required: true, + }, + }, + }, + }, + + "frontend_port": { + Type: schema.TypeList, + Required: true, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "port": { + Type: schema.TypeInt, + Required: true, + }, + }, + }, + }, + + "frontend_ip_configuration": { + Type: schema.TypeList, + Optional: true, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "subnet_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + + "private_ip_address": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + + "public_ip_address_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + + "private_ip_address_allocation": { + Type: schema.TypeString, + Optional: true, + Computed: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.Dynamic), + string(network.Static), + }, true), + }, + }, + }, + }, + + "backend_address_pool": { + Type: schema.TypeList, + Required: true, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "ip_address_list": { + Type: schema.TypeList, + Optional: true, + MinItems: 1, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + + "fqdn_list": { + Type: schema.TypeList, + Optional: true, + MinItems: 1, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + }, + }, + }, + + "backend_http_settings": { + Type: schema.TypeList, + Required: true, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "port": { + Type: schema.TypeInt, + Required: true, + }, + + "protocol": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.HTTP), + string(network.HTTPS), + }, true), + }, + + "cookie_based_affinity": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.Enabled), + string(network.Disabled), + }, true), + }, + + "request_timeout": { + Type: schema.TypeInt, + Required: true, + }, + + "authentication_certificate": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + }, + + "id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + + "probe_name": { + Type: schema.TypeString, + Optional: true, + }, + + "probe_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + + "http_listener": { + Type: schema.TypeList, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "frontend_ip_configuration_name": { + Type: schema.TypeString, + Required: true, + }, + + "frontend_ip_configuration_id": { + Type: schema.TypeString, + Computed: true, + }, + + "frontend_port_name": { + Type: schema.TypeString, + Required: true, + }, + + "frontend_port_id": { + Type: schema.TypeString, + Computed: true, + }, + + "protocol": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.HTTP), + string(network.HTTPS), + }, true), + }, + + "host_name": { + Type: schema.TypeString, + Optional: true, + }, + + "ssl_certificate_name": { + Type: schema.TypeString, + Optional: true, + }, + + "ssl_certificate_id": { + Type: schema.TypeString, + Computed: true, + }, + + "require_sni": { + Type: schema.TypeBool, + Optional: true, + }, + }, + }, + }, + + "probe": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "protocol": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.HTTP), + string(network.HTTPS), + }, true), + }, + + "path": { + Type: schema.TypeString, + Required: true, + }, + + "host": { + Type: schema.TypeString, + Required: true, + }, + + "interval": { + Type: schema.TypeInt, + Required: true, + }, + + "timeout": { + Type: schema.TypeInt, + Required: true, + }, + + "unhealthy_threshold": { + Type: schema.TypeInt, + Required: true, + }, + }, + }, + }, + + "request_routing_rule": { + Type: schema.TypeList, + Required: true, + MinItems: 1, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "rule_type": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{ + string(network.Basic), + string(network.PathBasedRouting), + }, true), + }, + + "http_listener_name": { + Type: schema.TypeString, + Required: true, + }, + + "http_listener_id": { + Type: schema.TypeString, + Computed: true, + }, + + "backend_address_pool_name": { + Type: schema.TypeString, + Optional: true, + }, + + "backend_address_pool_id": { + Type: schema.TypeString, + Computed: true, + }, + + "backend_http_settings_name": { + Type: schema.TypeString, + Optional: true, + }, + + "backend_http_settings_id": { + Type: schema.TypeString, + Computed: true, + }, + + "url_path_map_name": { + Type: schema.TypeString, + Optional: true, + }, + + "url_path_map_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + + "url_path_map": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "default_backend_address_pool_name": { + Type: schema.TypeString, + Required: true, + }, + + "default_backend_address_pool_id": { + Type: schema.TypeString, + Computed: true, + }, + + "default_backend_http_settings_name": { + Type: schema.TypeString, + Required: true, + }, + + "default_backend_http_settings_id": { + Type: schema.TypeString, + Computed: true, + }, + + "path_rule": { + Type: schema.TypeList, + Required: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "paths": { + Type: schema.TypeList, + Required: true, + Elem: &schema.Schema{ + Type: schema.TypeString, + }, + }, + + "backend_address_pool_name": { + Type: schema.TypeString, + Required: true, + }, + + "backend_address_pool_id": { + Type: schema.TypeString, + Computed: true, + }, + + "backend_http_settings_name": { + Type: schema.TypeString, + Required: true, + }, + + "backend_http_settings_id": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + }, + }, + }, + + "authentication_certificate": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "data": { + Type: schema.TypeString, + Required: true, + Sensitive: true, + }, + }, + }, + }, + + "ssl_certificate": { + Type: schema.TypeList, + Optional: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Computed: true, + }, + + "name": { + Type: schema.TypeString, + Required: true, + }, + + "data": { + Type: schema.TypeString, + Required: true, + Sensitive: true, + }, + + "password": { + Type: schema.TypeString, + Required: true, + Sensitive: true, + }, + + "public_cert_data": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + + "tags": tagsSchema(), + }, + } +} + +func resourceArmApplicationGatewayCreate(d *schema.ResourceData, meta interface{}) error { + armClient := meta.(*ArmClient) + client := armClient.applicationGatewayClient + + log.Printf("[INFO] preparing arguments for AzureRM ApplicationGateway creation.") + + name := d.Get("name").(string) + location := d.Get("location").(string) + resGroup := d.Get("resource_group_name").(string) + tags := d.Get("tags").(map[string]interface{}) + + // Gateway ID is needed to link sub-resources together in expand functions + gatewayID := fmt.Sprintf( + "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Network/applicationGateways/%s", + armClient.subscriptionId, resGroup, name) + + properties := network.ApplicationGatewayPropertiesFormat{} + properties.Sku = expandApplicationGatewaySku(d) + properties.SslPolicy = expandApplicationGatewaySslPolicy(d) + properties.GatewayIPConfigurations = expandApplicationGatewayIPConfigurations(d) + properties.FrontendPorts = expandApplicationGatewayFrontendPorts(d) + properties.FrontendIPConfigurations = expandApplicationGatewayFrontendIPConfigurations(d) + properties.BackendAddressPools = expandApplicationGatewayBackendAddressPools(d) + properties.BackendHTTPSettingsCollection = expandApplicationGatewayBackendHTTPSettings(d, gatewayID) + properties.HTTPListeners = expandApplicationGatewayHTTPListeners(d, gatewayID) + properties.Probes = expandApplicationGatewayProbes(d) + properties.RequestRoutingRules = expandApplicationGatewayRequestRoutingRules(d, gatewayID) + properties.URLPathMaps = expandApplicationGatewayURLPathMaps(d, gatewayID) + properties.AuthenticationCertificates = expandApplicationGatewayAuthenticationCertificates(d) + properties.SslCertificates = expandApplicationGatewaySslCertificates(d) + + if _, ok := d.GetOk("waf_configuration"); ok { + properties.WebApplicationFirewallConfiguration = expandApplicationGatewayWafConfig(d) + } + + gateway := network.ApplicationGateway{ + Name: azure.String(name), + Location: azure.String(location), + Tags: expandTags(tags), + ApplicationGatewayPropertiesFormat: &properties, + } + + _, errChan := client.CreateOrUpdate(resGroup, name, gateway, make(chan struct{})) + err := <-errChan + if err != nil { + return errwrap.Wrapf("Error Creating/Updating ApplicationGateway {{err}}", err) + } + + read, err := client.Get(resGroup, name) + if err != nil { + return errwrap.Wrapf("Error Getting ApplicationGateway {{err}}", err) + } + if read.ID == nil { + return fmt.Errorf("Cannot read ApplicationGateway %s (resource group %s) ID", name, resGroup) + } + + d.SetId(*read.ID) + + log.Printf("[DEBUG] Waiting for ApplicationGateway (%s) to become available", name) + stateConf := &resource.StateChangeConf{ + Pending: []string{"Accepted", "Updating"}, + Target: []string{"Succeeded"}, + Refresh: ApplicationGatewayStateRefreshFunc(meta.(*ArmClient), resGroup, name), + Timeout: 60 * time.Minute, + } + if _, err := stateConf.WaitForState(); err != nil { + return fmt.Errorf("Error waiting for ApplicationGateway (%s) to become available: %s", name, err) + } + + return resourceArmApplicationGatewayRead(d, meta) +} + +func resourceArmApplicationGatewayRead(d *schema.ResourceData, meta interface{}) error { + id, err := parseAzureResourceID(d.Id()) + if err != nil { + return errwrap.Wrapf("Error parsing ApplicationGateway ID {{err}}", err) + } + + ApplicationGateway, exists, err := retrieveApplicationGatewayById(d.Id(), meta) + if err != nil { + return errwrap.Wrapf("Error Getting ApplicationGateway By ID {{err}}", err) + } + if !exists { + d.SetId("") + log.Printf("[INFO] ApplicationGateway %q not found. Removing from state", d.Get("name").(string)) + return nil + } + + d.Set("name", ApplicationGateway.Name) + d.Set("resource_group_name", id.ResourceGroup) + d.Set("location", ApplicationGateway.Location) + d.Set("sku", schema.NewSet(hashApplicationGatewaySku, flattenApplicationGatewaySku(ApplicationGateway.ApplicationGatewayPropertiesFormat.Sku))) + d.Set("disabled_ssl_protocols", flattenApplicationGatewaySslPolicy(ApplicationGateway.ApplicationGatewayPropertiesFormat.SslPolicy)) + d.Set("gateway_ip_configuration", flattenApplicationGatewayIPConfigurations(ApplicationGateway.ApplicationGatewayPropertiesFormat.GatewayIPConfigurations)) + d.Set("frontend_port", flattenApplicationGatewayFrontendPorts(ApplicationGateway.ApplicationGatewayPropertiesFormat.FrontendPorts)) + d.Set("frontend_ip_configuration", flattenApplicationGatewayFrontendIPConfigurations(ApplicationGateway.ApplicationGatewayPropertiesFormat.FrontendIPConfigurations)) + d.Set("backend_address_pool", flattenApplicationGatewayBackendAddressPools(ApplicationGateway.ApplicationGatewayPropertiesFormat.BackendAddressPools)) + d.Set("backend_http_settings", flattenApplicationGatewayBackendHTTPSettings(ApplicationGateway.ApplicationGatewayPropertiesFormat.BackendHTTPSettingsCollection)) + d.Set("http_listener", flattenApplicationGatewayHTTPListeners(ApplicationGateway.ApplicationGatewayPropertiesFormat.HTTPListeners)) + d.Set("probe", flattenApplicationGatewayProbes(ApplicationGateway.ApplicationGatewayPropertiesFormat.Probes)) + d.Set("request_routing_rule", flattenApplicationGatewayRequestRoutingRules(ApplicationGateway.ApplicationGatewayPropertiesFormat.RequestRoutingRules)) + d.Set("url_path_map", flattenApplicationGatewayURLPathMaps(ApplicationGateway.ApplicationGatewayPropertiesFormat.URLPathMaps)) + d.Set("authentication_certificate", schema.NewSet(hashApplicationGatewayAuthenticationCertificates, flattenApplicationGatewayAuthenticationCertificates(ApplicationGateway.ApplicationGatewayPropertiesFormat.AuthenticationCertificates))) + d.Set("ssl_certificate", schema.NewSet(hashApplicationGatewaySslCertificates, flattenApplicationGatewaySslCertificates(ApplicationGateway.ApplicationGatewayPropertiesFormat.SslCertificates))) + + if ApplicationGateway.ApplicationGatewayPropertiesFormat.WebApplicationFirewallConfiguration != nil { + d.Set("waf_configuration", schema.NewSet(hashApplicationGatewayWafConfig, + flattenApplicationGatewayWafConfig(ApplicationGateway.ApplicationGatewayPropertiesFormat.WebApplicationFirewallConfiguration))) + } + + flattenAndSetTags(d, ApplicationGateway.Tags) + + return nil +} + +func resourceArmApplicationGatewayDelete(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).applicationGatewayClient + + id, err := parseAzureResourceID(d.Id()) + if err != nil { + return errwrap.Wrapf("Error Parsing Azure Resource ID {{err}}", err) + } + resGroup := id.ResourceGroup + name := id.Path["applicationGateways"] + + _, errChan := client.Delete(resGroup, name, make(chan struct{})) + err = <-errChan + if err != nil { + return errwrap.Wrapf("Error Deleting ApplicationGateway {{err}}", err) + } + + d.SetId("") + return nil +} + +func ApplicationGatewayResGroupAndNameFromID(ApplicationGatewayID string) (string, string, error) { + id, err := parseAzureResourceID(ApplicationGatewayID) + if err != nil { + return "", "", err + } + name := id.Path["applicationGateways"] + resGroup := id.ResourceGroup + + return resGroup, name, nil +} + +func retrieveApplicationGatewayById(ApplicationGatewayID string, meta interface{}) (*network.ApplicationGateway, bool, error) { + client := meta.(*ArmClient).applicationGatewayClient + + resGroup, name, err := ApplicationGatewayResGroupAndNameFromID(ApplicationGatewayID) + if err != nil { + return nil, false, errwrap.Wrapf("Error Getting ApplicationGateway Name and Group: {{err}}", err) + } + + resp, err := client.Get(resGroup, name) + if err != nil { + if resp.StatusCode == http.StatusNotFound { + return nil, false, nil + } + return nil, false, fmt.Errorf("Error making Read request on Azure ApplicationGateway %s: %s", name, err) + } + + return &resp, true, nil +} + +func ApplicationGatewayStateRefreshFunc(client *ArmClient, resourceGroupName string, name string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + res, err := client.applicationGatewayClient.Get(resourceGroupName, name) + if err != nil { + return nil, "", fmt.Errorf( + "Error issuing read request in ApplicationGatewayStateRefreshFunc to Azure ARM for ApplicationGateway '%s' (RG: '%s'): %s", + name, resourceGroupName, err) + } + + return res, *res.ApplicationGatewayPropertiesFormat.ProvisioningState, nil + } +} + +func expandApplicationGatewaySku(d *schema.ResourceData) *network.ApplicationGatewaySku { + skuSet := d.Get("sku").(*schema.Set).List() + sku := skuSet[0].(map[string]interface{}) + + name := sku["name"].(string) + tier := sku["tier"].(string) + capacity := int32(sku["capacity"].(int)) + + return &network.ApplicationGatewaySku{ + Name: network.ApplicationGatewaySkuName(name), + Tier: network.ApplicationGatewayTier(tier), + Capacity: &capacity, + } +} + +func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.ApplicationGatewayWebApplicationFirewallConfiguration { + wafSet := d.Get("waf_configuration").(*schema.Set).List() + waf := wafSet[0].(map[string]interface{}) + + enabled := waf["enabled"].(bool) + mode := waf["firewall_mode"].(string) + + return &network.ApplicationGatewayWebApplicationFirewallConfiguration{ + Enabled: &enabled, + FirewallMode: network.ApplicationGatewayFirewallMode(mode), + } +} + +func expandApplicationGatewaySslPolicy(d *schema.ResourceData) *network.ApplicationGatewaySslPolicy { + disabledProtoList := d.Get("disabled_ssl_protocols").([]interface{}) + disabled := []network.ApplicationGatewaySslProtocol{} + + for _, proto := range disabledProtoList { + disabled = append(disabled, network.ApplicationGatewaySslProtocol(proto.(string))) + } + + return &network.ApplicationGatewaySslPolicy{ + DisabledSslProtocols: &disabled, + } +} + +func expandApplicationGatewayIPConfigurations(d *schema.ResourceData) *[]network.ApplicationGatewayIPConfiguration { + configs := d.Get("gateway_ip_configuration").([]interface{}) + ipConfigurations := make([]network.ApplicationGatewayIPConfiguration, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + name := data["name"].(string) + subnetID := data["subnet_id"].(string) + + ipConfig := network.ApplicationGatewayIPConfiguration{ + Name: &name, + ApplicationGatewayIPConfigurationPropertiesFormat: &network.ApplicationGatewayIPConfigurationPropertiesFormat{ + Subnet: &network.SubResource{ + ID: &subnetID, + }, + }, + } + ipConfigurations = append(ipConfigurations, ipConfig) + } + + return &ipConfigurations +} + +func expandApplicationGatewayFrontendPorts(d *schema.ResourceData) *[]network.ApplicationGatewayFrontendPort { + configs := d.Get("frontend_port").([]interface{}) + frontendPorts := make([]network.ApplicationGatewayFrontendPort, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + name := data["name"].(string) + port := int32(data["port"].(int)) + + portConfig := network.ApplicationGatewayFrontendPort{ + Name: &name, + ApplicationGatewayFrontendPortPropertiesFormat: &network.ApplicationGatewayFrontendPortPropertiesFormat{ + Port: &port, + }, + } + frontendPorts = append(frontendPorts, portConfig) + } + + return &frontendPorts +} + +func expandApplicationGatewayFrontendIPConfigurations(d *schema.ResourceData) *[]network.ApplicationGatewayFrontendIPConfiguration { + configs := d.Get("frontend_ip_configuration").([]interface{}) + frontEndConfigs := make([]network.ApplicationGatewayFrontendIPConfiguration, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + properties := network.ApplicationGatewayFrontendIPConfigurationPropertiesFormat{} + + if v := data["subnet_id"].(string); v != "" { + properties.Subnet = &network.SubResource{ + ID: &v, + } + } + + if v := data["private_ip_address_allocation"].(string); v != "" { + properties.PrivateIPAllocationMethod = network.IPAllocationMethod(v) + } + + if v := data["private_ip_address"].(string); v != "" { + properties.PrivateIPAddress = &v + } + + if v := data["public_ip_address_id"].(string); v != "" { + properties.PublicIPAddress = &network.SubResource{ + ID: &v, + } + } + + name := data["name"].(string) + frontEndConfig := network.ApplicationGatewayFrontendIPConfiguration{ + Name: &name, + ApplicationGatewayFrontendIPConfigurationPropertiesFormat: &properties, + } + + frontEndConfigs = append(frontEndConfigs, frontEndConfig) + } + + return &frontEndConfigs +} + +func expandApplicationGatewayBackendAddressPools(d *schema.ResourceData) *[]network.ApplicationGatewayBackendAddressPool { + configs := d.Get("backend_address_pool").([]interface{}) + backendPools := make([]network.ApplicationGatewayBackendAddressPool, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + backendAddresses := []network.ApplicationGatewayBackendAddress{} + + for _, rawIP := range data["ip_address_list"].([]interface{}) { + ip := rawIP.(string) + backendAddresses = append(backendAddresses, network.ApplicationGatewayBackendAddress{IPAddress: &ip}) + } + + for _, rawFQDN := range data["fqdn_list"].([]interface{}) { + fqdn := rawFQDN.(string) + backendAddresses = append(backendAddresses, network.ApplicationGatewayBackendAddress{Fqdn: &fqdn}) + } + + name := data["name"].(string) + pool := network.ApplicationGatewayBackendAddressPool{ + Name: &name, + ApplicationGatewayBackendAddressPoolPropertiesFormat: &network.ApplicationGatewayBackendAddressPoolPropertiesFormat{ + BackendAddresses: &backendAddresses, + }, + } + + backendPools = append(backendPools, pool) + } + + return &backendPools +} + +func expandApplicationGatewayBackendHTTPSettings(d *schema.ResourceData, gatewayID string) *[]network.ApplicationGatewayBackendHTTPSettings { + configs := d.Get("backend_http_settings").([]interface{}) + backendSettings := make([]network.ApplicationGatewayBackendHTTPSettings, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + name := data["name"].(string) + port := int32(data["port"].(int)) + protocol := data["protocol"].(string) + cookieBasedAffinity := data["cookie_based_affinity"].(string) + requestTimeout := int32(data["request_timeout"].(int)) + + setting := network.ApplicationGatewayBackendHTTPSettings{ + Name: &name, + ApplicationGatewayBackendHTTPSettingsPropertiesFormat: &network.ApplicationGatewayBackendHTTPSettingsPropertiesFormat{ + Port: &port, + Protocol: network.ApplicationGatewayProtocol(protocol), + CookieBasedAffinity: network.ApplicationGatewayCookieBasedAffinity(cookieBasedAffinity), + RequestTimeout: &requestTimeout, + }, + } + + if data["authentication_certificate"] != nil { + authCerts := data["authentication_certificate"].([]interface{}) + authCertSubResources := make([]network.SubResource, 0, len(authCerts)) + + for _, rawAuthCert := range authCerts { + authCert := rawAuthCert.(map[string]interface{}) + authCertID := fmt.Sprintf("%s/authenticationCertificates/%s", gatewayID, authCert["name"]) + authCertSubResource := network.SubResource{ + ID: &authCertID, + } + + authCertSubResources = append(authCertSubResources, authCertSubResource) + } + + setting.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.AuthenticationCertificates = &authCertSubResources + } + + probeName := data["probe_name"].(string) + if probeName != "" { + probeID := fmt.Sprintf("%s/probes/%s", gatewayID, probeName) + setting.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Probe = &network.SubResource{ + ID: &probeID, + } + } + + backendSettings = append(backendSettings, setting) + } + + return &backendSettings +} + +func expandApplicationGatewayHTTPListeners(d *schema.ResourceData, gatewayID string) *[]network.ApplicationGatewayHTTPListener { + configs := d.Get("http_listener").([]interface{}) + httpListeners := make([]network.ApplicationGatewayHTTPListener, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + name := data["name"].(string) + frontendIPConfigName := data["frontend_ip_configuration_name"].(string) + frontendIPConfigID := fmt.Sprintf("%s/frontendIPConfigurations/%s", gatewayID, frontendIPConfigName) + frontendPortName := data["frontend_port_name"].