|
| 1 | +/* |
| 2 | +Provides a resource to create a antiddos cc black white ip |
| 3 | +
|
| 4 | +Example Usage |
| 5 | +
|
| 6 | +```hcl |
| 7 | +resource "tencentcloud_antiddos_cc_black_white_ip" "cc_black_white_ip" { |
| 8 | + instance_id = "bgpip-xxxxxx" |
| 9 | + black_white_ip { |
| 10 | + ip = "1.2.3.5" |
| 11 | + mask = 0 |
| 12 | +
|
| 13 | + } |
| 14 | + type = "black" |
| 15 | + ip = "xxx.xxx.xxx.xxx" |
| 16 | + domain = "t.baidu.com" |
| 17 | + protocol = "http" |
| 18 | +} |
| 19 | +``` |
| 20 | +
|
| 21 | +Import |
| 22 | +
|
| 23 | +antiddos cc_black_white_ip can be imported using the id, e.g. |
| 24 | +
|
| 25 | +``` |
| 26 | +terraform import tencentcloud_antiddos_cc_black_white_ip.cc_black_white_ip ${instanceId}#${policyId}#${instanceIp}#${domain}#${protocol} |
| 27 | +``` |
| 28 | +*/ |
| 29 | +package tencentcloud |
| 30 | + |
| 31 | +import ( |
| 32 | + "context" |
| 33 | + "fmt" |
| 34 | + "log" |
| 35 | + "strings" |
| 36 | + |
| 37 | + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" |
| 38 | + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" |
| 39 | + antiddos "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/antiddos/v20200309" |
| 40 | + "github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper" |
| 41 | +) |
| 42 | + |
| 43 | +func resourceTencentCloudAntiddosCcBlackWhiteIp() *schema.Resource { |
| 44 | + return &schema.Resource{ |
| 45 | + Create: resourceTencentCloudAntiddosCcBlackWhiteIpCreate, |
| 46 | + Read: resourceTencentCloudAntiddosCcBlackWhiteIpRead, |
| 47 | + Delete: resourceTencentCloudAntiddosCcBlackWhiteIpDelete, |
| 48 | + Importer: &schema.ResourceImporter{ |
| 49 | + State: schema.ImportStatePassthrough, |
| 50 | + }, |
| 51 | + Schema: map[string]*schema.Schema{ |
| 52 | + "instance_id": { |
| 53 | + Required: true, |
| 54 | + ForceNew: true, |
| 55 | + Type: schema.TypeString, |
| 56 | + Description: "instance id.", |
| 57 | + }, |
| 58 | + |
| 59 | + "black_white_ip": { |
| 60 | + Required: true, |
| 61 | + ForceNew: true, |
| 62 | + Type: schema.TypeList, |
| 63 | + MaxItems: 1, |
| 64 | + Description: "Black white ip.", |
| 65 | + Elem: &schema.Resource{ |
| 66 | + Schema: map[string]*schema.Schema{ |
| 67 | + "ip": { |
| 68 | + Type: schema.TypeString, |
| 69 | + Required: true, |
| 70 | + Description: "ip address.", |
| 71 | + }, |
| 72 | + "mask": { |
| 73 | + Type: schema.TypeInt, |
| 74 | + Required: true, |
| 75 | + Description: "ip mask.", |
| 76 | + }, |
| 77 | + }, |
| 78 | + }, |
| 79 | + }, |
| 80 | + |
| 81 | + "type": { |
| 82 | + Required: true, |
| 83 | + ForceNew: true, |
| 84 | + Type: schema.TypeString, |
| 85 | + Description: "IP type, value [black(blacklist IP), white(whitelist IP)].", |
| 86 | + }, |
| 87 | + |
| 88 | + "ip": { |
| 89 | + Required: true, |
| 90 | + ForceNew: true, |
| 91 | + Type: schema.TypeString, |
| 92 | + Description: "ip address.", |
| 93 | + }, |
| 94 | + |
| 95 | + "domain": { |
| 96 | + Required: true, |
| 97 | + ForceNew: true, |
| 98 | + Type: schema.TypeString, |
| 99 | + Description: "domain.", |
| 100 | + }, |
| 101 | + |
| 102 | + "protocol": { |
| 103 | + Required: true, |
| 104 | + ForceNew: true, |
| 105 | + Type: schema.TypeString, |
| 106 | + Description: "protocol.", |
| 107 | + }, |
| 108 | + }, |
| 109 | + } |
| 110 | +} |
| 111 | + |
| 112 | +func resourceTencentCloudAntiddosCcBlackWhiteIpCreate(d *schema.ResourceData, meta interface{}) error { |
| 113 | + defer logElapsed("resource.tencentcloud_antiddos_cc_black_white_ip.create")() |
| 114 | + defer inconsistentCheck(d, meta)() |
| 115 | + |
| 116 | + logId := getLogId(contextNil) |
