Merge pull request #9321 from robh007/wafregional-web-acl-datasource

d/aws_wafregional_web_acl: Add WAFRegional Web ACL lookup datasource
hashicorp · Jul 18, 2019 · 54136ee · 54136ee
2 parents 46fceb8 + aa59c67
commit 54136ee
Show file tree

Hide file tree

Showing 5 changed files with 150 additions and 0 deletions.
diff --git a/aws/data_source_aws_wafregional_web_acl.go b/aws/data_source_aws_wafregional_web_acl.go
@@ -0,0 +1,60 @@
+package aws
+
+import (
+	"fmt"
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/waf"
+	"github.com/hashicorp/terraform/helper/schema"
+)
+
+func dataSourceAwsWafRegionalWebAcl() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceAwsWafRegionalWebAclRead,
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:     schema.TypeString,
+				Required: true,
+			},
+		},
+	}
+}
+
+func dataSourceAwsWafRegionalWebAclRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).wafregionalconn
+	name := d.Get("name").(string)
+
+	acls := make([]*waf.WebACLSummary, 0)
+	// ListWebACLsInput does not have a name parameter for filtering
+	input := &waf.ListWebACLsInput{}
+	for {
+		output, err := conn.ListWebACLs(input)
+		if err != nil {
+			return fmt.Errorf("error reading web ACLs: %s", err)
+		}
+		for _, acl := range output.WebACLs {
+			if aws.StringValue(acl.Name) == name {
+				acls = append(acls, acl)
+			}
+		}
+
+		if output.NextMarker == nil {
+			break
+		}
+		input.NextMarker = output.NextMarker
+	}
+
+	if len(acls) == 0 {
+		return fmt.Errorf("web ACLs not found for name: %s", name)
+	}
+
+	if len(acls) > 1 {
+		return fmt.Errorf("multiple web ACLs found for name: %s", name)
+	}
+
+	acl := acls[0]
+
+	d.SetId(aws.StringValue(acl.WebACLId))
+
+	return nil
+}
diff --git a/aws/data_source_aws_wafregional_web_acl_test.go b/aws/data_source_aws_wafregional_web_acl_test.go
@@ -0,0 +1,56 @@
+package aws
+
+import (
+	"fmt"
+	"github.com/hashicorp/terraform/helper/acctest"
+	"regexp"
+	"testing"
+
+	"github.com/hashicorp/terraform/helper/resource"
+)
+
+func TestAccDataSourceAwsWafRegionalWebAcl_Basic(t *testing.T) {
+	name := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_wafregional_web_acl.web_acl"
+	datasourceName := "data.aws_wafregional_web_acl.web_acl"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config:      testAccDataSourceAwsWafRegionalWebAclConfig_NonExistent,
+				ExpectError: regexp.MustCompile(`web ACLs not found`),
+			},
+			{
+				Config: testAccDataSourceAwsWafRegionalWebAclConfig_Name(name),
+				Check: resource.ComposeTestCheckFunc(
+					resource.TestCheckResourceAttrPair(datasourceName, "id", resourceName, "id"),
+					resource.TestCheckResourceAttrPair(datasourceName, "name", resourceName, "name"),
+				),
+			},
+		},
+	})
+}
+
+func testAccDataSourceAwsWafRegionalWebAclConfig_Name(name string) string {
+	return fmt.Sprintf(`
+resource "aws_wafregional_web_acl" "web_acl" {
+  name        = %[1]q
+  metric_name = "tfWebACL"
+  default_action {
+    type = "ALLOW"
+  }
+}
+
+data "aws_wafregional_web_acl" "web_acl" {
+  name = "${aws_wafregional_web_acl.web_acl.name}"
+}
+`, name)
+}
+
+const testAccDataSourceAwsWafRegionalWebAclConfig_NonExistent = `
+data "aws_wafregional_web_acl" "web_acl" {
+  name = "tf-acc-test-does-not-exist"
+}
+`
diff --git a/aws/provider.go b/aws/provider.go
@@ -272,6 +272,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_vpc_endpoint_service":                      dataSourceAwsVpcEndpointService(),
 			"aws_vpc_peering_connection":                    dataSourceAwsVpcPeeringConnection(),
 			"aws_vpn_gateway":                               dataSourceAwsVpnGateway(),
+			"aws_wafregional_web_acl":                       dataSourceAwsWafRegionalWebAcl(),
 			"aws_workspaces_bundle":                         dataSourceAwsWorkspaceBundle(),
 
 			// Adding the Aliases for the ALB -> LB Rename

diff --git a/website/aws.erb b/website/aws.erb
@@ -451,6 +451,9 @@
                         <li>
                             <a href="/docs/providers/aws/d/vpn_gateway.html">aws_vpn_gateway</a>
                         </li>
+                        <li>
+                          <a href="/docs/providers/aws/d/wafregional_web_acl.html">aws_wafregional_web_acl</a>
+                        </li>
                         <li>
                             <a href="/docs/providers/aws/d/workspaces_bundle.html">aws_workspaces_bundle</a>
                         </li>

diff --git a/website/docs/d/wafregional_web_acl.html.markdown b/website/docs/d/wafregional_web_acl.html.markdown
@@ -0,0 +1,30 @@
+---
+layout: "aws"
+page_title: "AWS: aws_wafregional_web_acl"
+sidebar_current: "docs-aws-datasource-wafregional-web-acl"
+description: |-
+    Retrieves a WAF Regional Web ACL id.
+---
+
+# Data Source: aws_wafregional_web_acl
+
+`aws_wafregional_web_acl` Retrieves a WAF Regional Web ACL Resource Id.
+
+## Example Usage
+
+```hcl
+data "aws_wafregional_web_acl" "example" {
+    name = "tfWAFRule"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The name of the WAF Web ACL.
+
+## Attributes Reference
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - The ID of the WAF Regional WebACL.
-Original file line number
+Diff line change
@@ Expand Up / @@ -451,6 +451,9 @@ @@
                             <li>
                                 <a href="/docs/providers/aws/d/vpn_gateway.html">aws_vpn_gateway</a>
                             </li>
+                            <li>
+                              <a href="/docs/providers/aws/d/wafregional_web_acl.html">aws_wafregional_web_acl</a>
+                            </li>
                             <li>
                                 <a href="/docs/providers/aws/d/workspaces_bundle.html">aws_workspaces_bundle</a>
                             </li>
@@ Expand Down @@