(string) + frontendPortID := fmt.Sprintf("%s/frontendPorts/%s", gatewayID, frontendPortName) + protocol := data["protocol"].(string) + + listener := network.ApplicationGatewayHTTPListener{ + Name: &name, + ApplicationGatewayHTTPListenerPropertiesFormat: &network.ApplicationGatewayHTTPListenerPropertiesFormat{ + FrontendIPConfiguration: &network.SubResource{ + ID: &frontendIPConfigID, + }, + FrontendPort: &network.SubResource{ + ID: &frontendPortID, + }, + Protocol: network.ApplicationGatewayProtocol(protocol), + }, + } + + if host := data["host_name"].(string); host != "" { + listener.ApplicationGatewayHTTPListenerPropertiesFormat.HostName = &host + } + + if sslCertName := data["ssl_certificate_name"].(string); sslCertName != "" { + certID := fmt.Sprintf("%s/sslCertificates/%s", gatewayID, sslCertName) + listener.ApplicationGatewayHTTPListenerPropertiesFormat.SslCertificate = &network.SubResource{ + ID: &certID, + } + } + + if requireSNI, ok := data["require_sni"].(bool); ok { + listener.ApplicationGatewayHTTPListenerPropertiesFormat.RequireServerNameIndication = &requireSNI + } + + httpListeners = append(httpListeners, listener) + } + + return &httpListeners +} + +func expandApplicationGatewayProbes(d *schema.ResourceData) *[]network.ApplicationGatewayProbe { + configs := d.Get("probe").([]interface{}) + backendSettings := make([]network.ApplicationGatewayProbe, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + name := data["name"].(string) + protocol := data["protocol"].(string) + probePath := data["path"].(string) + host := data["host"].(string) + interval := int32(data["interval"].(int)) + timeout := int32(data["timeout"].(int)) + unhealthyThreshold := int32(data["unhealthy_threshold"].(int)) + + setting := network.ApplicationGatewayProbe{ + Name: &name, + ApplicationGatewayProbePropertiesFormat: &network.ApplicationGatewayProbePropertiesFormat{ + Protocol: network.ApplicationGatewayProtocol(protocol), + Path: &probePath, + Host: &host, + Interval: &interval, + Timeout: &timeout, + UnhealthyThreshold: &unhealthyThreshold, + }, + } + + backendSettings = append(backendSettings, setting) + } + + return &backendSettings +} + +func expandApplicationGatewayRequestRoutingRules(d *schema.ResourceData, gatewayID string) *[]network.ApplicationGatewayRequestRoutingRule { + configs := d.Get("request_routing_rule").([]interface{}) + rules := make([]network.ApplicationGatewayRequestRoutingRule, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + name := data["name"].(string) + ruleType := data["rule_type"].(string) + httpListenerName := data["http_listener_name"].(string) + httpListenerID := fmt.Sprintf("%s/httpListeners/%s", gatewayID, httpListenerName) + + rule := network.ApplicationGatewayRequestRoutingRule{ + Name: &name, + ApplicationGatewayRequestRoutingRulePropertiesFormat: &network.ApplicationGatewayRequestRoutingRulePropertiesFormat{ + RuleType: network.ApplicationGatewayRequestRoutingRuleType(ruleType), + HTTPListener: &network.SubResource{ + ID: &httpListenerID, + }, + }, + } + + if backendAddressPoolName := data["backend_address_pool_name"].(string); backendAddressPoolName != "" { + backendAddressPoolID := fmt.Sprintf("%s/backendAddressPools/%s", gatewayID, backendAddressPoolName) + rule.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendAddressPool = &network.SubResource{ + ID: &backendAddressPoolID, + } + } + + if backendHTTPSettingsName := data["backend_http_settings_name"].(string); backendHTTPSettingsName != "" { + backendHTTPSettingsID := fmt.Sprintf("%s/backendHttpSettingsCollection/%s", gatewayID, backendHTTPSettingsName) + rule.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendHTTPSettings = &network.SubResource{ + ID: &backendHTTPSettingsID, + } + } + + if urlPathMapName := data["url_path_map_name"].(string); urlPathMapName != "" { + urlPathMapID := fmt.Sprintf("%s/urlPathMaps/%s", gatewayID, urlPathMapName) + rule.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap = &network.SubResource{ + ID: &urlPathMapID, + } + } + + rules = append(rules, rule) + } + + return &rules +} + +func expandApplicationGatewayURLPathMaps(d *schema.ResourceData, gatewayID string) *[]network.ApplicationGatewayURLPathMap { + configs := d.Get("url_path_map").([]interface{}) + pathMaps := make([]network.ApplicationGatewayURLPathMap, 0, len(configs)) + + for _, configRaw := range configs { + data := configRaw.(map[string]interface{}) + + name := data["name"].(string) + defaultBackendAddressPoolName := data["default_backend_address_pool_name"].(string) + defaultBackendAddressPoolID := fmt.Sprintf("%s/backendAddressPools/%s", gatewayID, defaultBackendAddressPoolName) + defaultBackendHTTPSettingsName := data["default_backend_http_settings_name"].(string) + defaultBackendHTTPSettingsID := fmt.Sprintf("%s/backendHttpSettingsCollection/%s", gatewayID, defaultBackendHTTPSettingsName) + + pathRules := []network.ApplicationGatewayPathRule{} + for _, ruleConfig := range data["path_rule"].([]interface{}) { + ruleConfigMap := ruleConfig.(map[string]interface{}) + + ruleName := ruleConfigMap["name"].(string) + + rulePaths := []string{} + for _, rulePath := range ruleConfigMap["paths"].([]interface{}) { + rulePaths = append(rulePaths, rulePath.(string)) + } + + rule := network.ApplicationGatewayPathRule{ + Name: &ruleName, + ApplicationGatewayPathRulePropertiesFormat: &network.ApplicationGatewayPathRulePropertiesFormat{ + Paths: &rulePaths, + }, + } + + if backendAddressPoolName := ruleConfigMap["backend_address_pool_name"].(string); backendAddressPoolName != "" { + backendAddressPoolID := fmt.Sprintf("%s/backendAddressPools/%s", gatewayID, backendAddressPoolName) + rule.ApplicationGatewayPathRulePropertiesFormat.BackendAddressPool = &network.SubResource{ + ID: &backendAddressPoolID, + } + } + + if backendHTTPSettingsName := ruleConfigMap["backend_http_settings_name"].(string); backendHTTPSettingsName != "" { + backendHTTPSettingsID := fmt.Sprintf("%s/backendHttpSettingsCollection/%s", gatewayID, backendHTTPSettingsName) + rule.ApplicationGatewayPathRulePropertiesFormat.BackendHTTPSettings = &network.SubResource{ + ID: &backendHTTPSettingsID, + } + } + + pathRules = append(pathRules, rule) + } + + pathMap := network.ApplicationGatewayURLPathMap{ + Name: &name, + ApplicationGatewayURLPathMapPropertiesFormat: &network.ApplicationGatewayURLPathMapPropertiesFormat{ + DefaultBackendAddressPool: &network.SubResource{ + ID: &defaultBackendAddressPoolID, + }, + DefaultBackendHTTPSettings: &network.SubResource{ + ID: &defaultBackendHTTPSettingsID, + }, + PathRules: &pathRules, + }, + } + + pathMaps = append(pathMaps, pathMap) + } + + return &pathMaps +} + +func expandApplicationGatewayAuthenticationCertificates(d *schema.ResourceData) *[]network.ApplicationGatewayAuthenticationCertificate { + configs := d.Get("authentication_certificate").([]interface{}) + authCerts := make([]network.ApplicationGatewayAuthenticationCertificate, 0, len(configs)) + + for _, configRaw := range configs { + raw := configRaw.(map[string]interface{}) + + name := raw["name"].(string) + data := raw["data"].(string) + + // data must be base64 encoded + data = base64.StdEncoding.EncodeToString([]byte(data)) + + cert := network.ApplicationGatewayAuthenticationCertificate{ + Name: &name, + ApplicationGatewayAuthenticationCertificatePropertiesFormat: &network.ApplicationGatewayAuthenticationCertificatePropertiesFormat{ + Data: &data, + }, + } + + authCerts = append(authCerts, cert) + } + + return &authCerts +} + +func expandApplicationGatewaySslCertificates(d *schema.ResourceData) *[]network.ApplicationGatewaySslCertificate { + configs := d.Get("ssl_certificate").([]interface{}) + sslCerts := make([]network.ApplicationGatewaySslCertificate, 0, len(configs)) + + for _, configRaw := range configs { + raw := configRaw.(map[string]interface{}) + + name := raw["name"].(string) + data := raw["data"].(string) + password := raw["password"].(string) + + // data must be base64 encoded + data = base64.StdEncoding.EncodeToString([]byte(data)) + + cert := network.ApplicationGatewaySslCertificate{ + Name: &name, + ApplicationGatewaySslCertificatePropertiesFormat: &network.ApplicationGatewaySslCertificatePropertiesFormat{ + Data: &data, + Password: &password, + }, + } + + sslCerts = append(sslCerts, cert) + } + + return &sslCerts +} + +func flattenApplicationGatewaySku(sku *network.ApplicationGatewaySku) []interface{} { + result := make(map[string]interface{}) + + result["name"] = string(sku.Name) + result["tier"] = string(sku.Tier) + result["capacity"] = int(*sku.Capacity) + + return []interface{}{result} +} + +func flattenApplicationGatewayWafConfig(waf *network.ApplicationGatewayWebApplicationFirewallConfiguration) []interface{} { + result := make(map[string]interface{}) + + result["enabled"] = *waf.Enabled + result["firewall_mode"] = string(waf.FirewallMode) + + return []interface{}{result} +} + +func flattenApplicationGatewaySslPolicy(policy *network.ApplicationGatewaySslPolicy) []interface{} { + result := make([]interface{}, 0, len(*policy.DisabledSslProtocols)) + + for _, proto := range *policy.DisabledSslProtocols { + result = append(result, string(proto)) + } + + return result +} + +func flattenApplicationGatewayIPConfigurations(ipConfigs *[]network.ApplicationGatewayIPConfiguration) []interface{} { + result := make([]interface{}, 0, len(*ipConfigs)) + + for _, config := range *ipConfigs { + ipConfig := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + "subnet_id": *config.ApplicationGatewayIPConfigurationPropertiesFormat.Subnet.ID, + } + + result = append(result, ipConfig) + } + + return result +} + +func flattenApplicationGatewayFrontendPorts(portConfigs *[]network.ApplicationGatewayFrontendPort) []interface{} { + result := make([]interface{}, 0, len(*portConfigs)) + + for _, config := range *portConfigs { + port := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + "port": int(*config.ApplicationGatewayFrontendPortPropertiesFormat.Port), + } + + result = append(result, port) + } + + return result +} + +func flattenApplicationGatewayFrontendIPConfigurations(ipConfigs *[]network.ApplicationGatewayFrontendIPConfiguration) []interface{} { + result := make([]interface{}, 0, len(*ipConfigs)) + for _, config := range *ipConfigs { + ipConfig := make(map[string]interface{}) + ipConfig["id"] = *config.ID + ipConfig["name"] = *config.Name + + if config.ApplicationGatewayFrontendIPConfigurationPropertiesFormat.PrivateIPAllocationMethod != "" { + ipConfig["private_ip_address_allocation"] = config.ApplicationGatewayFrontendIPConfigurationPropertiesFormat.PrivateIPAllocationMethod + } + + if config.ApplicationGatewayFrontendIPConfigurationPropertiesFormat.Subnet != nil { + ipConfig["subnet_id"] = *config.ApplicationGatewayFrontendIPConfigurationPropertiesFormat.Subnet.ID + } + + if config.ApplicationGatewayFrontendIPConfigurationPropertiesFormat.PrivateIPAddress != nil { + ipConfig["private_ip_address"] = *config.ApplicationGatewayFrontendIPConfigurationPropertiesFormat.PrivateIPAddress + } + + if config.ApplicationGatewayFrontendIPConfigurationPropertiesFormat.PublicIPAddress != nil { + ipConfig["public_ip_address_id"] = *config.ApplicationGatewayFrontendIPConfigurationPropertiesFormat.PublicIPAddress.ID + } + + result = append(result, ipConfig) + } + return result +} + +func flattenApplicationGatewayBackendAddressPools(poolConfigs *[]network.ApplicationGatewayBackendAddressPool) []interface{} { + result := make([]interface{}, 0, len(*poolConfigs)) + + for _, config := range *poolConfigs { + ipAddressList := []interface{}{} + fqdnList := []interface{}{} + for _, address := range *config.ApplicationGatewayBackendAddressPoolPropertiesFormat.BackendAddresses { + if address.IPAddress != nil { + ipAddressList = append(ipAddressList, *address.IPAddress) + } else if address.Fqdn != nil { + fqdnList = append(fqdnList, *address.Fqdn) + } + } + + pool := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + "ip_address_list": ipAddressList, + "fqdn_list": fqdnList, + } + + result = append(result, pool) + } + + return result +} + +func flattenApplicationGatewayBackendHTTPSettings(backendSettings *[]network.ApplicationGatewayBackendHTTPSettings) []interface{} { + result := make([]interface{}, 0, len(*backendSettings)) + + for _, config := range *backendSettings { + settings := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + "port": int(*config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Port), + "protocol": string(config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Protocol), + "cookie_based_affinity": string(config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.CookieBasedAffinity), + "request_timeout": int(*config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.RequestTimeout), + } + + if config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.AuthenticationCertificates != nil { + authCerts := make([]interface{}, 0, len(*config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.AuthenticationCertificates)) + + for _, config := range *config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.AuthenticationCertificates { + authCert := map[string]interface{}{ + "name": path.Base(*config.ID), + "id": *config.ID, + } + + authCerts = append(authCerts, authCert) + } + + settings["authentication_certificate"] = authCerts + } + + if config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Probe != nil { + settings["probe_name"] = path.Base(*config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Probe.ID) + settings["probe_id"] = *config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Probe.ID + } + + result = append(result, settings) + } + + return result +} + +func flattenApplicationGatewayHTTPListeners(httpListeners *[]network.ApplicationGatewayHTTPListener) []interface{} { + result := make([]interface{}, 0, len(*httpListeners)) + + for _, config := range *httpListeners { + listener := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + "frontend_ip_configuration_id": *config.ApplicationGatewayHTTPListenerPropertiesFormat.FrontendIPConfiguration.ID, + "frontend_ip_configuration_name": path.Base(*config.ApplicationGatewayHTTPListenerPropertiesFormat.FrontendIPConfiguration.ID), + "frontend_port_name": path.Base(*config.ApplicationGatewayHTTPListenerPropertiesFormat.FrontendPort.ID), + "frontend_port_id": *config.ApplicationGatewayHTTPListenerPropertiesFormat.FrontendPort.ID, + "protocol": string(config.ApplicationGatewayHTTPListenerPropertiesFormat.Protocol), + } + + if config.ApplicationGatewayHTTPListenerPropertiesFormat.HostName != nil { + listener["host_name"] = *config.ApplicationGatewayHTTPListenerPropertiesFormat.HostName + } + + if config.ApplicationGatewayHTTPListenerPropertiesFormat.SslCertificate != nil { + listener["ssl_certificate_name"] = path.Base(*config.ApplicationGatewayHTTPListenerPropertiesFormat.SslCertificate.ID) + listener["ssl_certificate_id"] = *config.ApplicationGatewayHTTPListenerPropertiesFormat.SslCertificate.ID + } + + if config.ApplicationGatewayHTTPListenerPropertiesFormat.RequireServerNameIndication != nil { + listener["require_sni"] = *config.ApplicationGatewayHTTPListenerPropertiesFormat.RequireServerNameIndication + } + + result = append(result, listener) + } + + return result +} + +func flattenApplicationGatewayProbes(probes *[]network.ApplicationGatewayProbe) []interface{} { + result := make([]interface{}, 0, len(*probes)) + + for _, config := range *probes { + settings := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + "protocol": string(config.ApplicationGatewayProbePropertiesFormat.Protocol), + "path": *config.ApplicationGatewayProbePropertiesFormat.Path, + "host": *config.ApplicationGatewayProbePropertiesFormat.Host, + "interval": int(*config.ApplicationGatewayProbePropertiesFormat.Interval), + "timeout": int(*config.ApplicationGatewayProbePropertiesFormat.Timeout), + "unhealthy_threshold": int(*config.ApplicationGatewayProbePropertiesFormat.UnhealthyThreshold), + } + + result = append(result, settings) + } + + return result +} + +func flattenApplicationGatewayRequestRoutingRules(rules *[]network.ApplicationGatewayRequestRoutingRule) []interface{} { + result := make([]interface{}, 0, len(*rules)) + + for _, config := range *rules { + listener := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + "rule_type": string(config.ApplicationGatewayRequestRoutingRulePropertiesFormat.RuleType), + "http_listener_id": *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.HTTPListener.ID, + "http_listener_name": path.Base(*config.ApplicationGatewayRequestRoutingRulePropertiesFormat.HTTPListener.ID), + } + + if config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendAddressPool != nil { + listener["backend_address_pool_name"] = path.Base(*config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendAddressPool.ID) + listener["backend_address_pool_id"] = *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendAddressPool.ID + } + + if config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendHTTPSettings != nil { + listener["backend_http_settings_name"] = path.Base(*config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendHTTPSettings.ID) + listener["backend_http_settings_id"] = *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendHTTPSettings.ID + } + + if config.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap != nil { + listener["url_path_map_name"] = path.Base(*config.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap.ID) + listener["url_path_map_id"] = *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap.ID + } + + result = append(result, listener) + } + + return result +} + +func flattenApplicationGatewayURLPathMaps(pathMaps *[]network.ApplicationGatewayURLPathMap) []interface{} { + result := make([]interface{}, 0, len(*pathMaps)) + + for _, config := range *pathMaps { + pathMap := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + } + + if config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendAddressPool != nil { + pathMap["default_backend_address_pool_name"] = path.Base(*config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendAddressPool.ID) + pathMap["default_backend_address_pool_id"] = *config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendAddressPool.ID + } + + if config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendHTTPSettings != nil { + pathMap["default_backend_http_settings_name"] = path.Base(*config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendHTTPSettings.ID) + pathMap["default_backend_http_settings_id"] = *config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendHTTPSettings.ID + } + + pathRules := make([]interface{}, 0, len(*config.ApplicationGatewayURLPathMapPropertiesFormat.PathRules)) + for _, pathRuleConfig := range *config.ApplicationGatewayURLPathMapPropertiesFormat.PathRules { + rule := map[string]interface{}{ + "id": *pathRuleConfig.ID, + "name": *pathRuleConfig.Name, + } + + if pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendAddressPool != nil { + rule["backend_address_pool_name"] = path.Base(*pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendAddressPool.ID) + rule["backend_address_pool_id"] = *pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendAddressPool.ID + } + + if pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendHTTPSettings != nil { + rule["backend_http_settings_name"] = path.Base(*pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendHTTPSettings.ID) + rule["backend_http_settings_id"] = *pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendHTTPSettings.ID + } + + paths := make([]interface{}, 0, len(*pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.Paths)) + for _, rulePath := range *pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.Paths { + paths = append(paths, rulePath) + } + rule["paths"] = paths + + pathRules = append(pathRules, rule) + } + pathMap["path_rule"] = pathRules + + result = append(result, pathMap) + } + + return result +} + +func flattenApplicationGatewayAuthenticationCertificates(certs *[]network.ApplicationGatewayAuthenticationCertificate) []interface{} { + result := make([]interface{}, 0, len(*certs)) + + for _, config := range *certs { + certConfig := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + } + + result = append(result, certConfig) + } + + return result +} + +func flattenApplicationGatewaySslCertificates(certs *[]network.ApplicationGatewaySslCertificate) []interface{} { + result := make([]interface{}, 0, len(*certs)) + + for _, config := range *certs { + certConfig := map[string]interface{}{ + "id": *config.ID, + "name": *config.Name, + "public_cert_data": *config.ApplicationGatewaySslCertificatePropertiesFormat.PublicCertData, + } + + result = append(result, certConfig) + } + + return result +} + +func hashApplicationGatewaySku(v interface{}) int { + var buf bytes.Buffer + m := v.(map[string]interface{}) + buf.WriteString(fmt.Sprintf("%s-", m["name"].(string))) + buf.WriteString(fmt.Sprintf("%s-", m["tier"].(string))) + buf.WriteString(fmt.Sprintf("%d-", m["capacity"].(int))) + + return hashcode.String(buf.String()) +} + +func hashApplicationGatewayWafConfig(v interface{}) int { + var buf bytes.Buffer + m := v.(map[string]interface{}) + buf.WriteString(fmt.Sprintf("%t-", m["enabled"].(bool))) + buf.WriteString(fmt.Sprintf("%s-", m["firewall_mode"].(string))) + + return hashcode.String(buf.String()) +} + +func hashApplicationGatewayAuthenticationCertificates(v interface{}) int { + var buf bytes.Buffer + m := v.(map[string]interface{}) + buf.WriteString(fmt.Sprintf("%s-", m["name"].(string))) + + return hashcode.String(buf.String()) +} + +func hashApplicationGatewaySslCertificates(v interface{}) int { + var buf bytes.Buffer + m := v.