| 117 | + ctx := context.WithValue(context.TODO(), logIdKey, logId) |
| 118 | + |
| 119 | + var ( |
| 120 | + request = antiddos.NewCreateCcBlackWhiteIpListRequest() |
| 121 | + instanceId string |
| 122 | + domain string |
| 123 | + protocol string |
| 124 | + blackWhiteIpType string |
| 125 | + blackWhiteIp string |
| 126 | + ip string |
| 127 | + mask int |
| 128 | + ) |
| 129 | + if v, ok := d.GetOk("instance_id"); ok { |
| 130 | + instanceId = v.(string) |
| 131 | + request.InstanceId = helper.String(instanceId) |
| 132 | + } |
| 133 | + |
| 134 | + if dMap, ok := helper.InterfacesHeadMap(d, "black_white_ip"); ok { |
| 135 | + ipSegment := antiddos.IpSegment{} |
| 136 | + if v, ok := dMap["ip"]; ok { |
| 137 | + blackWhiteIp = v.(string) |
| 138 | + ipSegment.Ip = helper.String(blackWhiteIp) |
| 139 | + } |
| 140 | + if v, ok := dMap["mask"]; ok { |
| 141 | + mask = v.(int) |
| 142 | + ipSegment.Mask = helper.IntUint64(mask) |
| 143 | + } |
| 144 | + request.IpList = []*antiddos.IpSegment{&ipSegment} |
| 145 | + } |
| 146 | + |
| 147 | + if v, ok := d.GetOk("type"); ok { |
| 148 | + blackWhiteIpType = v.(string) |
| 149 | + request.Type = helper.String(blackWhiteIpType) |
| 150 | + } |
| 151 | + |
| 152 | + if v, ok := d.GetOk("ip"); ok { |
| 153 | + ip = v.(string) |
| 154 | + request.Ip = helper.String(ip) |
| 155 | + } |
| 156 | + |
| 157 | + if v, ok := d.GetOk("domain"); ok { |
| 158 | + domain = v.(string) |
| 159 | + request.Domain = helper.String(domain) |
| 160 | + } |
| 161 | + |
| 162 | + if v, ok := d.GetOk("protocol"); ok { |
| 163 | + protocol = v.(string) |
| 164 | + request.Protocol = helper.String(protocol) |
| 165 | + } |
| 166 | + |
| 167 | + err := resource.Retry(writeRetryTimeout, func() *resource.RetryError { |
| 168 | + result, e := meta.(*TencentCloudClient).apiV3Conn.UseAntiddosClient().CreateCcBlackWhiteIpList(request) |
| 169 | + if e != nil { |
| 170 | + return retryError(e) |
| 171 | + } else { |
| 172 | + log.Printf("[DEBUG]%s api[%s] success, request body [%s], response body [%s]\n", logId, request.GetAction(), request.ToJsonString(), result.ToJsonString()) |
| 173 | + } |
| 174 | + return nil |
| 175 | + }) |
| 176 | + if err != nil { |
| 177 | + log.Printf("[CRITAL]%s create antiddos ccBlackWhiteIp failed, reason:%+v", logId, err) |
| 178 | + return err |
| 179 | + } |
| 180 | + |
| 181 | + service := AntiddosService{client: meta.(*TencentCloudClient).apiV3Conn} |
| 182 | + ccBlackWhiteIps, err := service.DescribeAntiddosCcBlackWhiteIpById(ctx, "bgpip", instanceId, ip, domain, protocol) |
| 183 | + if err != nil { |
| 184 | + return err |
| 185 | + } |
| 186 | + var ccBlackWhiteIpPolicy *antiddos.CcBlackWhiteIpPolicy |
| 187 | + for _, ccBlackWhiteIp := range ccBlackWhiteIps { |
| 188 | + if *ccBlackWhiteIp.Domain != domain { |
| 189 | + continue |
| 190 | + } |
| 191 | + if *ccBlackWhiteIp.Protocol != protocol { |
| 192 | + continue |
| 193 | + } |
| 194 | + if *ccBlackWhiteIp.Type != blackWhiteIpType { |
| 195 | + continue |
| 196 | + } |
| 197 | + if *ccBlackWhiteIp.BlackWhiteIp != blackWhiteIp { |
| 198 | + continue |
| 199 | + } |
| 200 | + if int(*ccBlackWhiteIp.Mask) != mask { |
| 201 | + continue |
| 202 | + } |
| 203 | + if *ccBlackWhiteIp.Ip != ip { |
| 204 | + continue |
| 205 | + } |
| 206 | + ccBlackWhiteIpPolicy = ccBlackWhiteIp |
| 207 | + } |
| 208 | + |
| 209 | + if ccBlackWhiteIpPolicy == nil { |
| 210 | + d.SetId("") |
| 211 | + return fmt.Errorf("can not find cc black white ip policy") |
| 212 | + } |
| 213 | + |
| 214 | + d.SetId(strings.Join([]string{instanceId, *ccBlackWhiteIpPolicy.PolicyId, ip, domain, protocol}, FILED_SP)) |