(map[string]interface{}) + buf.WriteString(fmt.Sprintf("%s-", m["name"].(string))) + buf.WriteString(fmt.Sprintf("%s-", m["public_cert_data"].(string))) + + return hashcode.String(buf.String()) +} diff --git a/azurerm/resource_arm_application_gateway_test.cer b/azurerm/resource_arm_application_gateway_test.cer new file mode 100644 index 000000000000..e4e29b37dc07 --- /dev/null +++ b/azurerm/resource_arm_application_gateway_test.cer @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDbzCCAlegAwIBAgIJAIzjRD36sIbbMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNV +BAYTAlVTMRMwEQYDVQQIDApTb21lLVN0YXRlMRIwEAYDVQQKDAl0ZXJyYWZvcm0x +FTATBgNVBAMMDHRlcnJhZm9ybS5pbzAgFw0xNzA0MjEyMDA1MjdaGA8yMTE3MDMy +ODIwMDUyN1owTTELMAkGA1UEBhMCVVMxEzARBgNVBAgMClNvbWUtU3RhdGUxEjAQ +BgNVBAoMCXRlcnJhZm9ybTEVMBMGA1UEAwwMdGVycmFmb3JtLmlvMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3L9L5szT4+FLykTFNyyPjy/k3BQTYAfR +QzP2dhnsuUKm3cdPC0NyZ+wEXIUGhoDO2YG6EYChOl8fsDqDOjloSUGKqYw++nlp +HIuUgJx8IxxG2XkALCjFU7EmF+w7kn76d0ezpEIYxnLP+KG2DVornoEt1aLhv1ML +mpgEZZPhDbMSLhSYWeTVRMayXLwqtfgnDumQSB+8d/1JuJqrSI4pD12JozVThzb6 +hsjfb6RMX4epPmrGn0PbTPEEA6awmsxBCXB0s13nNQt/O0hLM2agwvAyozilQV+s +616Ckgk6DJoUkqZhDy7vPYMIRSr98fBws6zkrV6tTLjmD8xAvobePQIDAQABo1Aw +TjAdBgNVHQ4EFgQUXIqO421zMMmbcRRX9wctZFCQuPIwHwYDVR0jBBgwFoAUXIqO +421zMMmbcRRX9wctZFCQuPIwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC +AQEAr82NeT3BYJOKLlUL6Om5LjUF66ewcJjG9ltdvyQwVneMcq7t5UAPxgChzqNR +Vk4da8PzkXpjBJyWezHupdJNX3XqeUk2kSxqQ6/gmhqvfI3y7djrwoO6jvMEY26W +qtkTNORWDP3THJJVimC3zV+KMU5UBVrEzhOVhHSU709lBP75o0BBn3xGsPqSq9k8 +IotIFfyAc6a+XP3+ZMpvh7wqAUml7vWa5wlcXExCx39h1balfDSLGNC4swWPCp9A +MnQR0p+vMay9hNP1Eh+9QYUai14d5KS3cFV+KxE1cJR5HD/iLltnnOEbpMsB0eVO +ZWkFvE7Y5lW0oVSAfin5TwTJMQ== +-----END CERTIFICATE----- diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go new file mode 100644 index 000000000000..6d4d7d8cc4d0 --- /dev/null +++ b/azurerm/resource_arm_application_gateway_test.go @@ -0,0 +1,1263 @@ +package azurerm + +import ( + "fmt" + "net/http" + "os" + "testing" + + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccAzureRMApplicationGateway_basic(t *testing.T) { + ri := acctest.RandInt() + + subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") + gwID := fmt.Sprintf( + "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", + subscriptionID, ri, ri) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, + Steps: []resource.TestStep{ + { + Config: TestAccAzureRMApplicationGateway_basic(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), + testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), + resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), + ), + }, + }, + }) +} + +func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { + ri := acctest.RandInt() + + subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") + gwID := fmt.Sprintf( + "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", + subscriptionID, ri, ri) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, + Steps: []resource.TestStep{ + { + Config: TestAccAzureRMApplicationGateway_basic(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), + testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), + resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), + ), + Destroy: false, + }, + { + Config: TestAccAzureRMApplicationGateway_basic_changeSslCert(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), + testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-2"), + resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), + ), + }, + }, + }) +} + +func TestAccAzureRMApplicationGateway_basic_authCert(t *testing.T) { + ri := acctest.RandInt() + + subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") + gwID := fmt.Sprintf( + "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", + subscriptionID, ri, ri) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, + Steps: []resource.TestStep{ + { + Config: TestAccAzureRMApplicationGateway_basic_authCert(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), + testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), + testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned("azurerm_application_gateway.test", "auth-1"), + resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), + ), + }, + }, + }) +} + +func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { + ri := acctest.RandInt() + + subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") + gwID := fmt.Sprintf( + "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", + subscriptionID, ri, ri) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, + Steps: []resource.TestStep{ + { + Config: TestAccAzureRMApplicationGateway_basic_authCert(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), + testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), + testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned("azurerm_application_gateway.test", "auth-1"), + resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), + ), + Destroy: false, + }, + { + Config: TestAccAzureRMApplicationGateway_basic_changeAuthCert(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), + testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), + testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned("azurerm_application_gateway.test", "auth-2"), + resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), + ), + }, + }, + }) +} + +func TestAccAzureRMApplicationGateway_waf(t *testing.T) { + ri := acctest.RandInt() + + subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") + gwID := fmt.Sprintf( + "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", + subscriptionID, ri, ri) + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, + Steps: []resource.TestStep{ + { + Config: TestAccAzureRMApplicationGateway_waf(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), + testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), + resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), + ), + }, + }, + }) +} + +func testCheckAzureRMApplicationGatewayExists(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("Not found: %s", name) + } + + ApplicationGatewayName := rs.Primary.Attributes["name"] + resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] + if !hasResourceGroup { + return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) + } + + conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient + + resp, err := conn.Get(resourceGroup, ApplicationGatewayName) + if err != nil { + if resp.StatusCode == http.StatusNotFound { + return fmt.Errorf("Bad: App Gateway %q (resource group: %q) does not exist", ApplicationGatewayName, resourceGroup) + } + + return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %s", err) + } + + return nil + } +} + +func testCheckAzureRMApplicationGatewaySslCertificateAssigned(name string, certName string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("Not found: %s", name) + } + + ApplicationGatewayName := rs.Primary.Attributes["name"] + resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] + if !hasResourceGroup { + return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) + } + + conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient + + resp, err := conn.Get(resourceGroup, ApplicationGatewayName) + if err != nil { + if resp.StatusCode == http.StatusNotFound { + return fmt.Errorf("Bad: App Gateway %q (resource group: %q) does not exist", ApplicationGatewayName, resourceGroup) + } + + return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %s", err) + } + + var certId *string + + for _, cert := range *resp.SslCertificates { + if *cert.Name == certName { + certId = cert.ID + } + } + + if certId == nil { + return fmt.Errorf("Bad: SSL certificate not found: %s", certName) + } + + for _, listener := range *resp.HTTPListeners { + if listener.SslCertificate != nil && *listener.SslCertificate.ID == *certId { + return nil + } + } + + return fmt.Errorf("Bad: SSL certificate not assigned to a listener: %s", certName) + } +} + +func testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned(name string, certName string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("Not found: %s", name) + } + + ApplicationGatewayName := rs.Primary.Attributes["name"] + resourceGroup, hasResourceGroup := rs.Primary.Attributes["resource_group_name"] + if !hasResourceGroup { + return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) + } + + conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient + + resp, err := conn.Get(resourceGroup, ApplicationGatewayName) + if err != nil { + if resp.StatusCode == http.StatusNotFound { + return fmt.Errorf("Bad: App Gateway %q (resource group: %q) does not exist", ApplicationGatewayName, resourceGroup) + } + + return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %s", err) + } + + var certId *string + + for _, cert := range *resp.AuthenticationCertificates { + if *cert.Name == certName { + certId = cert.ID + } + } + + if certId == nil { + return fmt.Errorf("Bad: Authentication certificate not found: %s", certName) + } + + for _, backendHttpSettings := range *resp.BackendHTTPSettingsCollection { + if backendHttpSettings.AuthenticationCertificates != nil { + for _, authCert := range *backendHttpSettings.AuthenticationCertificates { + if *authCert.ID == *certId { + return nil + } + } + } + } + + return fmt.Errorf("Bad: Authentication certificate not assigned: %s", certName) + } +} + +func testCheckAzureRMApplicationGatewayDestroy(s *terraform.State) error { + conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient + + for _, rs := range s.RootModule().Resources { + if rs.Type != "azurerm_application_gateway" { + continue + } + + name := rs.Primary.Attributes["name"] + resourceGroup := rs.Primary.Attributes["resource_group_name"] + + resp, err := conn.Get(resourceGroup, name) + + if err != nil { + return nil + } + + if resp.StatusCode != http.StatusNotFound { + return fmt.Errorf("App Gateway still exists:\n%#v", resp.ApplicationGatewayPropertiesFormat) + } + } + + return nil +} + +func TestAccAzureRMApplicationGateway_basic(rInt int) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestrg-%d" + location = "West US 2" +} + +resource "azurerm_virtual_network" "test" { + name = "vnet" + resource_group_name = "${azurerm_resource_group.test.name}" + address_space = ["10.254.0.0/16"] + location = "${azurerm_resource_group.test.location}" +} + +resource "azurerm_subnet" "test" { + name = "subnet" + resource_group_name = "${azurerm_resource_group.test.name}" + virtual_network_name = "${azurerm_virtual_network.test.name}" + address_prefix = "10.254.0.0/24" +} + +resource "azurerm_public_ip" "test" { + name = "public-ip" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + public_ip_address_allocation = "dynamic" +} + +resource "azurerm_application_gateway" "test" { + name = "acctestgw-%d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + sku { + name = "Standard_Medium" + tier = "Standard" + capacity = 1 + } + + disabled_ssl_protocols = [ + "TLSv1_0", + ] + + gateway_ip_configuration { + # id = computed + name = "gw-ip-config1" + subnet_id = "${azurerm_subnet.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-public" + public_ip_address_id = "${azurerm_public_ip.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-private" + subnet_id = "${azurerm_subnet.test.id}" + + # private_ip_address = computed + private_ip_address_allocation = "Dynamic" + } + + frontend_port { + # id = computed + name = "port-8080" + port = 8080 + } + + backend_address_pool { + # id = computed + name = "pool-1" + + fqdn_list = [ + "terraform.io", + ] + } + + backend_http_settings { + # id = computed + name = "backend-http-1" + port = 8010 + protocol = "Https" + cookie_based_affinity = "Enabled" + request_timeout = 30 + + # probe_id = computed + probe_name = "probe-1" + } + + http_listener { + # id = computed + name = "listener-1" + + # frontend_ip_configuration_id = computed + frontend_ip_configuration_name = "ip-config-public" + + # frontend_ip_port_id = computed + frontend_port_name = "port-8080" + protocol = "Http" + } + + http_listener { + name = "listener-2" + frontend_ip_configuration_name = "ip-config-public" + frontend_port_name = "port-8080" + protocol = "Https" + + # ssl_certificate_id = computed + ssl_certificate_name = "ssl-1" + host_name = "terraform.io" + require_sni = true + } + + probe { + # id = computed + name = "probe-1" + protocol = "Https" + path = "/test" + host = "azure.com" + timeout = 120 + interval = 300 + unhealthy_threshold = 8 + } + + url_path_map { + # id = computed + name = "path-map-1" + default_backend_address_pool_name = "pool-1" + default_backend_http_settings_name = "backend-http-1" + + path_rule { + # id = computed + name = "path-rule-1" + backend_address_pool_name = "pool-1" + backend_http_settings_name = "backend-http-1" + + paths = [ + "/test", + ] + } + } + + request_routing_rule { + # id = computed + name = "rule-basic-1" + rule_type = "Basic" + + # http_listener_id = computed + http_listener_name = "listener-1" + + # backend_address_pool_id = computed + backend_address_pool_name = "pool-1" + + # backend_http_settings_id = computed + backend_http_settings_name = "backend-http-1" + } + + request_routing_rule { + # id = computed + name = "rule-path-1" + rule_type = "PathBasedRouting" + url_path_map_name = "path-map-1" + + # http_listener_id = computed + http_listener_name = "listener-2" + } + + ssl_certificate { + # id = computed + name = "ssl-1" + data = "${file("resource_arm_app_gateway_test.pfx")}" + password = "terraform" + } + + tags { + environment = "tf01" + } +} +`, rInt, rInt) +} + +func TestAccAzureRMApplicationGateway_basic_changeSslCert(rInt int) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestrg-%d" + location = "West US 2" +} + +resource "azurerm_virtual_network" "test" { + name = "vnet" + resource_group_name = "${azurerm_resource_group.test.name}" + address_space = ["10.254.0.0/16"] + location = "${azurerm_resource_group.test.location}" +} + +resource "azurerm_subnet" "test" { + name = "subnet" + resource_group_name = "${azurerm_resource_group.test.name}" + virtual_network_name = "${azurerm_virtual_network.test.name}" + address_prefix = "10.254.0.0/24" +} + +resource "azurerm_public_ip" "test" { + name = "public-ip" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + public_ip_address_allocation = "dynamic" +} + +resource "azurerm_application_gateway" "test" { + name = "acctestgw-%d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + sku { + name = "Standard_Medium" + tier = "Standard" + capacity = 1 + } + + disabled_ssl_protocols = [ + "TLSv1_0", + ] + + gateway_ip_configuration { + # id = computed + name = "gw-ip-config1" + subnet_id = "${azurerm_subnet.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-public" + public_ip_address_id = "${azurerm_public_ip.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-private" + subnet_id = "${azurerm_subnet.test.id}" + + # private_ip_address = computed + private_ip_address_allocation = "Dynamic" + } + + frontend_port { + # id = computed + name = "port-8080" + port = 8080 + } + + backend_address_pool { + # id = computed + name = "pool-1" + + fqdn_list = [ + "terraform.io", + ] + } + + backend_http_settings { + # id = computed + name = "backend-http-1" + port = 8010 + protocol = "Https" + cookie_based_affinity = "Enabled" + request_timeout = 30 + + # probe_id = computed + probe_name = "probe-1" + } + + http_listener { + # id = computed + name = "listener-1" + + # frontend_ip_configuration_id = computed + frontend_ip_configuration_name = "ip-config-public" + + # frontend_ip_port_id = computed + frontend_port_name = "port-8080" + protocol = "Http" + } + + http_listener { + name = "listener-2" + frontend_ip_configuration_name = "ip-config-public" + frontend_port_name = "port-8080" + protocol = "Https" + + # ssl_certificate_id = computed + ssl_certificate_name = "ssl-2" + host_name = "terraform.io" + require_sni = true + } + + probe { + # id = computed + name = "probe-1" + protocol = "Https" + path = "/test" + host = "azure.com" + timeout = 120 + interval = 300 + unhealthy_threshold = 8 + } + + url_path_map { + # id = computed + name = "path-map-1" + default_backend_address_pool_name = "pool-1" + default_backend_http_settings_name = "backend-http-1" + + path_rule { + # id = computed + name = "path-rule-1" + backend_address_pool_name = "pool-1" + backend_http_settings_name = "backend-http-1" + + paths = [ + "/test", + ] + } + } + + request_routing_rule { + # id = computed + name = "rule-basic-1" + rule_type = "Basic" + + # http_listener_id = computed + http_listener_name = "listener-1" + + # backend_address_pool_id = computed + backend_address_pool_name = "pool-1" + + # backend_http_settings_id = computed + backend_http_settings_name = "backend-http-1" + } + + request_routing_rule { + # id = computed + name = "rule-path-1" + rule_type = "PathBasedRouting" + url_path_map_name = "path-map-1" + + # http_listener_id = computed + http_listener_name = "listener-2" + } + + ssl_certificate { + # id = computed + name = "ssl-2" + data = "${file("resource_arm_app_gateway_test.pfx")}" + password = "terraform" + } + + tags { + environment = "tf01" + } +} +`, rInt, rInt) +} + +func TestAccAzureRMApplicationGateway_basic_authCert(rInt int) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestrg-%d" + location = "West US 2" +} + +resource "azurerm_virtual_network" "test" { + name = "vnet" + resource_group_name = "${azurerm_resource_group.test.name}" + address_space = ["10.254.0.0/16"] + location = "${azurerm_resource_group.test.location}" +} + +resource "azurerm_subnet" "test" { + name = "subnet" + resource_group_name = "${azurerm_resource_group.test.name}" + virtual_network_name = "${azurerm_virtual_network.test.name}" + address_prefix = "10.254.0.0/24" +} + +resource "azurerm_public_ip" "test" { + name = "public-ip" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + public_ip_address_allocation = "dynamic" +} + +resource "azurerm_application_gateway" "test" { + name = "acctestgw-%d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + sku { + name = "Standard_Medium" + tier = "Standard" + capacity = 1 + } + + disabled_ssl_protocols = [ + "TLSv1_0", + ] + + gateway_ip_configuration { + # id = computed + name = "gw-ip-config1" + subnet_id = "${azurerm_subnet.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-public" + public_ip_address_id = "${azurerm_public_ip.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-private" + subnet_id = "${azurerm_subnet.test.id}" + + # private_ip_address = computed + private_ip_address_allocation = "Dynamic" + } + + frontend_port { + # id = computed + name = "port-8080" + port = 8080 + } + + backend_address_pool { + # id = computed + name = "pool-1" + + fqdn_list = [ + "terraform.io", + ] + } + + backend_http_settings { + # id = computed + name = "backend-http-1" + port = 8010 + protocol = "Http" + cookie_based_affinity = "Enabled" + request_timeout = 30 + } + + backend_http_settings { + # id = computed + name = "backend-http-2" + port = 8011 + protocol = "Https" + cookie_based_affinity = "Enabled" + request_timeout = 30 + + authentication_certificate { + name = "auth-1" + } + + # probe_id = computed + probe_name = "probe-1" + } + + http_listener { + # id = computed + name = "listener-1" + + # frontend_ip_configuration_id = computed + frontend_ip_configuration_name = "ip-config-public" + + # frontend_ip_port_id = computed + frontend_port_name = "port-8080" + protocol = "Http" + } + + http_listener { + name = "listener-2" + frontend_ip_configuration_name = "ip-config-public" + frontend_port_name = "port-8080" + protocol = "Https" + + # ssl_certificate_id = computed + ssl_certificate_name = "ssl-1" + host_name = "terraform.io" + require_sni = true + } + + probe { + # id = computed + name = "probe-1" + protocol = "Https" + path = "/test" + host = "azure.com" + timeout = 120 + interval = 300 + unhealthy_threshold = 8 + } + + url_path_map { + # id = computed + name = "path-map-1" + default_backend_address_pool_name = "pool-1" + default_backend_http_settings_name = "backend-http-1" + + path_rule { + # id = computed + name = "path-rule-1" + backend_address_pool_name = "pool-1" + backend_http_settings_name = "backend-http-1" + + paths = [ + "/test", + ] + } + } + + request_routing_rule { + # id = computed + name = "rule-basic-1" + rule_type = "Basic" + + # http_listener_id = computed + http_listener_name = "listener-1" + + # backend_address_pool_id = computed + backend_address_pool_name = "pool-1" + + # backend_http_settings_id = computed + backend_http_settings_name = "backend-http-1" + } + + request_routing_rule { + # id = computed + name = "rule-path-1" + rule_type = "PathBasedRouting" + url_path_map_name = "path-map-1" + + # http_listener_id = computed + http_listener_name = "listener-2" + } + + authentication_certificate { + name = "auth-1" + data = "${file("resource_arm_app_gateway_test.cer")}" + } + + ssl_certificate { + # id = computed + name = "ssl-1" + data = "${file("resource_arm_app_gateway_test.pfx")}" + password = "terraform" + } + + tags { + environment = "tf01" + } +} +`, rInt, rInt) +} + +func TestAccAzureRMApplicationGateway_basic_changeAuthCert(rInt int) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestrg-%d" + location = "West US 2" +} + +resource "azurerm_virtual_network" "test" { + name = "vnet" + resource_group_name = "${azurerm_resource_group.test.name}" + address_space = ["10.254.0.0/16"] + location = "${azurerm_resource_group.test.location}" +} + +resource "azurerm_subnet" "test" { + name = "subnet" + resource_group_name = "${azurerm_resource_group.test.name}" + virtual_network_name = "${azurerm_virtual_network.test.name}" + address_prefix = "10.254.0.0/24" +} + +resource "azurerm_public_ip" "test" { + name = "public-ip" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + public_ip_address_allocation = "dynamic" +} + +resource "azurerm_application_gateway" "test" { + name = "acctestgw-%d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + sku { + name = "Standard_Medium" + tier = "Standard" + capacity = 1 + } + + disabled_ssl_protocols = [ + "TLSv1_0", + ] + + gateway_ip_configuration { + # id = computed + name = "gw-ip-config1" + subnet_id = "${azurerm_subnet.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-public" + public_ip_address_id = "${azurerm_public_ip.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-private" + subnet_id = "${azurerm_subnet.test.id}" + + # private_ip_address = computed + private_ip_address_allocation = "Dynamic" + } + + frontend_port { + # id = computed + name = "port-8080" + port = 8080 + } + + backend_address_pool { + # id = computed + name = "pool-1" + + fqdn_list = [ + "terraform.io", + ] + } + + backend_http_settings { + # id = computed + name = "backend-http-1" + port = 8010 + protocol = "Http" + cookie_based_affinity = "Enabled" + request_timeout = 30 + } + + backend_http_settings { + # id = computed + name = "backend-http-2" + port = 8011 + protocol = "Https" + cookie_based_affinity = "Enabled" + request_timeout = 30 + + authentication_certificate { + name = "auth-2" + } + + # probe_id = computed + probe_name = "probe-1" + } + + http_listener { + # id = computed + name = "listener-1" + + # frontend_ip_configuration_id = computed + frontend_ip_configuration_name = "ip-config-public" + + # frontend_ip_port_id = computed + frontend_port_name = "port-8080" + protocol = "Http" + } + + http_listener { + name = "listener-2" + frontend_ip_configuration_name = "ip-config-public" + frontend_port_name = "port-8080" + protocol = "Https" + + # ssl_certificate_id = computed + ssl_certificate_name = "ssl-1" + host_name = "terraform.io" + require_sni = true + } + + probe { + # id = computed + name = "probe-1" + protocol = "Https" + path = "/test" + host = "azure.com" + timeout = 120 + interval = 300 + unhealthy_threshold = 8 + } + + url_path_map { + # id = computed + name = "path-map-1" + default_backend_address_pool_name = "pool-1" + default_backend_http_settings_name = "backend-http-1" + + path_rule { + # id = computed + name = "path-rule-1" + backend_address_pool_name = "pool-1" + backend_http_settings_name = "backend-http-1" + + paths = [ + "/test", + ] + } + } + + request_routing_rule { + # id = computed + name = "rule-basic-1" + rule_type = "Basic" + + # http_listener_id = computed + http_listener_name = "listener-1" + + # backend_address_pool_id = computed + backend_address_pool_name = "pool-1" + + # backend_http_settings_id = computed + backend_http_settings_name = "backend-http-1" + } + + request_routing_rule { + # id = computed + name = "rule-path-1" + rule_type = "PathBasedRouting" + url_path_map_name = "path-map-1" + + # http_listener_id = computed + http_listener_name = "listener-2" + } + + authentication_certificate { + name = "auth-2" + data = "${file("resource_arm_app_gateway_test.cer")}" + } + + ssl_certificate { + # id = computed + name = "ssl-1" + data = "${file("resource_arm_app_gateway_test.pfx")}" + password = "terraform" + } + + tags { + environment = "tf01" + } +} +`, rInt, rInt) +} + +func TestAccAzureRMApplicationGateway_waf(rInt int) string { + return fmt.Sprintf(` +resource "azurerm_resource_group" "test" { + name = "acctestrg-%d" + location = "West US 2" +} + +resource "azurerm_virtual_network" "test" { + name = "vnet" + resource_group_name = "${azurerm_resource_group.test.name}" + address_space = ["10.254.0.0/16"] + location = "${azurerm_resource_group.test.location}" +} + +resource "azurerm_subnet" "test" { + name = "subnet" + resource_group_name = "${azurerm_resource_group.test.name}" + virtual_network_name = "${azurerm_virtual_network.test.name}" + address_prefix = "10.254.0.0/24" +} + +resource "azurerm_public_ip" "test" { + name = "public-ip" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + public_ip_address_allocation = "dynamic" +} + +resource "azurerm_application_gateway" "test" { + name = "acctestgw-%d" + location = "${azurerm_resource_group.test.location}" + resource_group_name = "${azurerm_resource_group.test.name}" + + sku { + name = "WAF_Medium" + tier = "WAF" + capacity = 1 + } + + disabled_ssl_protocols = [ + "TLSv1_0", + ] + + waf_configuration { + enabled = "true" + firewall_mode = "Detection" + } + + gateway_ip_configuration { + # id = computed + name = "gw-ip-config1" + subnet_id = "${azurerm_subnet.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-public" + public_ip_address_id = "${azurerm_public_ip.test.id}" + } + + frontend_ip_configuration { + # id = computed + name = "ip-config-private" + subnet_id = "${azurerm_subnet.test.id}" + + # private_ip_address = computed + private_ip_address_allocation = "Dynamic" + } + + frontend_port { + # id = computed + name = "port-8080" + port = 8080 + } + + backend_address_pool { + # id = computed + name = "pool-1" + + fqdn_list = [ + "terraform.io", + ] + } + + backend_http_settings { + # id = computed + name = "backend-http-1" + port = 8010 + protocol = "Https" + cookie_based_affinity = "Enabled" + request_timeout = 30 + + # probe_id = computed + probe_name = "probe-1" + } + + http_listener { + # id = computed + name = "listener-1" + + # frontend_ip_configuration_id = computed + frontend_ip_configuration_name = "ip-config-public" + + # frontend_ip_port_id = computed + frontend_port_name = "port-8080" + protocol = "Http" + } + + http_listener { + name = "listener-2" + frontend_ip_configuration_name = "ip-config-public" + frontend_port_name = "port-8080" + protocol = "Https" + + # ssl_certificate_id = computed + ssl_certificate_name = "ssl-1" + host_name = "terraform.io" + require_sni = true + } + + probe { + # id = computed + name = "probe-1" + protocol = "Https" + path = "/test" + host = "azure.com" + timeout = 120 + interval = 300 + unhealthy_threshold = 8 + } + + url_path_map { + # id = computed + name = "path-map-1" + default_backend_address_pool_name = "pool-1" + default_backend_http_settings_name = "backend-http-1" + + path_rule { + # id = computed + name = "path-rule-1" + backend_address_pool_name = "pool-1" + backend_http_settings_name = "backend-http-1" + + paths = [ + "/test", + ] + } + } + + request_routing_rule { + # id = computed + name = "rule-basic-1" + rule_type = "Basic" + + # http_listener_id = computed + http_listener_name = "listener-1" + + # backend_address_pool_id = computed + backend_address_pool_name = "pool-1" + + # backend_http_settings_id = computed + backend_http_settings_name = "backend-http-1" + } + + request_routing_rule { + # id = computed + name = "rule-path-1" + rule_type = "PathBasedRouting" + url_path_map_name = "path-map-1" + + # http_listener_id = computed + http_listener_name = "listener-2" + } + + ssl_certificate { + # id = computed + name = "ssl-1" + data = "${file("resource_arm_app_gateway_test.pfx")}" + password = "terraform" + } + + tags { + environment = "tf01" + } +} +`, rInt, rInt) +} diff --git a/azurerm/resource_arm_application_gateway_test.pfx b/azurerm/resource_arm_application_gateway_test.pfx new file mode 100644 index 0000000000000000000000000000000000000000..691fa08577cf8afdfc91a241bc623883f5b132fa GIT binary patch literal 4213 zcmY+GWl$81w}*G>rQxN!muATYN$Ji7B%~z-L0Ca)Sdea|m+p{Ix}{<122mPhX%K0- zzBBjU|Ggj1oSEl0=X`yB5Co|w1`rd1Acf+9cq7y!u84rRzEwuo4BMl%Eh0}l{_z`>jBvG1qU z?e?(Y*J2~LXFI74Kl_=zjvHoU=s72yM6IC zbCe)wQyC&AlRGx`&)vc}W@t7aVTn1@wpWx6e^eWz-ZQP=)~cxWdwWV6ZdcK3#on2e z7_~4W#EY;lM+&E?V>{go5oqHiKZZ%t^=dDPPPsQe!=DetF28s}Wxhu@)mDjv*vr0R zN+9oAfO+YkBi3Ol`8#z!xl?Yy{VfGKY$~kkJbBWHvPG|Fm7N^CaOk6 z!<|8)d#H9{%OFo@tsDl};)E*d=~ZkG>ZNN==+aXF!A4z6Z94c;TQ$Jv@?AMyiu+ZFn=4 zTUPI9{oF>q)|jr-PUu#@zuuLGQ^}_~aLavep3mwW{Lqs&>*>Ahhc0#hvbK2S19GPI`xBU!}7buz1EEM^q zl`$){pIGShBy!w^hwwwev;}Te$x#6O{R_sZu<8y_YQwe0Ik~K6UBMP^xTyN2kDTVd zD3hYzkt*mm1BP!|bt9GzXz|JXczT&Rsi!Ngvs`E0GneVwZcIt_UB@7}>Xv3|TbGaG~ zqcv^i_JgI&iNy~eqbG4dZVq`>vjt>sTA5Jvd^9J~U0I_D23}Cc$bz+c|axa7e0n3}8o}50Vnqpkn%teQ;_RaX-%-SCc?Q^$8hK<% zzjc~@lh|9OYo0Q^#MT5@isFcgOg-xPUSL|>6xL%cL2(`bQ~87#Hs=Rj%fFj&<~#U! z7QoY7xswx^L6Lq+5DW@BvrGI#uq@Nh@0#~9DrPQ10!O+)Z0Y-4#JxS0|FzVUukbM% z=;jZbe~#qszgS(I){@1^OZ0QdW4{Cgbnc0{=B9Itl{RFU@NJJ_*sC<6jXYbzw)|{I zfSc9UHbJ~IaEAjkFnnxXa`M6`>VhLPA&Q8n&qBSiSFEGpWd8^-f3q6G$xavAU<+mX zme(4oib-u}h5B0bKI-~sWu%iu*L`QdWQyd8$mq6tPzpPGZJSL9tz!{_LMawJibUiC49YZ+v*sN04@$O|N%5+sa=IkY-;43GHHSLbvL3-j3bCI4 z9e>(z7RcXE_fvi{-lkr#sn0O;qrr&wAL6IAvP9)5ZJOCz8|iq!S$}7t3PWHw6!my8 zZcM06O3P(Zsj);V$pfG1FBeER#&K~*^^R%W!Qdc4pv%iWD}&vYsyio$%1m5nzRvBB zQd{@I%c^VmQ4LfZO6@04W%#vx%J5IEAP%1{*8mKYvp@K)V$5{~;jJOvKm_06yQ-x1 zmS#{mcbKf{OhYrMNEQ;rBK@*KU_VYSAjGcPI->}J0FC?~apWUFZCD6U(_j4g@6_NB z{EtTPff#>7pTE%S|JeoeU%Rj^nwWZ>;#>V|m%r!wLw}re%UJN31WGJO!=|6F30;Ru zZ$HAq?~=IJ03D=I_GE5gT)Ei??aI|}8$1g@`0#KxKv3$4wQXS_; z!SCoJytrRs)G)U+*ye(Q^rf_X7kdi=DROMyS-sL%6vpWA{W+i9FNyDfP`%^M318xn zz1WS_kvi9ZV%6d++nQy`nHgOx_XbS;JO^q-B~AmRusH?%u}rs!q~LAZ%BB1pdcA53 zZHL9vMqjOm6L&vXmU6V7W7WcdYKFDr&BzZ%iLS;G%eQ27(%@$nx#op73-s65saMegfD;i}r$?SEHKXfDVzV>$W zSa#p(fdpV|?Sht_zE!ET)A^=w!JnuhjD%QNxwp%wS7o#U4(FEF3^$vUo>#P#Gy25F ziCttJafzK8X;PPji)H;4Ui*+fg*4q{fm@}iFeT&ka%0(S&1RPh?54Hhq??=s@@ZG~ z;kbWfu9%J(q9M>q_4tVtSkjvu*nS0ceQwzFqm~aNVi8(fw3OO@gm(H>Ii&Qkkg9pu zg@oOey2u+4nWH8(q){WJ&k+)YQvIlvw!QyV9W-4$h*!y?JD` zKQI*uK?#REqf47@A=DQ)sF>BtH&Ky=Qgm9lme}o{JgYk~d9Av=e;f!l@tG}WI)p4x zP+QisKLTdHEO~oG7ble}uhTSI2rNznV@Zt19aUhlgG=frT$gx<@;_8vy}7dg@i}x; z-5L++PozLX=MsNS`12OV0j{v_txep#r_@LmYoy3ZNLF3J-;~#42bkFEraHmCXQwT$ z1TM%3-nSX7d88Q)ivA7#nD4rjK))MqDY-=Ir8wNG*LO2sn`zm$7Pwc4^`<>1{zi2Q z(n7yvaV!UCnIhRL`F8VNUNfy(=*oiL_D8^UFD=6 zi^fMwKQdXJ9~l4SV{8roK}dzn3cV8!(E8-5zUG_p4v8S9cRDce32Z2p=SnR&CAD=vU0t%j3lf1-NQPhu-@LsREm=szBzwkR)=z!Qogt- zJdw~Hm|fj=w^5Eo4kkCxhXpC33~#5HqJq%PoQjORJHA2MvZXt412!j4siDAj;N0|WpprTO0q6up6%ugZj;RiEQX|W zk@l$m{%8lph#lNW6_$zGrEBq@TO*-Rv0XUHO}Z;`W}>_NBIze+kNjoQbU*Cxz|+gh zg~P)kY$!fdonxnVrN121dnFZa8YE%uvmflLNhLTPq$m3hhR&M`n^#nZ1x&u+a(Goo zwjLp}Bz4{DlBZ!Q+5EE`@;hHNtRO)Jxi$ZgG%`TaHjR_3ZGc-kd$fdxj=PfQAd@4q z_9K8bJ>R3d5F=j1SSgR}oq_qO_ExL=JMPwHhf{D?_vaOh2J{A3(-^&kGH=S@&o{)Q z~B3q3ug8yzGPx0s!E9Ywbg5i51r?QP(dt4L{6TCv7 z7kQ+$!c2Hd)z@}NFPE(ypn_wwj1=E^`e3{`L8%gUb#FJ1e&?1fPTN7XLEi^c_k?f8 ze@I5RZvXrwIoWxu#*dMf%A&4%hmLz~a+}0mViePiU3WAFe9{~c`~shEVrbi+*f|>6 zxLrQh!c(wu4A(PlL+B{hASkm)-v6fZr4c;7!P)nZv@?(Yi zAZ8vm;#u-=pxzTeC9ERP=SX+q@ z)fHrMb`*08=Iv(?-h5EW0@UiDKf*Eb9jRcSQIMg5vR^PD$8WUx7$Ad<<>^UqOV-PX zeRO#^=>_u?5#<%9$d%O<WsM15pZ7VNoc4#f{XP+OBvel2UjEN=V%P ze6#`)hOk0FIM{r|m>6`}04$0}f@fZN@u;gi)PP0@-*(&P Date: Thu, 22 Jun 2017 19:12:46 +0000 Subject: [PATCH 02/19] Changed capital 'T' to lowercase in all functions that start with testAccAzureRMApplicationGateway_basic and accept int as parameter --- .../resource_arm_application_gateway_test.go | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 6d4d7d8cc4d0..88c48a489de6 100644 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -25,7 +25,7 @@ func TestAccAzureRMApplicationGateway_basic(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { - Config: TestAccAzureRMApplicationGateway_basic(ri), + Config: testAccAzureRMApplicationGateway_basic(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -50,7 +50,7 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { - Config: TestAccAzureRMApplicationGateway_basic(ri), + Config: testAccAzureRMApplicationGateway_basic(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -59,7 +59,7 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { Destroy: false, }, { - Config: TestAccAzureRMApplicationGateway_basic_changeSslCert(ri), + Config: testAccAzureRMApplicationGateway_basic_changeSslCert(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-2"), @@ -84,7 +84,7 @@ func TestAccAzureRMApplicationGateway_basic_authCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { - Config: TestAccAzureRMApplicationGateway_basic_authCert(ri), + Config: testAccAzureRMApplicationGateway_basic_authCert(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -110,7 +110,7 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { - Config: TestAccAzureRMApplicationGateway_basic_authCert(ri), + Config: testAccAzureRMApplicationGateway_basic_authCert(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -120,7 +120,7 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { Destroy: false, }, { - Config: TestAccAzureRMApplicationGateway_basic_changeAuthCert(ri), + Config: testAccAzureRMApplicationGateway_basic_changeAuthCert(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -170,7 +170,7 @@ func testCheckAzureRMApplicationGatewayExists(name string) resource.TestCheckFun return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } - conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient + conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -198,7 +198,7 @@ func testCheckAzureRMApplicationGatewaySslCertificateAssigned(name string, certN return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } - conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient + conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -244,7 +244,7 @@ func testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned(name st return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } - conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient + conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -282,7 +282,7 @@ func testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned(name st } func testCheckAzureRMApplicationGatewayDestroy(s *terraform.State) error { - conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient + conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient for _, rs := range s.RootModule().Resources { if rs.Type != "azurerm_application_gateway" { @@ -306,7 +306,7 @@ func testCheckAzureRMApplicationGatewayDestroy(s *terraform.State) error { return nil } -func TestAccAzureRMApplicationGateway_basic(rInt int) string { +func testAccAzureRMApplicationGateway_basic(rInt int) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -489,7 +489,7 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt) } -func TestAccAzureRMApplicationGateway_basic_changeSslCert(rInt int) string { +func testAccAzureRMApplicationGateway_basic_changeSslCert(rInt int) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -672,7 +672,7 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt) } -func TestAccAzureRMApplicationGateway_basic_authCert(rInt int) string { +func testAccAzureRMApplicationGateway_basic_authCert(rInt int) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -873,7 +873,7 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt) } -func TestAccAzureRMApplicationGateway_basic_changeAuthCert(rInt int) string { +func testAccAzureRMApplicationGateway_basic_changeAuthCert(rInt int) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -1074,7 +1074,7 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt) } -func TestAccAzureRMApplicationGateway_waf(rInt int) string { +func testAccAzureRMApplicationGateway_waf(rInt int) string { return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" From 1a245d5b13fda22d1dcdbdb3a1e6f1e948376537 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Thu, 22 Jun 2017 20:21:14 +0000 Subject: [PATCH 03/19] Missed one upper case --- azurerm/resource_arm_application_gateway_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 88c48a489de6..cdaf793f4432 100644 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -146,7 +146,7 @@ func TestAccAzureRMApplicationGateway_waf(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { - Config: TestAccAzureRMApplicationGateway_waf(ri), + Config: testAccAzureRMApplicationGateway_waf(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), From 8f6da9b4c1d2880dbd850486fc1e017bde74a1ef Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Thu, 6 Jul 2017 20:18:24 -0400 Subject: [PATCH 04/19] Added RuleSetType and RuleSetVersion for WAF --- GNUmakefile | 2 +- azurerm/config.go | 0 azurerm/resource_arm_application_gateway.go | 24 ++++++++++++++++-- .../resource_arm_application_gateway_test.cer | 0 .../resource_arm_application_gateway_test.go | 16 +++++++----- .../resource_arm_application_gateway_test.pfx | Bin 6 files changed, 32 insertions(+), 10 deletions(-) mode change 100644 => 100755 azurerm/config.go mode change 100644 => 100755 azurerm/resource_arm_application_gateway.go mode change 100644 => 100755 azurerm/resource_arm_application_gateway_test.cer mode change 100644 => 100755 azurerm/resource_arm_application_gateway_test.go mode change 100644 => 100755 azurerm/resource_arm_application_gateway_test.pfx diff --git a/GNUmakefile b/GNUmakefile index c9eacb4511da..090f821c3f04 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -12,7 +12,7 @@ test: fmtcheck xargs -t -n4 go test $(TESTARGS) -timeout=30s -parallel=4 testacc: fmtcheck - TF_ACC=1 go test $(TEST) -v $(TESTARGS) -timeout 120m + TF_ACC=1 go test $(TEST) -v $(TESTARGS) -timeout 180m vet: @echo "go vet ." diff --git a/azurerm/config.go b/azurerm/config.go old mode 100644 new mode 100755 diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go old mode 100644 new mode 100755 index bfacaa140881..666ef7cc55a1 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -118,6 +118,20 @@ func resourceArmApplicationGateway() *schema.Resource { string(network.Prevention), }, true), }, + + "rule_set_type": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{"OWASP"}, true), + }, + + "rule_set_version": { + Type: schema.TypeString, + Required: true, + DiffSuppressFunc: ignoreCaseDiffSuppressFunc, + ValidateFunc: validation.StringInSlice([]string{"2.2.9", "3.0"}, true), + }, }, }, Set: hashApplicationGatewayWafConfig, @@ -870,10 +884,14 @@ func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.Applicat enabled := waf["enabled"].(bool) mode := waf["firewall_mode"].(string) + rulesettype := waf["rule_set_type"].(string) + rulesetversion := waf["rule_set_version"].(string) return &network.ApplicationGatewayWebApplicationFirewallConfiguration{ - Enabled: &enabled, - FirewallMode: network.ApplicationGatewayFirewallMode(mode), + Enabled: &enabled, + FirewallMode: network.ApplicationGatewayFirewallMode(mode), + RuleSetType: &rulesettype, + RuleSetVersion: &rulesetversion, } } @@ -1330,6 +1348,8 @@ func flattenApplicationGatewayWafConfig(waf *network.ApplicationGatewayWebApplic result["enabled"] = *waf.Enabled result["firewall_mode"] = string(waf.FirewallMode) + result["rule_set_type"] = waf.RuleSetType + result["rule_set_version"] = waf.RuleSetVersion return []interface{}{result} } diff --git a/azurerm/resource_arm_application_gateway_test.cer b/azurerm/resource_arm_application_gateway_test.cer old mode 100644 new mode 100755 diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go old mode 100644 new mode 100755 index cdaf793f4432..119efc90628f --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -478,7 +478,7 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-1" - data = "${file("resource_arm_app_gateway_test.pfx")}" + data = "${file("resource_arm_application_gateway_test.pfx")}" password = "terraform" } @@ -661,7 +661,7 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-2" - data = "${file("resource_arm_app_gateway_test.pfx")}" + data = "${file("resource_arm_application_gateway_test.pfx")}" password = "terraform" } @@ -856,13 +856,13 @@ resource "azurerm_application_gateway" "test" { authentication_certificate { name = "auth-1" - data = "${file("resource_arm_app_gateway_test.cer")}" + data = "${file("resource_arm_application_gateway_test.cer")}" } ssl_certificate { # id = computed name = "ssl-1" - data = "${file("resource_arm_app_gateway_test.pfx")}" + data = "${file("resource_arm_application_gateway_test.pfx")}" password = "terraform" } @@ -1057,13 +1057,13 @@ resource "azurerm_application_gateway" "test" { authentication_certificate { name = "auth-2" - data = "${file("resource_arm_app_gateway_test.cer")}" + data = "${file("resource_arm_application_gateway_test.cer")}" } ssl_certificate { # id = computed name = "ssl-1" - data = "${file("resource_arm_app_gateway_test.pfx")}" + data = "${file("resource_arm_application_gateway_test.pfx")}" password = "terraform" } @@ -1120,6 +1120,8 @@ resource "azurerm_application_gateway" "test" { waf_configuration { enabled = "true" firewall_mode = "Detection" + rule_set_type = "OWASP" + rule_set_version = "3.0" } gateway_ip_configuration { @@ -1251,7 +1253,7 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-1" - data = "${file("resource_arm_app_gateway_test.pfx")}" + data = "${file("resource_arm_application_gateway_test.pfx")}" password = "terraform" } diff --git a/azurerm/resource_arm_application_gateway_test.pfx b/azurerm/resource_arm_application_gateway_test.pfx old mode 100644 new mode 100755 From bd01fe2f8995b74853f0f712c3258c9f47a5e727 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Mon, 17 Jul 2017 10:16:30 -0400 Subject: [PATCH 05/19] validated application gateway tester - changed base method so it can be run alone --- azurerm/resource_arm_application_gateway_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 119efc90628f..4418af632d09 100755 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -11,7 +11,7 @@ import ( "github.com/hashicorp/terraform/terraform" ) -func TestAccAzureRMApplicationGateway_basic(t *testing.T) { +func TestAccAzureRMApplicationGateway_basic_base(t *testing.T) { ri := acctest.RandInt() subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") From c42c90cf9bf2c0d33f034959faa43da15fa5d9b1 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Wed, 27 Sep 2017 09:25:32 -0400 Subject: [PATCH 06/19] rebasing --- azurerm/config.go | 4 + azurerm/provider.go | 21 ++++ azurerm/resource_arm_application_gateway.go | 13 +++ .../resource_arm_application_gateway_test.go | 99 +++++++++++++++++++ 4 files changed, 137 insertions(+) diff --git a/azurerm/config.go b/azurerm/config.go index 194f40c29028..4141bae92900 100755 --- a/azurerm/config.go +++ b/azurerm/config.go @@ -321,7 +321,11 @@ func (c *Config) getArmClient() (*ArmClient, error) { agc := network.NewApplicationGatewaysClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&agc.Client) agc.Authorizer = auth +<<<<<<< HEAD agc.Sender = sender +======= + agc.Sender = autorest.CreateSender(withRequestLogging()) +>>>>>>> made sure files are added client.applicationGatewayClient = agc crc := containerregistry.NewRegistriesClientWithBaseURI(endpoint, c.SubscriptionID) diff --git a/azurerm/provider.go b/azurerm/provider.go index 77ddd4682c36..54b42475ee5f 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -70,6 +70,7 @@ func Provider() terraform.ResourceProvider { }, ResourcesMap: map[string]*schema.Resource{ +<<<<<<< HEAD "azurerm_application_gateway": resourceArmApplicationGateway(), "azurerm_application_insights": resourceArmApplicationInsights(), "azurerm_app_service": resourceArmAppService(), @@ -95,6 +96,26 @@ func Provider() terraform.ResourceProvider { "azurerm_dns_txt_record": resourceArmDnsTxtRecord(), "azurerm_dns_zone": resourceArmDnsZone(), "azurerm_eventgrid_topic": resourceArmEventGridTopic(), +======= + // These resources use the Azure ARM SDK +<<<<<<< HEAD + "azurerm_availability_set": resourceArmAvailabilitySet(), + "azurerm_cdn_endpoint": resourceArmCdnEndpoint(), + "azurerm_cdn_profile": resourceArmCdnProfile(), + "azurerm_container_registry": resourceArmContainerRegistry(), + "azurerm_container_service": resourceArmContainerService(), + "azurerm_cosmosdb_account": resourceArmCosmosDBAccount(), + "azurerm_dns_ptr_record": resourceArmDnsPtrRecord(), +======= + "azurerm_application_gateway": resourceArmApplicationGateway(), + "azurerm_availability_set": resourceArmAvailabilitySet(), + "azurerm_cdn_endpoint": resourceArmCdnEndpoint(), + "azurerm_cdn_profile": resourceArmCdnProfile(), + "azurerm_container_registry": resourceArmContainerRegistry(), + "azurerm_container_service": resourceArmContainerService(), +>>>>>>> For new Application Gateway Resource: + +>>>>>>> made sure files are added "azurerm_eventhub": resourceArmEventHub(), "azurerm_eventhub_authorization_rule": resourceArmEventHubAuthorizationRule(), "azurerm_eventhub_consumer_group": resourceArmEventHubConsumerGroup(), diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 666ef7cc55a1..130c790cc3c6 100755 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -118,6 +118,7 @@ func resourceArmApplicationGateway() *schema.Resource { string(network.Prevention), }, true), }, +<<<<<<< HEAD "rule_set_type": { Type: schema.TypeString, @@ -132,6 +133,8 @@ func resourceArmApplicationGateway() *schema.Resource { DiffSuppressFunc: ignoreCaseDiffSuppressFunc, ValidateFunc: validation.StringInSlice([]string{"2.2.9", "3.0"}, true), }, +======= +>>>>>>> made sure files are added }, }, Set: hashApplicationGatewayWafConfig, @@ -884,6 +887,7 @@ func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.Applicat enabled := waf["enabled"].