| 215 | + |
| 216 | + return resourceTencentCloudAntiddosCcBlackWhiteIpRead(d, meta) |
| 217 | +} |
| 218 | + |
| 219 | +func resourceTencentCloudAntiddosCcBlackWhiteIpRead(d *schema.ResourceData, meta interface{}) error { |
| 220 | + defer logElapsed("resource.tencentcloud_antiddos_cc_black_white_ip.read")() |
| 221 | + defer inconsistentCheck(d, meta)() |
| 222 | + |
| 223 | + logId := getLogId(contextNil) |
| 224 | + |
| 225 | + ctx := context.WithValue(context.TODO(), logIdKey, logId) |
| 226 | + |
| 227 | + service := AntiddosService{client: meta.(*TencentCloudClient).apiV3Conn} |
| 228 | + |
| 229 | + idSplit := strings.Split(d.Id(), FILED_SP) |
| 230 | + if len(idSplit) != 5 { |
| 231 | + return fmt.Errorf("id is broken,%s", idSplit) |
| 232 | + } |
| 233 | + instanceId := idSplit[0] |
| 234 | + policyId := idSplit[1] |
| 235 | + ip := idSplit[2] |
| 236 | + domain := idSplit[3] |
| 237 | + protocol := idSplit[4] |
| 238 | + |
| 239 | + ccBlackWhiteIps, err := service.DescribeAntiddosCcBlackWhiteIpById(ctx, "bgpip", instanceId, ip, domain, protocol) |
| 240 | + if err != nil { |
| 241 | + return err |
| 242 | + } |
| 243 | + |
| 244 | + var ccBlackWhiteIp *antiddos.CcBlackWhiteIpPolicy |
| 245 | + for _, item := range ccBlackWhiteIps { |
| 246 | + if *item.PolicyId == policyId { |
| 247 | + ccBlackWhiteIp = item |
| 248 | + break |
| 249 | + } |
| 250 | + } |
| 251 | + if ccBlackWhiteIp == nil { |
| 252 | + d.SetId("") |
| 253 | + log.Printf("[WARN]%s resource `AntiddosCcBlackWhiteIp` [%s] not found, please check if it has been deleted.\n", logId, d.Id()) |
| 254 | + return nil |
| 255 | + } |
| 256 | + |
| 257 | + _ = d.Set("instance_id", instanceId) |
| 258 | + |
| 259 | + ipListMap := map[string]interface{}{} |
| 260 | + |
| 261 | + if ccBlackWhiteIp.BlackWhiteIp != nil { |
| 262 | + ipListMap["ip"] = ccBlackWhiteIp.BlackWhiteIp |
| 263 | + } |
| 264 | + |
| 265 | + if ccBlackWhiteIp.Mask != nil { |
| 266 | + ipListMap["mask"] = ccBlackWhiteIp.Mask |
| 267 | + } |
| 268 | + |
| 269 | + _ = d.Set("black_white_ip", []interface{}{ipListMap}) |
| 270 | + |
| 271 | + if ccBlackWhiteIp.Type != nil { |
| 272 | + _ = d.Set("type", ccBlackWhiteIp.Type) |
| 273 | + } |
| 274 | + |
| 275 | + if ccBlackWhiteIp.Ip != nil { |
| 276 | + _ = d.Set("ip", ccBlackWhiteIp.Ip) |
| 277 | + } |
| 278 | + |
| 279 | + if ccBlackWhiteIp.Domain != nil { |
| 280 | + _ = d.Set("domain", ccBlackWhiteIp.Domain) |
| 281 | + } |
| 282 | + |
| 283 | + if ccBlackWhiteIp.Protocol != nil { |
| 284 | + _ = d.Set("protocol", ccBlackWhiteIp.Protocol) |
| 285 | + } |
| 286 | + |
| 287 | + return nil |
| 288 | +} |
| 289 | + |
| 290 | +func resourceTencentCloudAntiddosCcBlackWhiteIpDelete(d *schema.ResourceData, meta interface{}) error { |
| 291 | + defer logElapsed("resource.tencentcloud_antiddos_cc_black_white_ip.delete")() |
| 292 | + defer inconsistentCheck(d, meta)() |
| 293 | + |
| 294 | + logId := getLogId(contextNil) |
| 295 | + ctx := context.WithValue(context.TODO(), logIdKey, logId) |
| 296 | + |
| 297 | + service := AntiddosService{client: meta.(*TencentCloudClient).apiV3Conn} |
| 298 | + idSplit := strings.Split(d.Id(), FILED_SP) |
| 299 | + if len(idSplit) != 5 { |
| 300 | + return fmt.Errorf("id is broken,%s", idSplit) |
| 301 | + } |
| 302 | + instanceId := idSplit[0] |
| 303 | + policyId := idSplit[1] |
| 304 | + |
| 305 | + if err := service.DeleteAntiddosCcBlackWhiteIpById(ctx, instanceId, policyId); err != nil { |
| 306 | + return err |
| 307 | + } |
| 308 | + |
| 309 | + return nil |
| 310 | +} |
0 commit comments