(bool) mode := waf["firewall_mode"].(string) +<<<<<<< HEAD rulesettype := waf["rule_set_type"].(string) rulesetversion := waf["rule_set_version"].(string) @@ -892,6 +896,12 @@ func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.Applicat FirewallMode: network.ApplicationGatewayFirewallMode(mode), RuleSetType: &rulesettype, RuleSetVersion: &rulesetversion, +======= + + return &network.ApplicationGatewayWebApplicationFirewallConfiguration{ + Enabled: &enabled, + FirewallMode: network.ApplicationGatewayFirewallMode(mode), +>>>>>>> made sure files are added } } @@ -1348,8 +1358,11 @@ func flattenApplicationGatewayWafConfig(waf *network.ApplicationGatewayWebApplic result["enabled"] = *waf.Enabled result["firewall_mode"] = string(waf.FirewallMode) +<<<<<<< HEAD result["rule_set_type"] = waf.RuleSetType result["rule_set_version"] = waf.RuleSetVersion +======= +>>>>>>> made sure files are added return []interface{}{result} } diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 4418af632d09..434c41bb8123 100755 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -11,7 +11,11 @@ import ( "github.com/hashicorp/terraform/terraform" ) +<<<<<<< HEAD func TestAccAzureRMApplicationGateway_basic_base(t *testing.T) { +======= +func TestAccAzureRMApplicationGateway_basic(t *testing.T) { +>>>>>>> made sure files are added ri := acctest.RandInt() subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") @@ -25,7 +29,11 @@ func TestAccAzureRMApplicationGateway_basic_base(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { +<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic(ri), +======= + Config: TestAccAzureRMApplicationGateway_basic(ri), +>>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -50,7 +58,11 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { +<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic(ri), +======= + Config: TestAccAzureRMApplicationGateway_basic(ri), +>>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -59,7 +71,11 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { Destroy: false, }, { +<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic_changeSslCert(ri), +======= + Config: TestAccAzureRMApplicationGateway_basic_changeSslCert(ri), +>>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-2"), @@ -84,7 +100,11 @@ func TestAccAzureRMApplicationGateway_basic_authCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { +<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic_authCert(ri), +======= + Config: TestAccAzureRMApplicationGateway_basic_authCert(ri), +>>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -110,7 +130,11 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { +<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic_authCert(ri), +======= + Config: TestAccAzureRMApplicationGateway_basic_authCert(ri), +>>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -120,7 +144,11 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { Destroy: false, }, { +<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic_changeAuthCert(ri), +======= + Config: TestAccAzureRMApplicationGateway_basic_changeAuthCert(ri), +>>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -146,7 +174,11 @@ func TestAccAzureRMApplicationGateway_waf(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { +<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_waf(ri), +======= + Config: TestAccAzureRMApplicationGateway_waf(ri), +>>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -170,7 +202,11 @@ func testCheckAzureRMApplicationGatewayExists(name string) resource.TestCheckFun return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } +<<<<<<< HEAD conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient +======= + conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient +>>>>>>> made sure files are added resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -198,7 +234,11 @@ func testCheckAzureRMApplicationGatewaySslCertificateAssigned(name string, certN return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } +<<<<<<< HEAD conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient +======= + conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient +>>>>>>> made sure files are added resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -244,7 +284,11 @@ func testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned(name st return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } +<<<<<<< HEAD conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient +======= + conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient +>>>>>>> made sure files are added resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -282,7 +326,11 @@ func testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned(name st } func testCheckAzureRMApplicationGatewayDestroy(s *terraform.State) error { +<<<<<<< HEAD conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient +======= + conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient +>>>>>>> made sure files are added for _, rs := range s.RootModule().Resources { if rs.Type != "azurerm_application_gateway" { @@ -306,7 +354,11 @@ func testCheckAzureRMApplicationGatewayDestroy(s *terraform.State) error { return nil } +<<<<<<< HEAD func testAccAzureRMApplicationGateway_basic(rInt int) string { +======= +func TestAccAzureRMApplicationGateway_basic(rInt int) string { +>>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -478,7 +530,11 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-1" +<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" +======= + data = "${file("resource_arm_app_gateway_test.pfx")}" +>>>>>>> made sure files are added password = "terraform" } @@ -489,7 +545,11 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt) } +<<<<<<< HEAD func testAccAzureRMApplicationGateway_basic_changeSslCert(rInt int) string { +======= +func TestAccAzureRMApplicationGateway_basic_changeSslCert(rInt int) string { +>>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -661,7 +721,11 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-2" +<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" +======= + data = "${file("resource_arm_app_gateway_test.pfx")}" +>>>>>>> made sure files are added password = "terraform" } @@ -672,7 +736,11 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt) } +<<<<<<< HEAD func testAccAzureRMApplicationGateway_basic_authCert(rInt int) string { +======= +func TestAccAzureRMApplicationGateway_basic_authCert(rInt int) string { +>>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -856,13 +924,21 @@ resource "azurerm_application_gateway" "test" { authentication_certificate { name = "auth-1" +<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.cer")}" +======= + data = "${file("resource_arm_app_gateway_test.cer")}" +>>>>>>> made sure files are added } ssl_certificate { # id = computed name = "ssl-1" +<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" +======= + data = "${file("resource_arm_app_gateway_test.pfx")}" +>>>>>>> made sure files are added password = "terraform" } @@ -873,7 +949,11 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt) } +<<<<<<< HEAD func testAccAzureRMApplicationGateway_basic_changeAuthCert(rInt int) string { +======= +func TestAccAzureRMApplicationGateway_basic_changeAuthCert(rInt int) string { +>>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -1057,13 +1137,21 @@ resource "azurerm_application_gateway" "test" { authentication_certificate { name = "auth-2" +<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.cer")}" +======= + data = "${file("resource_arm_app_gateway_test.cer")}" +>>>>>>> made sure files are added } ssl_certificate { # id = computed name = "ssl-1" +<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" +======= + data = "${file("resource_arm_app_gateway_test.pfx")}" +>>>>>>> made sure files are added password = "terraform" } @@ -1074,7 +1162,11 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt) } +<<<<<<< HEAD func testAccAzureRMApplicationGateway_waf(rInt int) string { +======= +func TestAccAzureRMApplicationGateway_waf(rInt int) string { +>>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -1120,8 +1212,11 @@ resource "azurerm_application_gateway" "test" { waf_configuration { enabled = "true" firewall_mode = "Detection" +<<<<<<< HEAD rule_set_type = "OWASP" rule_set_version = "3.0" +======= +>>>>>>> made sure files are added } gateway_ip_configuration { @@ -1253,7 +1348,11 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-1" +<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" +======= + data = "${file("resource_arm_app_gateway_test.pfx")}" +>>>>>>> made sure files are added password = "terraform" } From 4734ebfcafdea2aa20baa913598b8163a6b704db Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Mon, 17 Jul 2017 12:18:18 -0400 Subject: [PATCH 07/19] made sure files are added --- azurerm/provider.go | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/azurerm/provider.go b/azurerm/provider.go index 54b42475ee5f..77ddd4682c36 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -70,7 +70,6 @@ func Provider() terraform.ResourceProvider { }, ResourcesMap: map[string]*schema.Resource{ -<<<<<<< HEAD "azurerm_application_gateway": resourceArmApplicationGateway(), "azurerm_application_insights": resourceArmApplicationInsights(), "azurerm_app_service": resourceArmAppService(), @@ -96,26 +95,6 @@ func Provider() terraform.ResourceProvider { "azurerm_dns_txt_record": resourceArmDnsTxtRecord(), "azurerm_dns_zone": resourceArmDnsZone(), "azurerm_eventgrid_topic": resourceArmEventGridTopic(), -======= - // These resources use the Azure ARM SDK -<<<<<<< HEAD - "azurerm_availability_set": resourceArmAvailabilitySet(), - "azurerm_cdn_endpoint": resourceArmCdnEndpoint(), - "azurerm_cdn_profile": resourceArmCdnProfile(), - "azurerm_container_registry": resourceArmContainerRegistry(), - "azurerm_container_service": resourceArmContainerService(), - "azurerm_cosmosdb_account": resourceArmCosmosDBAccount(), - "azurerm_dns_ptr_record": resourceArmDnsPtrRecord(), -======= - "azurerm_application_gateway": resourceArmApplicationGateway(), - "azurerm_availability_set": resourceArmAvailabilitySet(), - "azurerm_cdn_endpoint": resourceArmCdnEndpoint(), - "azurerm_cdn_profile": resourceArmCdnProfile(), - "azurerm_container_registry": resourceArmContainerRegistry(), - "azurerm_container_service": resourceArmContainerService(), ->>>>>>> For new Application Gateway Resource: - ->>>>>>> made sure files are added "azurerm_eventhub": resourceArmEventHub(), "azurerm_eventhub_authorization_rule": resourceArmEventHubAuthorizationRule(), "azurerm_eventhub_consumer_group": resourceArmEventHubConsumerGroup(), From 75d3c687c76be627ff980bd230f4caa0ae0f3fba Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Mon, 31 Jul 2017 22:12:35 -0400 Subject: [PATCH 08/19] changes based on reviewer feedback --- azurerm/resource_arm_application_gateway.go | 41 ++++++++++--------- .../resource_arm_application_gateway_test.go | 7 ---- 2 files changed, 21 insertions(+), 27 deletions(-) diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 130c790cc3c6..5873b9d837f0 100755 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -7,7 +7,7 @@ import ( "log" "net/http" "path" - "time" + // "time" "github.com/Azure/azure-sdk-for-go/arm/network" "github.com/hashicorp/errwrap" @@ -118,7 +118,6 @@ func resourceArmApplicationGateway() *schema.Resource { string(network.Prevention), }, true), }, -<<<<<<< HEAD "rule_set_type": { Type: schema.TypeString, @@ -133,8 +132,6 @@ func resourceArmApplicationGateway() *schema.Resource { DiffSuppressFunc: ignoreCaseDiffSuppressFunc, ValidateFunc: validation.StringInSlice([]string{"2.2.9", "3.0"}, true), }, -======= ->>>>>>> made sure files are added }, }, Set: hashApplicationGatewayWafConfig, @@ -143,7 +140,6 @@ func resourceArmApplicationGateway() *schema.Resource { "gateway_ip_configuration": { Type: schema.TypeList, Required: true, - MinItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "id": { @@ -167,7 +163,6 @@ func resourceArmApplicationGateway() *schema.Resource { "frontend_port": { Type: schema.TypeList, Required: true, - MinItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "id": { @@ -239,7 +234,6 @@ func resourceArmApplicationGateway() *schema.Resource { "backend_address_pool": { Type: schema.TypeList, Required: true, - MinItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ "id": { @@ -746,17 +740,6 @@ func resourceArmApplicationGatewayCreate(d *schema.ResourceData, meta interface{ d.SetId(*read.ID) - log.Printf("[DEBUG] Waiting for ApplicationGateway (%s) to become available", name) - stateConf := &resource.StateChangeConf{ - Pending: []string{"Accepted", "Updating"}, - Target: []string{"Succeeded"}, - Refresh: ApplicationGatewayStateRefreshFunc(meta.(*ArmClient), resGroup, name), - Timeout: 60 * time.Minute, - } - if _, err := stateConf.WaitForState(); err != nil { - return fmt.Errorf("Error waiting for ApplicationGateway (%s) to become available: %s", name, err) - } - return resourceArmApplicationGatewayRead(d, meta) } @@ -847,7 +830,7 @@ func retrieveApplicationGatewayById(ApplicationGatewayID string, meta interface{ if resp.StatusCode == http.StatusNotFound { return nil, false, nil } - return nil, false, fmt.Errorf("Error making Read request on Azure ApplicationGateway %s: %s", name, err) + return nil, false, fmt.Errorf("Error making Read request on Azure ApplicationGateway %s: %+v", name, err) } return &resp, true, nil @@ -858,7 +841,7 @@ func ApplicationGatewayStateRefreshFunc(client *ArmClient, resourceGroupName str res, err := client.applicationGatewayClient.Get(resourceGroupName, name) if err != nil { return nil, "", fmt.Errorf( - "Error issuing read request in ApplicationGatewayStateRefreshFunc to Azure ARM for ApplicationGateway '%s' (RG: '%s'): %s", + "Error issuing read request in ApplicationGatewayStateRefreshFunc to Azure ARM for ApplicationGateway '%s' (RG: '%s'): %+v", name, resourceGroupName, err) } @@ -887,6 +870,7 @@ func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.Applicat enabled := waf["enabled"].(bool) mode := waf["firewall_mode"].(string) +<<<<<<< HEAD <<<<<<< HEAD rulesettype := waf["rule_set_type"].(string) rulesetversion := waf["rule_set_version"].(string) @@ -902,6 +886,16 @@ func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.Applicat Enabled: &enabled, FirewallMode: network.ApplicationGatewayFirewallMode(mode), >>>>>>> made sure files are added +======= + rulesettype := waf["rule_set_type"].(string) + rulesetversion := waf["rule_set_version"].(string) + + return &network.ApplicationGatewayWebApplicationFirewallConfiguration{ + Enabled: &enabled, + FirewallMode: network.ApplicationGatewayFirewallMode(mode), + RuleSetType: &rulesettype, + RuleSetVersion: &rulesetversion, +>>>>>>> changes based on reviewer feedback } } @@ -1358,11 +1352,16 @@ func flattenApplicationGatewayWafConfig(waf *network.ApplicationGatewayWebApplic result["enabled"] = *waf.Enabled result["firewall_mode"] = string(waf.FirewallMode) +<<<<<<< HEAD <<<<<<< HEAD result["rule_set_type"] = waf.RuleSetType result["rule_set_version"] = waf.RuleSetVersion ======= >>>>>>> made sure files are added +======= + result["rule_set_type"] = waf.RuleSetType + result["rule_set_version"] = waf.RuleSetVersion +>>>>>>> changes based on reviewer feedback return []interface{}{result} } @@ -1688,6 +1687,8 @@ func hashApplicationGatewayWafConfig(v interface{}) int { m := v.(map[string]interface{}) buf.WriteString(fmt.Sprintf("%t-", m["enabled"].(bool))) buf.WriteString(fmt.Sprintf("%s-", m["firewall_mode"].(string))) + buf.WriteString(fmt.Sprintf("%s-", m["rule_set_type"].(string))) + buf.WriteString(fmt.Sprintf("%s-", m["rule_set_version"].(string))) return hashcode.String(buf.String()) } diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 434c41bb8123..e56b3dd13d45 100755 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -37,7 +37,6 @@ func TestAccAzureRMApplicationGateway_basic(t *testing.T) { Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), - resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), ), }, }, @@ -66,7 +65,6 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), - resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), ), Destroy: false, }, @@ -79,7 +77,6 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-2"), - resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), ), }, }, @@ -109,7 +106,6 @@ func TestAccAzureRMApplicationGateway_basic_authCert(t *testing.T) { testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned("azurerm_application_gateway.test", "auth-1"), - resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), ), }, }, @@ -139,7 +135,6 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned("azurerm_application_gateway.test", "auth-1"), - resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), ), Destroy: false, }, @@ -153,7 +148,6 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned("azurerm_application_gateway.test", "auth-2"), - resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), ), }, }, @@ -182,7 +176,6 @@ func TestAccAzureRMApplicationGateway_waf(t *testing.T) { Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), - resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), ), }, }, From b23da152982ee80a2e2804616c13b5d79d98a5a0 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Wed, 2 Aug 2017 08:54:28 -0400 Subject: [PATCH 09/19] removed unused gwID from application gateway tester --- azurerm/resource_arm_application_gateway_test.go | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index e56b3dd13d45..9c814eca12e7 100755 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -19,9 +19,6 @@ func TestAccAzureRMApplicationGateway_basic(t *testing.T) { ri := acctest.RandInt() subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - gwID := fmt.Sprintf( - "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", - subscriptionID, ri, ri) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -47,9 +44,6 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { ri := acctest.RandInt() subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - gwID := fmt.Sprintf( - "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", - subscriptionID, ri, ri) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -87,9 +81,6 @@ func TestAccAzureRMApplicationGateway_basic_authCert(t *testing.T) { ri := acctest.RandInt() subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - gwID := fmt.Sprintf( - "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", - subscriptionID, ri, ri) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -116,9 +107,6 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { ri := acctest.RandInt() subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - gwID := fmt.Sprintf( - "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", - subscriptionID, ri, ri) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -158,9 +146,6 @@ func TestAccAzureRMApplicationGateway_waf(t *testing.T) { ri := acctest.RandInt() subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - gwID := fmt.Sprintf( - "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", - subscriptionID, ri, ri) resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, From f09dc935b64dd3eb3b7f3733c6cdfb0735048237 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Wed, 2 Aug 2017 09:00:44 -0400 Subject: [PATCH 10/19] Removed subscriptionID from application gateway tester --- azurerm/resource_arm_application_gateway_test.go | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 9c814eca12e7..3bf4afca7487 100755 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -3,7 +3,6 @@ package azurerm import ( "fmt" "net/http" - "os" "testing" "github.com/hashicorp/terraform/helper/acctest" @@ -18,8 +17,6 @@ func TestAccAzureRMApplicationGateway_basic(t *testing.T) { >>>>>>> made sure files are added ri := acctest.RandInt() - subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -43,8 +40,6 @@ func TestAccAzureRMApplicationGateway_basic(t *testing.T) { func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { ri := acctest.RandInt() - subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -80,8 +75,6 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { func TestAccAzureRMApplicationGateway_basic_authCert(t *testing.T) { ri := acctest.RandInt() - subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -106,8 +99,6 @@ func TestAccAzureRMApplicationGateway_basic_authCert(t *testing.T) { func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { ri := acctest.RandInt() - subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -145,8 +136,6 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { func TestAccAzureRMApplicationGateway_waf(t *testing.T) { ri := acctest.RandInt() - subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") - resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, From 2e154ba1eb0c7d14c6f167abc8a5d08d42db740d Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Wed, 16 Aug 2017 12:46:30 -0700 Subject: [PATCH 11/19] incorporated feedback from review - also rebased to master --- azurerm/resource_arm_application_gateway.go | 21 ++++++------ .../resource_arm_application_gateway_test.go | 33 +++++++++++-------- 2 files changed, 30 insertions(+), 24 deletions(-) mode change 100755 => 100644 azurerm/resource_arm_application_gateway.go diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go old mode 100755 new mode 100644 index 5873b9d837f0..984dcddf4191 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -2,10 +2,8 @@ package azurerm import ( "bytes" - "encoding/base64" "fmt" "log" - "net/http" "path" // "time" @@ -81,7 +79,6 @@ func resourceArmApplicationGateway() *schema.Resource { }, }, }, - Set: hashApplicationGatewaySku, }, "disabled_ssl_protocols": { @@ -120,10 +117,9 @@ func resourceArmApplicationGateway() *schema.Resource { }, "rule_set_type": { - Type: schema.TypeString, - Required: true, - DiffSuppressFunc: ignoreCaseDiffSuppressFunc, - ValidateFunc: validation.StringInSlice([]string{"OWASP"}, true), + Type: schema.TypeString, + Optional: true, + Default: "OWASP", }, "rule_set_version": { @@ -134,7 +130,6 @@ func resourceArmApplicationGateway() *schema.Resource { }, }, }, - Set: hashApplicationGatewayWafConfig, }, "gateway_ip_configuration": { @@ -768,8 +763,11 @@ func resourceArmApplicationGatewayRead(d *schema.ResourceData, meta interface{}) d.Set("frontend_port", flattenApplicationGatewayFrontendPorts(ApplicationGateway.ApplicationGatewayPropertiesFormat.FrontendPorts)) d.Set("frontend_ip_configuration", flattenApplicationGatewayFrontendIPConfigurations(ApplicationGateway.ApplicationGatewayPropertiesFormat.FrontendIPConfigurations)) d.Set("backend_address_pool", flattenApplicationGatewayBackendAddressPools(ApplicationGateway.ApplicationGatewayPropertiesFormat.BackendAddressPools)) + d.Set("backend_http_settings", flattenApplicationGatewayBackendHTTPSettings(ApplicationGateway.ApplicationGatewayPropertiesFormat.BackendHTTPSettingsCollection)) + d.Set("http_listener", flattenApplicationGatewayHTTPListeners(ApplicationGateway.ApplicationGatewayPropertiesFormat.HTTPListeners)) + d.Set("probe", flattenApplicationGatewayProbes(ApplicationGateway.ApplicationGatewayPropertiesFormat.Probes)) d.Set("request_routing_rule", flattenApplicationGatewayRequestRoutingRules(ApplicationGateway.ApplicationGatewayPropertiesFormat.RequestRoutingRules)) d.Set("url_path_map", flattenApplicationGatewayURLPathMaps(ApplicationGateway.ApplicationGatewayPropertiesFormat.URLPathMaps)) @@ -827,7 +825,7 @@ func retrieveApplicationGatewayById(ApplicationGatewayID string, meta interface{ resp, err := client.Get(resGroup, name) if err != nil { - if resp.StatusCode == http.StatusNotFound { + if responseWasNotFound(resp.Response) { return nil, false, nil } return nil, false, fmt.Errorf("Error making Read request on Azure ApplicationGateway %s: %+v", name, err) @@ -1294,7 +1292,7 @@ func expandApplicationGatewayAuthenticationCertificates(d *schema.ResourceData) data := raw["data"].(string) // data must be base64 encoded - data = base64.StdEncoding.EncodeToString([]byte(data)) + data = base64Encode(data) cert := network.ApplicationGatewayAuthenticationCertificate{ Name: &name, @@ -1321,7 +1319,7 @@ func expandApplicationGatewaySslCertificates(d *schema.ResourceData) *[]network. password := raw["password"].(string) // data must be base64 encoded - data = base64.StdEncoding.EncodeToString([]byte(data)) + data = base64Encode(data) cert := network.ApplicationGatewaySslCertificate{ Name: &name, @@ -1480,6 +1478,7 @@ func flattenApplicationGatewayBackendHTTPSettings(backendSettings *[]network.App authCerts := make([]interface{}, 0, len(*config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.AuthenticationCertificates)) for _, config := range *config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.AuthenticationCertificates { + authCert := map[string]interface{}{ "name": path.Base(*config.ID), "id": *config.ID, diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 3bf4afca7487..179af2dfc3af 100755 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -3,6 +3,7 @@ package azurerm import ( "fmt" "net/http" + "os" "testing" "github.com/hashicorp/terraform/helper/acctest" @@ -136,6 +137,11 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { func TestAccAzureRMApplicationGateway_waf(t *testing.T) { ri := acctest.RandInt() + subscriptionID := os.Getenv("ARM_SUBSCRIPTION_ID") + gwID := fmt.Sprintf( + "/subscriptions/%s/resourceGroups/acctestrg-%d/providers/Microsoft.Network/applicationGateways/acctestgw-%d", + subscriptionID, ri, ri) + resource.Test(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, Providers: testAccProviders, @@ -150,6 +156,7 @@ func TestAccAzureRMApplicationGateway_waf(t *testing.T) { Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), + resource.TestCheckResourceAttr("azurerm_application_gateway.test", "id", gwID), ), }, }, @@ -181,7 +188,7 @@ func testCheckAzureRMApplicationGatewayExists(name string) resource.TestCheckFun return fmt.Errorf("Bad: App Gateway %q (resource group: %q) does not exist", ApplicationGatewayName, resourceGroup) } - return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %s", err) + return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %+v", err) } return nil @@ -213,7 +220,7 @@ func testCheckAzureRMApplicationGatewaySslCertificateAssigned(name string, certN return fmt.Errorf("Bad: App Gateway %q (resource group: %q) does not exist", ApplicationGatewayName, resourceGroup) } - return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %s", err) + return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %+v", err) } var certId *string @@ -263,7 +270,7 @@ func testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned(name st return fmt.Errorf("Bad: App Gateway %q (resource group: %q) does not exist", ApplicationGatewayName, resourceGroup) } - return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %s", err) + return fmt.Errorf("Bad: Get on ApplicationGatewayClient: %+v", err) } var certId *string @@ -333,7 +340,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "vnet" + name = "acctest-vnet" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -347,7 +354,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "public-ip" + name = "acctest-public-ip" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -524,7 +531,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "vnet" + name = "acctest-vnet" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -538,7 +545,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "public-ip" + name = "acctest-public-ip" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -715,7 +722,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "vnet" + name = "acctest-vnet" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -729,7 +736,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "public-ip" + name = "acctest-public-ip" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -928,7 +935,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "vnet" + name = "acctest-vnet" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -942,7 +949,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "public-ip" + name = "acctest-public-ip" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -1141,7 +1148,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "vnet" + name = "acctest-vnet" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -1155,7 +1162,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "public-ip" + name = "acctest-public-ip" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" From 520d335d9eae29c39c6feb02cc75e0cca3461c12 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Thu, 17 Aug 2017 10:06:12 -0700 Subject: [PATCH 12/19] switched flatten func's from using path.Base to parseAzureResourceID and id.Path --- azurerm/resource_arm_application_gateway.go | 107 ++++++++++++++------ 1 file changed, 77 insertions(+), 30 deletions(-) diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 984dcddf4191..2a5e181c0527 100644 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -4,7 +4,6 @@ import ( "bytes" "fmt" "log" - "path" // "time" "github.com/Azure/azure-sdk-for-go/arm/network" @@ -764,13 +763,32 @@ func resourceArmApplicationGatewayRead(d *schema.ResourceData, meta interface{}) d.Set("frontend_ip_configuration", flattenApplicationGatewayFrontendIPConfigurations(ApplicationGateway.ApplicationGatewayPropertiesFormat.FrontendIPConfigurations)) d.Set("backend_address_pool", flattenApplicationGatewayBackendAddressPools(ApplicationGateway.ApplicationGatewayPropertiesFormat.BackendAddressPools)) - d.Set("backend_http_settings", flattenApplicationGatewayBackendHTTPSettings(ApplicationGateway.ApplicationGatewayPropertiesFormat.BackendHTTPSettingsCollection)) + v1, err1 := flattenApplicationGatewayBackendHTTPSettings(ApplicationGateway.ApplicationGatewayPropertiesFormat.BackendHTTPSettingsCollection) + if err1 != nil { + return fmt.Errorf("error flattening BackendHTTPSettings: %+v", err1) + } + d.Set("backend_http_settings", v1) - d.Set("http_listener", flattenApplicationGatewayHTTPListeners(ApplicationGateway.ApplicationGatewayPropertiesFormat.HTTPListeners)) + v2, err2 := flattenApplicationGatewayHTTPListeners(ApplicationGateway.ApplicationGatewayPropertiesFormat.HTTPListeners) + if err2 != nil { + return fmt.Errorf("error flattening HTTPListeners: %+v", err2) + } + d.Set("http_listener", v2) d.Set("probe", flattenApplicationGatewayProbes(ApplicationGateway.ApplicationGatewayPropertiesFormat.Probes)) - d.Set("request_routing_rule", flattenApplicationGatewayRequestRoutingRules(ApplicationGateway.ApplicationGatewayPropertiesFormat.RequestRoutingRules)) - d.Set("url_path_map", flattenApplicationGatewayURLPathMaps(ApplicationGateway.ApplicationGatewayPropertiesFormat.URLPathMaps)) + + v3, err3 := flattenApplicationGatewayRequestRoutingRules(ApplicationGateway.ApplicationGatewayPropertiesFormat.RequestRoutingRules) + if err3 != nil { + return fmt.Errorf("error flattening RequestRoutingRules: %+v", err3) + } + d.Set("request_routing_rule", v3) + + v4, err4 := flattenApplicationGatewayURLPathMaps(ApplicationGateway.ApplicationGatewayPropertiesFormat.URLPathMaps) + if err4 != nil { + return fmt.Errorf("error flattening URLPathMaps: %+v", err4) + } + d.Set("url_path_map", v4) + d.Set("authentication_certificate", schema.NewSet(hashApplicationGatewayAuthenticationCertificates, flattenApplicationGatewayAuthenticationCertificates(ApplicationGateway.ApplicationGatewayPropertiesFormat.AuthenticationCertificates))) d.Set("ssl_certificate", schema.NewSet(hashApplicationGatewaySslCertificates, flattenApplicationGatewaySslCertificates(ApplicationGateway.ApplicationGatewayPropertiesFormat.SslCertificates))) @@ -1461,7 +1479,7 @@ func flattenApplicationGatewayBackendAddressPools(poolConfigs *[]network.Applica return result } -func flattenApplicationGatewayBackendHTTPSettings(backendSettings *[]network.ApplicationGatewayBackendHTTPSettings) []interface{} { +func flattenApplicationGatewayBackendHTTPSettings(backendSettings *[]network.ApplicationGatewayBackendHTTPSettings) ([]interface{}, error) { result := make([]interface{}, 0, len(*backendSettings)) for _, config := range *backendSettings { @@ -1478,9 +1496,13 @@ func flattenApplicationGatewayBackendHTTPSettings(backendSettings *[]network.App authCerts := make([]interface{}, 0, len(*config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.AuthenticationCertificates)) for _, config := range *config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.AuthenticationCertificates { + id, err := parseAzureResourceID(*config.ID) + if err != nil { + return result, err + } authCert := map[string]interface{}{ - "name": path.Base(*config.ID), + "name": id.Path["name"], "id": *config.ID, } @@ -1491,26 +1513,36 @@ func flattenApplicationGatewayBackendHTTPSettings(backendSettings *[]network.App } if config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Probe != nil { - settings["probe_name"] = path.Base(*config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Probe.ID) + id, err := parseAzureResourceID(*config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Probe.ID) + if err != nil { + return result, err + } + + settings["probe_name"] = id.Path["name"] settings["probe_id"] = *config.ApplicationGatewayBackendHTTPSettingsPropertiesFormat.Probe.ID } result = append(result, settings) } - return result + return result, nil } -func flattenApplicationGatewayHTTPListeners(httpListeners *[]network.ApplicationGatewayHTTPListener) []interface{} { +func flattenApplicationGatewayHTTPListeners(httpListeners *[]network.ApplicationGatewayHTTPListener) ([]interface{}, error) { result := make([]interface{}, 0, len(*httpListeners)) for _, config := range *httpListeners { + id, err := parseAzureResourceID(*config.ID) + if err != nil { + return result, err + } + listener := map[string]interface{}{ "id": *config.ID, "name": *config.Name, "frontend_ip_configuration_id": *config.ApplicationGatewayHTTPListenerPropertiesFormat.FrontendIPConfiguration.ID, - "frontend_ip_configuration_name": path.Base(*config.ApplicationGatewayHTTPListenerPropertiesFormat.FrontendIPConfiguration.ID), - "frontend_port_name": path.Base(*config.ApplicationGatewayHTTPListenerPropertiesFormat.FrontendPort.ID), + "frontend_ip_configuration_name": id.Path["frontendIPName"], + "frontend_port_name": id.Path["frontEndPortName"], "frontend_port_id": *config.ApplicationGatewayHTTPListenerPropertiesFormat.FrontendPort.ID, "protocol": string(config.ApplicationGatewayHTTPListenerPropertiesFormat.Protocol), } @@ -1520,7 +1552,12 @@ func flattenApplicationGatewayHTTPListeners(httpListeners *[]network.Application } if config.ApplicationGatewayHTTPListenerPropertiesFormat.SslCertificate != nil { - listener["ssl_certificate_name"] = path.Base(*config.ApplicationGatewayHTTPListenerPropertiesFormat.SslCertificate.ID) + id, err := parseAzureResourceID(*config.ApplicationGatewayHTTPListenerPropertiesFormat.SslCertificate.ID) + if err != nil { + return result, err + } + + listener["ssl_certificate_name"] = id.Path["sslCertFriendlyName"] listener["ssl_certificate_id"] = *config.ApplicationGatewayHTTPListenerPropertiesFormat.SslCertificate.ID } @@ -1531,7 +1568,7 @@ func flattenApplicationGatewayHTTPListeners(httpListeners *[]network.Application result = append(result, listener) } - return result + return result, nil } func flattenApplicationGatewayProbes(probes *[]network.ApplicationGatewayProbe) []interface{} { @@ -1555,72 +1592,82 @@ func flattenApplicationGatewayProbes(probes *[]network.ApplicationGatewayProbe) return result } -func flattenApplicationGatewayRequestRoutingRules(rules *[]network.ApplicationGatewayRequestRoutingRule) []interface{} { +func flattenApplicationGatewayRequestRoutingRules(rules *[]network.ApplicationGatewayRequestRoutingRule) ([]interface{}, error) { result := make([]interface{}, 0, len(*rules)) for _, config := range *rules { + id, err := parseAzureResourceID(*config.ID) + if err != nil { + return result, err + } + listener := map[string]interface{}{ "id": *config.ID, "name": *config.Name, "rule_type": string(config.ApplicationGatewayRequestRoutingRulePropertiesFormat.RuleType), "http_listener_id": *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.HTTPListener.ID, - "http_listener_name": path.Base(*config.ApplicationGatewayRequestRoutingRulePropertiesFormat.HTTPListener.ID), + "http_listener_name": id.Path["listenerName"], } if config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendAddressPool != nil { - listener["backend_address_pool_name"] = path.Base(*config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendAddressPool.ID) + listener["backend_address_pool_name"] = id.Path["backendPoolName"] listener["backend_address_pool_id"] = *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendAddressPool.ID } if config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendHTTPSettings != nil { - listener["backend_http_settings_name"] = path.Base(*config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendHTTPSettings.ID) + listener["backend_http_settings_name"] = id.Path["backendHttpSettingsName"] listener["backend_http_settings_id"] = *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendHTTPSettings.ID } - if config.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap != nil { - listener["url_path_map_name"] = path.Base(*config.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap.ID) - listener["url_path_map_id"] = *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap.ID - } - result = append(result, listener) } - return result + return result, nil } -func flattenApplicationGatewayURLPathMaps(pathMaps *[]network.ApplicationGatewayURLPathMap) []interface{} { +func flattenApplicationGatewayURLPathMaps(pathMaps *[]network.ApplicationGatewayURLPathMap) ([]interface{}, error) { result := make([]interface{}, 0, len(*pathMaps)) for _, config := range *pathMaps { + id, err := parseAzureResourceID(*config.ID) + if err != nil { + return result, err + } + pathMap := map[string]interface{}{ "id": *config.ID, "name": *config.Name, } if config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendAddressPool != nil { - pathMap["default_backend_address_pool_name"] = path.Base(*config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendAddressPool.ID) + pathMap["default_backend_address_pool_name"] = id.Path["poolName"] pathMap["default_backend_address_pool_id"] = *config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendAddressPool.ID } if config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendHTTPSettings != nil { - pathMap["default_backend_http_settings_name"] = path.Base(*config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendHTTPSettings.ID) + pathMap["default_backend_http_settings_name"] = id.Path["settingsName"] pathMap["default_backend_http_settings_id"] = *config.ApplicationGatewayURLPathMapPropertiesFormat.DefaultBackendHTTPSettings.ID } pathRules := make([]interface{}, 0, len(*config.ApplicationGatewayURLPathMapPropertiesFormat.PathRules)) for _, pathRuleConfig := range *config.ApplicationGatewayURLPathMapPropertiesFormat.PathRules { + id, err := parseAzureResourceID(*pathRuleConfig.ID) + if err != nil { + return result, err + } + rule := map[string]interface{}{ "id": *pathRuleConfig.ID, "name": *pathRuleConfig.Name, } if pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendAddressPool != nil { - rule["backend_address_pool_name"] = path.Base(*pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendAddressPool.ID) + rule["backend_address_pool_name"] = id.Path["poolName2"] rule["backend_address_pool_id"] = *pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendAddressPool.ID } if pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendHTTPSettings != nil { - rule["backend_http_settings_name"] = path.Base(*pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendHTTPSettings.ID) + rule["backend_http_settings_name"] = id.Path["settingsName2"] rule["backend_http_settings_id"] = *pathRuleConfig.ApplicationGatewayPathRulePropertiesFormat.BackendHTTPSettings.ID } @@ -1637,7 +1684,7 @@ func flattenApplicationGatewayURLPathMaps(pathMaps *[]network.ApplicationGateway result = append(result, pathMap) } - return result + return result, nil } func flattenApplicationGatewayAuthenticationCertificates(certs *[]network.ApplicationGatewayAuthenticationCertificate) []interface{} { From 872083197be7acd2abb0943724cf3b443a512aa3 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Thu, 17 Aug 2017 13:57:41 -0700 Subject: [PATCH 13/19] Starting to make documentation changes for Application Gateway --- .../resource_arm_application_gateway_test.go | 30 ++--- website/azurerm.erb | 4 + .../docs/r/application_gateway.html.markdown | 103 ++++++++++++++++++ 3 files changed, 122 insertions(+), 15 deletions(-) create mode 100644 website/docs/r/application_gateway.html.markdown diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index 179af2dfc3af..a4d57a4f08d1 100755 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -340,7 +340,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "acctest-vnet" + name = "acctest-vnet-%d" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -354,7 +354,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "acctest-public-ip" + name = "acctest-pubip-%d" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -516,7 +516,7 @@ resource "azurerm_application_gateway" "test" { environment = "tf01" } } -`, rInt, rInt) +`, rInt, rInt, rInt, rInt) } <<<<<<< HEAD @@ -531,7 +531,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "acctest-vnet" + name = "acctest-vnet-%d" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -545,7 +545,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "acctest-public-ip" + name = "acctest-pubip-%d" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -707,7 +707,7 @@ resource "azurerm_application_gateway" "test" { environment = "tf01" } } -`, rInt, rInt) +`, rInt, rInt, rInt, rInt) } <<<<<<< HEAD @@ -722,7 +722,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "acctest-vnet" + name = "acctest-vnet-%d" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -736,7 +736,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "acctest-public-ip" + name = "acctest-pubip-%d" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -920,7 +920,7 @@ resource "azurerm_application_gateway" "test" { environment = "tf01" } } -`, rInt, rInt) +`, rInt, rInt, rInt, rInt) } <<<<<<< HEAD @@ -935,7 +935,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "acctest-vnet" + name = "acctest-vnet-%d" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -949,7 +949,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "acctest-public-ip" + name = "acctest-pubip-%d" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -1133,7 +1133,7 @@ resource "azurerm_application_gateway" "test" { environment = "tf01" } } -`, rInt, rInt) +`, rInt, rInt, rInt, rInt) } <<<<<<< HEAD @@ -1148,7 +1148,7 @@ resource "azurerm_resource_group" "test" { } resource "azurerm_virtual_network" "test" { - name = "acctest-vnet" + name = "acctest-vnet-%d" resource_group_name = "${azurerm_resource_group.test.name}" address_space = ["10.254.0.0/16"] location = "${azurerm_resource_group.test.location}" @@ -1162,7 +1162,7 @@ resource "azurerm_subnet" "test" { } resource "azurerm_public_ip" "test" { - name = "acctest-public-ip" + name = "acctest-pubip-%d" location = "${azurerm_resource_group.test.location}" resource_group_name = "${azurerm_resource_group.test.name}" public_ip_address_allocation = "dynamic" @@ -1334,5 +1334,5 @@ resource "azurerm_application_gateway" "test" { environment = "tf01" } } -`, rInt, rInt) +`, rInt, rInt, rInt, rInt) } diff --git a/website/azurerm.erb b/website/azurerm.erb index e79f460e1132..22a061c780d3 100644 --- a/website/azurerm.erb +++ b/website/azurerm.erb @@ -349,6 +349,10 @@ Network Resources
    + > + azurerm_application_gateway + + > azurerm_express_route_circuit diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown new file mode 100644 index 000000000000..95fd6dfb6923 --- /dev/null +++ b/website/docs/r/application_gateway.html.markdown @@ -0,0 +1,103 @@ +--- +layout: "azurerm" +page_title: "Azure Resource Manager: azure_application_gateway" +sidebar_current: "docs-azurerm-resource-application-gateway" +description: |- + Creates a new application gateway based on a previously created virtual network with configured subnets. +--- + +# azurerm\_application\_gateway + +Creates a new application gateway ibased on a previously created virtual network with configured subnets. + +~> **NOTE on Application Gateways:** Terraform currently +provides both a standalone [Subnet resource](subnet.html), and allows for Subnets to be defined in-line within the [Virtual Network resource](virtual_network.html). +At this time you cannot use a Virtual Network with in-line Subnets in conjunction with any Subnet resources. Doing so will cause a conflict of Subnet configurations and will overwrite Subnet's. + +## Example Usage + +```hcl +resource "azurerm_virtual_network" "test" { + name = "virtualNetwork1" + resource_group_name = "${azurerm_resource_group.test.name}" + address_space = ["10.0.0.0/16"] + location = "West US" + dns_servers = ["10.0.0.4", "10.0.0.5"] + + subnet { + name = "subnet1" + address_prefix = "10.0.1.0/24" + } + + subnet { + name = "subnet2" + address_prefix = "10.0.2.0/24" + } + + subnet { + name = "subnet3" + address_prefix = "10.0.3.0/24" + security_group = "${azurerm_network_security_group.test.id}" + } + + tags { + environment = "Production" + } +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) The name of the virtual network. Changing this forces a + new resource to be created. + +* `resource_group_name` - (Required) The name of the resource group in which to + create the virtual network. + +* `address_space` - (Required) The address space that is used the virtual + network. You can supply more than one address space. Changing this forces + a new resource to be created. + +* `location` - (Required) The location/region where the virtual network is + created. Changing this forces a new resource to be created. + +* `dns_servers` - (Optional) List of IP addresses of DNS servers + +* `subnet` - (Optional) Can be specified multiple times to define multiple + subnets. Each `subnet` block supports fields documented below. + +* `tags` - (Optional) A mapping of tags to assign to the resource. + +The `subnet` block supports: + +* `name` - (Required) The name of the subnet. + +* `address_prefix` - (Required) The address prefix to use for the subnet. + +* `security_group` - (Optional) The Network Security Group to associate with + the subnet. (Referenced by `id`, ie. `azurerm_network_security_group.test.id`) + +## Attributes Reference + +The following attributes are exported: + +* `id` - The virtual NetworkConfiguration ID. + +* `name` - The name of the virtual network. + +* `resource_group_name` - The name of the resource group in which to create the virtual network. + +* `location` - The location/region where the virtual network is created + +* `address_space` - The address space that is used the virtual network. + + +## Import + +Virtual Networks can be imported using the `resource id`, e.g. + +``` +terraform import azurerm_virtual_network.testNetwork /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/virtualNetworks/myvnet1 +``` From 01221a81657515723e52b8c1ad689f2e753e5757 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Thu, 17 Aug 2017 15:35:30 -0700 Subject: [PATCH 14/19] testing markdown changes --- .../docs/r/application_gateway.html.markdown | 102 ++++++++++++++---- 1 file changed, 82 insertions(+), 20 deletions(-) diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 95fd6dfb6923..57bd95937fb3 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -17,32 +17,94 @@ At this time you cannot use a Virtual Network with in-line Subnets in conjunctio ## Example Usage ```hcl -resource "azurerm_virtual_network" "test" { - name = "virtualNetwork1" - resource_group_name = "${azurerm_resource_group.test.name}" - address_space = ["10.0.0.0/16"] - location = "West US" - dns_servers = ["10.0.0.4", "10.0.0.5"] +# Create a resource group +resource "azurerm_resource_group" "rg" { + name = "my-rg-application-gateway-12345" + location = "West US" +} + +# Create a virtual network in the web_servers resource group +resource "azurerm_virtual_network" "vnet" { + name = "my-vnet-12345" + resource_group_name = "${azurerm_resource_group.rg.name}" + address_space = ["10.254.0.0/16"] + location = "${azurerm_resource_group.rg.location}" +} - subnet { - name = "subnet1" - address_prefix = "10.0.1.0/24" - } +resource "azurerm_subnet" "sub1" { + name = "my-subnet-1" + resource_group_name = "${azurerm_resource_group.rg.name}" + virtual_network_name = "${azurerm_virtual_network.vnet.name}" + address_prefix = "10.254.0.0/24" +} - subnet { - name = "subnet2" - address_prefix = "10.0.2.0/24" - } +resource "azurerm_subnet" "sub2" { + name = "my-subnet-2" + resource_group_name = "${azurerm_resource_group.rg.name}" + virtual_network_name = "${azurerm_virtual_network.vnet.name}" + address_prefix = "10.254.2.0/24" +} + +resource "azurerm_public_ip" "pip" { + name = "my-pip-12345" + location = "${azurerm_resource_group.rg.location}" + resource_group_name = "${azurerm_resource_group.rg.name}" + public_ip_address_allocation = "dynamic" +} - subnet { - name = "subnet3" - address_prefix = "10.0.3.0/24" - security_group = "${azurerm_network_security_group.test.id}" +# Create an application gateway +resource "azurerm_application_gateway" "network" { + name = "my-application-gateway-12345" + location = "West US" + resource_group_name = "${azurerm_resource_group.rg.name}" + + sku { + name = "Standard_Small" + tier = "Standard" + capacity = 2 + } + + gateway_ip_configuration { + name = "my-gateway-ip-configuration" + subnet_id = "${azurerm_virtual_network.vnet.id}/subnets/${azurerm_subnet.sub1.name}" + } + + frontend_port { + name = "my-frontend-port" + port = 80 + } + + frontend_ip_configuration { + name = "my-frontend-ip-configuration" + public_ip_address_id = "${azurerm_public_ip.pip.id}" } - tags { - environment = "Production" + backend_address_pool { + name = "my-backend-address-pool" + } + + backend_http_settings { + name = "${azurerm_virtual_network.vnet.name}-be-htst" + cookie_based_affinity = "Disabled" + port = 80 + protocol = "Http" + request_timeout = 1 } + + http_listener { + name = "${azurerm_virtual_network.vnet.name}-httplstn" + frontend_ip_configuration_name = "${azurerm_virtual_network.vnet.name}-feip" + frontend_port_name = "${azurerm_virtual_network.vnet.name}-feport" + protocol = "Http" + } + +request_routing_rule { + name = "${azurerm_virtual_network.vnet.name}-rqrt" + rule_type = "Basic" + http_listener_name = "${azurerm_virtual_network.vnet.name}-httplstn" + backend_address_pool_name = "${azurerm_virtual_network.vnet.name}-beap" + backend_http_settings_name = "${azurerm_virtual_network.vnet.name}-be-htst" +} } ``` From b3518a9ad631f223369ae4a84bea740e9ca09570 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Wed, 23 Aug 2017 23:00:02 -0400 Subject: [PATCH 15/19] further documentation changes for application gateway --- .../docs/r/application_gateway.html.markdown | 242 ++++++++++++++++-- 1 file changed, 214 insertions(+), 28 deletions(-) diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 57bd95937fb3..6e2d0c8a0d36 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -8,11 +8,10 @@ description: |- # azurerm\_application\_gateway -Creates a new application gateway ibased on a previously created virtual network with configured subnets. +Creates a new application gateway based on a previously created virtual network with configured subnets. -~> **NOTE on Application Gateways:** Terraform currently -provides both a standalone [Subnet resource](subnet.html), and allows for Subnets to be defined in-line within the [Virtual Network resource](virtual_network.html). -At this time you cannot use a Virtual Network with in-line Subnets in conjunction with any Subnet resources. Doing so will cause a conflict of Subnet configurations and will overwrite Subnet's. +~> **NOTE on Application Gateways:** TODO - Investigate routing rules and url path maps. +Sample reference format: [Subnet resource](subnet.html) TODO - other reference needed. ## Example Usage @@ -23,7 +22,7 @@ resource "azurerm_resource_group" "rg" { location = "West US" } -# Create a virtual network in the web_servers resource group +# Create a application gateway in the web_servers resource group resource "azurerm_virtual_network" "vnet" { name = "my-vnet-12345" resource_group_name = "${azurerm_resource_group.rg.name}" @@ -55,8 +54,8 @@ resource "azurerm_public_ip" "pip" { # Create an application gateway resource "azurerm_application_gateway" "network" { name = "my-application-gateway-12345" - location = "West US" resource_group_name = "${azurerm_resource_group.rg.name}" + location = "West US" sku { name = "Standard_Small" @@ -112,54 +111,241 @@ request_routing_rule { The following arguments are supported: -* `name` - (Required) The name of the virtual network. Changing this forces a +* `name` - (Required) The name of the application gateway. Changing this forces a new resource to be created. * `resource_group_name` - (Required) The name of the resource group in which to - create the virtual network. - -* `address_space` - (Required) The address space that is used the virtual - network. You can supply more than one address space. Changing this forces - a new resource to be created. + create the application gateway. -* `location` - (Required) The location/region where the virtual network is +* `location` - (Required) The location/region where the application gateway is created. Changing this forces a new resource to be created. -* `dns_servers` - (Optional) List of IP addresses of DNS servers +* `sku` - (Required) Specifies size, tier and capacity of the application gateway. Must be specified once. The `sku` block fields documented below. + +* `gateway_ip_configuration` - (Required) List of subnets that the application gateway is deployed into. The application gateway must be deployed into an existing virtual network/subnet. No other resource can be deployed in a subnet where application gateway is deployed. The `gateway_ip_configuration` block supports fields documented below. + +* `frontend_port` - (Required) Front-end port for the application gateway. The `frontend_port` block supports fields documented below. + +* `frontend_ip_configuration` - (Optional) Specifies lists of frontend IP configurations. Currently only one Public and/or one Private IP address can be specified. Also one frontendIpConfiguration element can specify either Public or Private IP address, not both. The `frontend_ip_configuration` block supports fields documented below. + +* `backend_address_pool` - (Required) Backend pools can be composed of NICs, virtual machine scale sets, public IPs, internal IPs, fully qualified domain names (FQDN), and multi-tenant back-ends like Azure Web Apps. Application Gateway backend pool members are not tied to an availability set. Members of backend pools can be across clusters, data centers, or outside of Azure as long as they have IP connectivity. The `backend_address_pool` block supports fields documented below. + +* `backend_http_settings` - (Required) Related group of backend http and/or https features to be applied when routing to backend address pools. The `backend_http_settings` block supports fields documented below. + +* `http_listener` - (Required) 1 or more listeners specifying port, http or https and SSL certificate (if configuring SSL offload) Each `http_listener` is attached to a `frontend_ip_configuration`. The `http_listener` block supports fields documented below. + +* `probe` - (Optional) Specifies list of URL probes. The `probe` block supports fields documented below. + +* `request_routing_rule` - (Required) Request routing rules can be either Basic or Path Based. Request routing rules are order sensitive. The `request_routing_rule` block supports fields documented below. + +* `url_path_map` - (Optional) UrlPathMaps give url Path to backend mapping information for PathBasedRouting specified in `request_routing_rule`. The `url_path_map` block supports fields documented below. + +* `authentication_certificate` - (Optional) List of authentication certificates. The `authentication_certificate` block supports fields documented below. + +* `ssl_certificate` - (Optional) List of ssl certificates. The `ssl_certificate` block supports fields documented below. + +* `waf_configuration` - (Optional) Web Application Firewall configuration settings. The `waf_configuration` block supports fields documented below. + +* `disabled_ssl_protocols` - TODO - based on "sslPolicy": {"disabledSslProtocols": []} + +TODO - what makes block fields optional/required? + +The `sku` block supports: + +* `name` - (Required) Supported values are: + * `Standard_Small` + * `Standard_Medium` + * `Standard_Large` + * `WAF_Medium` + * `WAF_Large` + +* `tier` - (Required) Supported values are: + * `Standard` + * `WAF` + +* `capacity` - (Required) Specifies instance count. Can be 1 to 10. + +The `gateway_ip_configuration` block supports: + +* `name` - (Required) User defined name of the gateway ip configuration. + +* `subnet_id` - (Required) Reference to a Subnet. Application Gateway is deployed in this subnet. No other resource can be deployed in a subnet where Application Gateway is deployed. + +The `frontend_port` block supports: + +* `name` - (Required) User defined name for frontend Port. + +* `port` - (Required) Port number. + +The `frontend_ip_configuration` block supports: + +* `name` - (Required) User defined name for a frontend IP configuration. + +* `subnet_id` - (Optional) Reference to a Subnet. +TODO - where is this in Azure? + +* `private_ip_address` - (Optional) Private IP Address. + +* `public_ip_address_id`- (Optional) Specifies resource Id of a Public Ip Address resource. IPAllocationMethod should be Dynamic. + +* `private_ip_address_allocation` - (Optional) Valid values are: + * `Dynamic` + * `Static` + +The `backend_address_pool` block supports: + +* `name` - (Required) User defined name for a backend address pool. + +* `ip_address_list` - (Optional) List of public IPAdresses, or internal IP addresses in a backend address pool. + +* `fqdn_list` - (Optional) List of FQDNs in a backend address pool. + +The `backend_http_settings` block supports: + +* `name` - (Required) User defined name for a backend http setting. + +* `port` - (Required) Backend port for backend address pool. + +* `protocol` - (Required) Valid values are: + * `Http` + * `Https` + +* `cookie_based_affinity` - (Required) Valid values are: + * `Enabled` + * `Disabled` + +* `request_timeout` - (Required) RequestTimeout in second. Application Gateway fails the request if response is not received within RequestTimeout. Minimum 1 second and Maximum 86400 secs. -* `subnet` - (Optional) Can be specified multiple times to define multiple - subnets. Each `subnet` block supports fields documented below. +* `probe_name` - (Optional) Reference to URL probe. -* `tags` - (Optional) A mapping of tags to assign to the resource. +* `authentication_certificate` - TODO - this doesn't seem to belong here -The `subnet` block supports: +The `http_listener` block supports: -* `name` - (Required) The name of the subnet. +* `name` - (Required) User defined name for a backend http setting. -* `address_prefix` - (Required) The address prefix to use for the subnet. +* `frontend_ip_configuration_name` - (Required) Reference to frontend Ip configuration. + +* `frontend_port_name` - (Required) Reference to frontend port. + +* `protocol` - (Required) Valid values are: + * `Http` + * `Https` + +* `host_name` - (Optional) HostName for `http_listener`. It has to be a valid DNS name. + +* `ssl_certificate_name` - (Optional) Reference to ssl certificate. Valid only if protocol is https. + +* `require_sni` - (Optional) Applicable only if protocol is https. Enables SNI for multi-hosting. +Valid values are: +* true +* false + +The `probe` block supports: + +* `name` - (Required) User defined name for a probe. + +* `protocol` - (Required) Protocol used to send probe. Valid values are: + * `Http` + * `Https` + +* `path` - (Required) Relative path of probe. Valid path starts from '/'. Probe is sent to \{Protocol}://\{host}:\{port}\{path} + +* `host` - (Required) Host name to send probe to. + +* `interval` - (Required) Probe interval in seconds. This is the time interval between two consecutive probes. Minimum 1 second and Maximum 86,400 secs. + +* `timeout` - (Required) Probe timeout in seconds. Probe marked as failed if valid response is not received with this timeout period. Minimum 1 second and Maximum 86,400 secs. + +* `unhealthy_threshold` - (Required) Probe retry count. Backend server is marked down after consecutive probe failure count reaches UnhealthyThreshold. Minimum 1 second and Maximum 20. + + +The `request_routing_rule` block supports: + +* `name` - (Required) User defined name for a request routing rule. + +* `rule_type' - (Required) Routing rule type. Valid values are: + * `Basic` + * `PathBasedRouting` + +* `http_listener_name` - (Required) Reference to `http_listener`. + +* `backend_address_pool_name` - (Optional) Reference to `backend_address_pool_name`. Valid for Basic Rule only. + +* `backend_http_settings_name` - (Optional) Reference to `backend_http_settings`. Valid for Basic Rule only. + +* `url_path_map_name` - (Optional) Reference to `url_path_map`. Valid for PathBasedRouting Rule only. + +The `url_path_map` block supports: + +* `name` - (Required) User defined name for a url path map. + +* `default_backend_address_pool_name` - (Required) Reference to `backend_address_pool_name`. + +* `default_backend_http_settings_name` - (Required) Reference to `backend_http_settings`. + +* `path_rule` - (Required) List of pathRules. pathRules are order sensitive. Are applied in order they are specified. + +The `path_rule` block supports: + +* `name` - (Required) User defined name for a path rule. + +* `paths` - (Required) The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here. + +* `backend_address_pool_name` - (Required) Reference to `backend_address_pool_name`. + +* `backend_http_settings_name` - (Required) Reference to `backend_http_settings`. + +The `authentication_certificate` block supports: + +* `name` - (Required) User defined name for an authentication certificate. + +* `data` - (Required) Base-64 encoded cer certificate. Only applicable in PUT Request. + +The `ssl_certificate` block supports: + +* `name` - (Required) User defined name for an SSL certificate. + +* `data` - (Required) Base-64 encoded Public cert data corresponding to pfx specified in data. Only applicable in GET request. + +* `password` - (Required) Password for the pfx file specified in data. Only applicable in PUT request. + +The `waf_configuration` block supports: + +* `name` - (Required) User defined name for a web application firewall. + +* `firewall_mode` - (Required) Firewall mode. Valid values are: + * `Detection` + * `Prevention` + +* `rule_set_type` - (Required) Rule set type. Must be set to `OWASP` + +* `rule_set_version` - (Required) Ruleset version. Supported values: + * `2.2.9` + * `3.0` -* `security_group` - (Optional) The Network Security Group to associate with - the subnet. (Referenced by `id`, ie. `azurerm_network_security_group.test.id`) ## Attributes Reference The following attributes are exported: -* `id` - The virtual NetworkConfiguration ID. +* `id` - The application gatewayConfiguration ID. -* `name` - The name of the virtual network. +* `name` - The name of the application gateway. -* `resource_group_name` - The name of the resource group in which to create the virtual network. +* `resource_group_name` - The name of the resource group in which to create the application gateway. -* `location` - The location/region where the virtual network is created +* `location` - The location/region where the application gateway is created -* `address_space` - The address space that is used the virtual network. +* `address_space` - The address space that is used the application gateway. ## Import -Virtual Networks can be imported using the `resource id`, e.g. +application gateways can be imported using the `resource id`, e.g. ``` terraform import azurerm_virtual_network.testNetwork /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/virtualNetworks/myvnet1 ``` + +TODO - Application Gateway attribute cross reference mechanism in HCL? From f3d26ff50d9b3980fc700dcf18647374cd7ddca3 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Wed, 23 Aug 2017 23:03:40 -0400 Subject: [PATCH 16/19] minor doc change - todo's outstanding --- website/docs/r/application_gateway.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 6e2d0c8a0d36..820b9da910aa 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -337,7 +337,6 @@ The following attributes are exported: * `location` - The location/region where the application gateway is created -* `address_space` - The address space that is used the application gateway. ## Import @@ -345,6 +344,7 @@ The following attributes are exported: application gateways can be imported using the `resource id`, e.g. ``` +TODO - correct this terraform import azurerm_virtual_network.testNetwork /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/virtualNetworks/myvnet1 ``` From 0a5f627d2d5c80a83d871effa8103907f52b1e3e Mon Sep 17 00:00:00 2001 From: Nick Roy Date: Fri, 22 Sep 2017 13:32:48 -0700 Subject: [PATCH 17/19] Fix referenced names in application gateway doc --- .../docs/r/application_gateway.html.markdown | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index 820b9da910aa..f4e49cc1e8ff 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -69,17 +69,17 @@ resource "azurerm_application_gateway" "network" { } frontend_port { - name = "my-frontend-port" + name = "${azurerm_virtual_network.vnet.name}-feport" port = 80 } frontend_ip_configuration { - name = "my-frontend-ip-configuration" + name = "${azurerm_virtual_network.vnet.name}-feip" public_ip_address_id = "${azurerm_public_ip.pip.id}" } backend_address_pool { - name = "my-backend-address-pool" + name = "${azurerm_virtual_network.vnet.name}-beap" } backend_http_settings { @@ -97,13 +97,13 @@ resource "azurerm_application_gateway" "network" { protocol = "Http" } -request_routing_rule { - name = "${azurerm_virtual_network.vnet.name}-rqrt" - rule_type = "Basic" - http_listener_name = "${azurerm_virtual_network.vnet.name}-httplstn" - backend_address_pool_name = "${azurerm_virtual_network.vnet.name}-beap" - backend_http_settings_name = "${azurerm_virtual_network.vnet.name}-be-htst" -} + request_routing_rule { + name = "${azurerm_virtual_network.vnet.name}-rqrt" + rule_type = "Basic" + http_listener_name = "${azurerm_virtual_network.vnet.name}-httplstn" + backend_address_pool_name = "${azurerm_virtual_network.vnet.name}-beap" + backend_http_settings_name = "${azurerm_virtual_network.vnet.name}-be-htst" + } } ``` From 97510626ce8750055d6326f4a94acc28df065b03 Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Tue, 26 Sep 2017 21:52:44 -0400 Subject: [PATCH 18/19] finalizing documentation --- azurerm/resource_arm_application_gateway.go | 9 +++++++-- website/docs/r/application_gateway.html.markdown | 15 ++++----------- 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 2a5e181c0527..143c78747444 100644 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -179,7 +179,7 @@ func resourceArmApplicationGateway() *schema.Resource { "frontend_ip_configuration": { Type: schema.TypeList, - Optional: true, + Required: true, MinItems: 1, Elem: &schema.Resource{ Schema: map[string]*schema.Schema{ @@ -304,7 +304,7 @@ func resourceArmApplicationGateway() *schema.Resource { "request_timeout": { Type: schema.TypeInt, - Required: true, + Optional: true, }, "authentication_certificate": { @@ -1619,6 +1619,11 @@ func flattenApplicationGatewayRequestRoutingRules(rules *[]network.ApplicationGa listener["backend_http_settings_id"] = *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.BackendHTTPSettings.ID } + if config.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap != nil { + listener["url_path_map_name"] = id.Path["urlPathMap"] + listener["url_path_map_id"] = *config.ApplicationGatewayRequestRoutingRulePropertiesFormat.URLPathMap.ID + } + result = append(result, listener) } diff --git a/website/docs/r/application_gateway.html.markdown b/website/docs/r/application_gateway.html.markdown index f4e49cc1e8ff..2c0a7027591d 100644 --- a/website/docs/r/application_gateway.html.markdown +++ b/website/docs/r/application_gateway.html.markdown @@ -10,9 +10,6 @@ description: |- Creates a new application gateway based on a previously created virtual network with configured subnets. -~> **NOTE on Application Gateways:** TODO - Investigate routing rules and url path maps. -Sample reference format: [Subnet resource](subnet.html) TODO - other reference needed. - ## Example Usage ```hcl @@ -126,7 +123,7 @@ The following arguments are supported: * `frontend_port` - (Required) Front-end port for the application gateway. The `frontend_port` block supports fields documented below. -* `frontend_ip_configuration` - (Optional) Specifies lists of frontend IP configurations. Currently only one Public and/or one Private IP address can be specified. Also one frontendIpConfiguration element can specify either Public or Private IP address, not both. The `frontend_ip_configuration` block supports fields documented below. +* `frontend_ip_configuration` - (Required) Specifies lists of frontend IP configurations. Currently only one Public and/or one Private IP address can be specified. Also one frontendIpConfiguration element can specify either Public or Private IP address, not both. The `frontend_ip_configuration` block supports fields documented below. * `backend_address_pool` - (Required) Backend pools can be composed of NICs, virtual machine scale sets, public IPs, internal IPs, fully qualified domain names (FQDN), and multi-tenant back-ends like Azure Web Apps. Application Gateway backend pool members are not tied to an availability set. Members of backend pools can be across clusters, data centers, or outside of Azure as long as they have IP connectivity. The `backend_address_pool` block supports fields documented below. @@ -148,8 +145,6 @@ The following arguments are supported: * `disabled_ssl_protocols` - TODO - based on "sslPolicy": {"disabledSslProtocols": []} -TODO - what makes block fields optional/required? - The `sku` block supports: * `name` - (Required) Supported values are: @@ -182,7 +177,6 @@ The `frontend_ip_configuration` block supports: * `name` - (Required) User defined name for a frontend IP configuration. * `subnet_id` - (Optional) Reference to a Subnet. -TODO - where is this in Azure? * `private_ip_address` - (Optional) Private IP Address. @@ -344,8 +338,7 @@ The following attributes are exported: application gateways can be imported using the `resource id`, e.g. ``` -TODO - correct this -terraform import azurerm_virtual_network.testNetwork /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/virtualNetworks/myvnet1 + +terraform import azurerm_application_gateway.testApplicationGateway /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/applicationGateways/myGateway1 + ``` - -TODO - Application Gateway attribute cross reference mechanism in HCL? From c9ce889e64a9bfaa354d32033a2e97b98e0b4bdd Mon Sep 17 00:00:00 2001 From: Gil ISAACS Date: Wed, 27 Sep 2017 15:29:38 -0400 Subject: [PATCH 19/19] rebasing again --- azurerm/config.go | 4 - azurerm/resource_arm_application_gateway.go | 34 +------ .../resource_arm_application_gateway_test.go | 99 ------------------- 3 files changed, 4 insertions(+), 133 deletions(-) diff --git a/azurerm/config.go b/azurerm/config.go index 4141bae92900..194f40c29028 100755 --- a/azurerm/config.go +++ b/azurerm/config.go @@ -321,11 +321,7 @@ func (c *Config) getArmClient() (*ArmClient, error) { agc := network.NewApplicationGatewaysClientWithBaseURI(endpoint, c.SubscriptionID) setUserAgent(&agc.Client) agc.Authorizer = auth -<<<<<<< HEAD agc.Sender = sender -======= - agc.Sender = autorest.CreateSender(withRequestLogging()) ->>>>>>> made sure files are added client.applicationGatewayClient = agc crc := containerregistry.NewRegistriesClientWithBaseURI(endpoint, c.SubscriptionID) diff --git a/azurerm/resource_arm_application_gateway.go b/azurerm/resource_arm_application_gateway.go index 143c78747444..8481ba37c32c 100644 --- a/azurerm/resource_arm_application_gateway.go +++ b/azurerm/resource_arm_application_gateway.go @@ -12,7 +12,7 @@ import ( "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/helper/validation" - "github.com/jen20/riviera/azure" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" ) func resourceArmApplicationGateway() *schema.Resource { @@ -712,8 +712,8 @@ func resourceArmApplicationGatewayCreate(d *schema.ResourceData, meta interface{ } gateway := network.ApplicationGateway{ - Name: azure.String(name), - Location: azure.String(location), + Name: utils.String(name), + Location: utils.String(location), Tags: expandTags(tags), ApplicationGatewayPropertiesFormat: &properties, } @@ -843,7 +843,7 @@ func retrieveApplicationGatewayById(ApplicationGatewayID string, meta interface{ resp, err := client.Get(resGroup, name) if err != nil { - if responseWasNotFound(resp.Response) { + if utils.ResponseWasNotFound(resp.Response) { return nil, false, nil } return nil, false, fmt.Errorf("Error making Read request on Azure ApplicationGateway %s: %+v", name, err) @@ -886,8 +886,6 @@ func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.Applicat enabled := waf["enabled"].(bool) mode := waf["firewall_mode"].(string) -<<<<<<< HEAD -<<<<<<< HEAD rulesettype := waf["rule_set_type"].(string) rulesetversion := waf["rule_set_version"].(string) @@ -896,22 +894,6 @@ func expandApplicationGatewayWafConfig(d *schema.ResourceData) *network.Applicat FirewallMode: network.ApplicationGatewayFirewallMode(mode), RuleSetType: &rulesettype, RuleSetVersion: &rulesetversion, -======= - - return &network.ApplicationGatewayWebApplicationFirewallConfiguration{ - Enabled: &enabled, - FirewallMode: network.ApplicationGatewayFirewallMode(mode), ->>>>>>> made sure files are added -======= - rulesettype := waf["rule_set_type"].(string) - rulesetversion := waf["rule_set_version"].(string) - - return &network.ApplicationGatewayWebApplicationFirewallConfiguration{ - Enabled: &enabled, - FirewallMode: network.ApplicationGatewayFirewallMode(mode), - RuleSetType: &rulesettype, - RuleSetVersion: &rulesetversion, ->>>>>>> changes based on reviewer feedback } } @@ -1368,16 +1350,8 @@ func flattenApplicationGatewayWafConfig(waf *network.ApplicationGatewayWebApplic result["enabled"] = *waf.Enabled result["firewall_mode"] = string(waf.FirewallMode) -<<<<<<< HEAD -<<<<<<< HEAD - result["rule_set_type"] = waf.RuleSetType - result["rule_set_version"] = waf.RuleSetVersion -======= ->>>>>>> made sure files are added -======= result["rule_set_type"] = waf.RuleSetType result["rule_set_version"] = waf.RuleSetVersion ->>>>>>> changes based on reviewer feedback return []interface{}{result} } diff --git a/azurerm/resource_arm_application_gateway_test.go b/azurerm/resource_arm_application_gateway_test.go index a4d57a4f08d1..f8ec0711385f 100755 --- a/azurerm/resource_arm_application_gateway_test.go +++ b/azurerm/resource_arm_application_gateway_test.go @@ -11,11 +11,7 @@ import ( "github.com/hashicorp/terraform/terraform" ) -<<<<<<< HEAD func TestAccAzureRMApplicationGateway_basic_base(t *testing.T) { -======= -func TestAccAzureRMApplicationGateway_basic(t *testing.T) { ->>>>>>> made sure files are added ri := acctest.RandInt() resource.Test(t, resource.TestCase{ @@ -24,11 +20,7 @@ func TestAccAzureRMApplicationGateway_basic(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { -<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic(ri), -======= - Config: TestAccAzureRMApplicationGateway_basic(ri), ->>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -47,11 +39,7 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { -<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic(ri), -======= - Config: TestAccAzureRMApplicationGateway_basic(ri), ->>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -59,11 +47,7 @@ func TestAccAzureRMApplicationGateway_basic_changeSslCert(t *testing.T) { Destroy: false, }, { -<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic_changeSslCert(ri), -======= - Config: TestAccAzureRMApplicationGateway_basic_changeSslCert(ri), ->>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-2"), @@ -82,11 +66,7 @@ func TestAccAzureRMApplicationGateway_basic_authCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { -<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic_authCert(ri), -======= - Config: TestAccAzureRMApplicationGateway_basic_authCert(ri), ->>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -106,11 +86,7 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { -<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic_authCert(ri), -======= - Config: TestAccAzureRMApplicationGateway_basic_authCert(ri), ->>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -119,11 +95,7 @@ func TestAccAzureRMApplicationGateway_basic_changeAuthCert(t *testing.T) { Destroy: false, }, { -<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_basic_changeAuthCert(ri), -======= - Config: TestAccAzureRMApplicationGateway_basic_changeAuthCert(ri), ->>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -148,11 +120,7 @@ func TestAccAzureRMApplicationGateway_waf(t *testing.T) { CheckDestroy: testCheckAzureRMApplicationGatewayDestroy, Steps: []resource.TestStep{ { -<<<<<<< HEAD Config: testAccAzureRMApplicationGateway_waf(ri), -======= - Config: TestAccAzureRMApplicationGateway_waf(ri), ->>>>>>> made sure files are added Check: resource.ComposeTestCheckFunc( testCheckAzureRMApplicationGatewayExists("azurerm_application_gateway.test"), testCheckAzureRMApplicationGatewaySslCertificateAssigned("azurerm_application_gateway.test", "ssl-1"), @@ -176,11 +144,7 @@ func testCheckAzureRMApplicationGatewayExists(name string) resource.TestCheckFun return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } -<<<<<<< HEAD conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient -======= - conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient ->>>>>>> made sure files are added resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -208,11 +172,7 @@ func testCheckAzureRMApplicationGatewaySslCertificateAssigned(name string, certN return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } -<<<<<<< HEAD conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient -======= - conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient ->>>>>>> made sure files are added resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -258,11 +218,7 @@ func testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned(name st return fmt.Errorf("Bad: no resource group found in state for App Gateway: %s", ApplicationGatewayName) } -<<<<<<< HEAD conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient -======= - conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient ->>>>>>> made sure files are added resp, err := conn.Get(resourceGroup, ApplicationGatewayName) if err != nil { @@ -300,11 +256,7 @@ func testCheckAzureRMApplicationGatewayAuthenticationCertificateAssigned(name st } func testCheckAzureRMApplicationGatewayDestroy(s *terraform.State) error { -<<<<<<< HEAD conn := testAccProvider.Meta().(*ArmClient).applicationGatewayClient -======= - conn := testAccProvider.Meta().(*ArmClient).ApplicationGatewayClient ->>>>>>> made sure files are added for _, rs := range s.RootModule().Resources { if rs.Type != "azurerm_application_gateway" { @@ -328,11 +280,7 @@ func testCheckAzureRMApplicationGatewayDestroy(s *terraform.State) error { return nil } -<<<<<<< HEAD func testAccAzureRMApplicationGateway_basic(rInt int) string { -======= -func TestAccAzureRMApplicationGateway_basic(rInt int) string { ->>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -504,11 +452,7 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-1" -<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" -======= - data = "${file("resource_arm_app_gateway_test.pfx")}" ->>>>>>> made sure files are added password = "terraform" } @@ -519,11 +463,7 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt, rInt, rInt) } -<<<<<<< HEAD func testAccAzureRMApplicationGateway_basic_changeSslCert(rInt int) string { -======= -func TestAccAzureRMApplicationGateway_basic_changeSslCert(rInt int) string { ->>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -695,11 +635,7 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-2" -<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" -======= - data = "${file("resource_arm_app_gateway_test.pfx")}" ->>>>>>> made sure files are added password = "terraform" } @@ -710,11 +646,7 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt, rInt, rInt) } -<<<<<<< HEAD func testAccAzureRMApplicationGateway_basic_authCert(rInt int) string { -======= -func TestAccAzureRMApplicationGateway_basic_authCert(rInt int) string { ->>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -898,21 +830,13 @@ resource "azurerm_application_gateway" "test" { authentication_certificate { name = "auth-1" -<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.cer")}" -======= - data = "${file("resource_arm_app_gateway_test.cer")}" ->>>>>>> made sure files are added } ssl_certificate { # id = computed name = "ssl-1" -<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" -======= - data = "${file("resource_arm_app_gateway_test.pfx")}" ->>>>>>> made sure files are added password = "terraform" } @@ -923,11 +847,7 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt, rInt, rInt) } -<<<<<<< HEAD func testAccAzureRMApplicationGateway_basic_changeAuthCert(rInt int) string { -======= -func TestAccAzureRMApplicationGateway_basic_changeAuthCert(rInt int) string { ->>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -1111,21 +1031,13 @@ resource "azurerm_application_gateway" "test" { authentication_certificate { name = "auth-2" -<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.cer")}" -======= - data = "${file("resource_arm_app_gateway_test.cer")}" ->>>>>>> made sure files are added } ssl_certificate { # id = computed name = "ssl-1" -<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" -======= - data = "${file("resource_arm_app_gateway_test.pfx")}" ->>>>>>> made sure files are added password = "terraform" } @@ -1136,11 +1048,7 @@ resource "azurerm_application_gateway" "test" { `, rInt, rInt, rInt, rInt) } -<<<<<<< HEAD func testAccAzureRMApplicationGateway_waf(rInt int) string { -======= -func TestAccAzureRMApplicationGateway_waf(rInt int) string { ->>>>>>> made sure files are added return fmt.Sprintf(` resource "azurerm_resource_group" "test" { name = "acctestrg-%d" @@ -1186,11 +1094,8 @@ resource "azurerm_application_gateway" "test" { waf_configuration { enabled = "true" firewall_mode = "Detection" -<<<<<<< HEAD rule_set_type = "OWASP" rule_set_version = "3.0" -======= ->>>>>>> made sure files are added } gateway_ip_configuration { @@ -1322,11 +1227,7 @@ resource "azurerm_application_gateway" "test" { ssl_certificate { # id = computed name = "ssl-1" -<<<<<<< HEAD data = "${file("resource_arm_application_gateway_test.pfx")}" -======= - data = "${file("resource_arm_app_gateway_test.pfx")}" ->>>>>>> made sure files are added password = "terraform" }