new resource /data source: azurerm_firewall_policy_rule_collection_group

Author: magodo

azurerm/internal/services/network/client/client.go

@@ -18,6 +18,7 @@ type Client struct {
 	ExpressRouteGatewaysClient           *network.ExpressRouteGatewaysClient
 	ExpressRoutePeeringsClient           *network.ExpressRouteCircuitPeeringsClient
 	FirewallPolicyClient                 *network.FirewallPoliciesClient
+	FirewallPolicyRuleGroupClient        *network.FirewallPolicyRuleCollectionGroupsClient
 	HubVirtualNetworkConnectionClient    *network.HubVirtualNetworkConnectionsClient
 	InterfacesClient                     *network.InterfacesClient
 	IPGroupsClient                       *network.IPGroupsClient
@@ -88,6 +89,9 @@ func NewClient(o *common.ClientOptions) *Client {
 	FirewallPolicyClient := network.NewFirewallPoliciesClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&FirewallPolicyClient.Client, o.ResourceManagerAuthorizer)
 
+	FirewallPolicyRuleGroupClient := network.NewFirewallPolicyRuleCollectionGroupsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
+	o.ConfigureClient(&FirewallPolicyRuleGroupClient.Client, o.ResourceManagerAuthorizer)
+
 	HubVirtualNetworkConnectionClient := network.NewHubVirtualNetworkConnectionsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&HubVirtualNetworkConnectionClient.Client, o.ResourceManagerAuthorizer)
 
@@ -202,6 +206,7 @@ func NewClient(o *common.ClientOptions) *Client {
 		ExpressRouteGatewaysClient:           &ExpressRouteGatewaysClient,
 		ExpressRoutePeeringsClient:           &ExpressRoutePeeringsClient,
 		FirewallPolicyClient:                 &FirewallPolicyClient,
+		FirewallPolicyRuleGroupClient:        &FirewallPolicyRuleGroupClient,
 		HubVirtualNetworkConnectionClient:    &HubVirtualNetworkConnectionClient,
 		InterfacesClient:                     &InterfacesClient,
 		IPGroupsClient:                       &IpGroupsClient,

azurerm/internal/services/network/firewall_policy_resource.go

@@ -6,6 +6,7 @@ import (
 	"time"
 
 	"github.com/hashicorp/go-azure-helpers/response"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/locks"
 
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/location"
 
@@ -23,6 +24,8 @@ import (
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
 )
 
+const azureFirewallPolicyResourceName = "azurerm_firewall_policy"
+
 func resourceArmFirewallPolicy() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceArmFirewallPolicyCreateUpdate,
@@ -192,6 +195,9 @@ func resourceArmFirewallPolicyCreateUpdate(d *schema.ResourceData, meta interfac
 		props.FirewallPolicyPropertiesFormat.BasePolicy = &network.SubResource{ID: utils.String(id.(string))}
 	}
 
+	locks.ByName(name, azureFirewallPolicyResourceName)
+	defer locks.UnlockByName(name, azureFirewallPolicyResourceName)
+
 	if _, err := client.CreateOrUpdate(ctx, resourceGroup, name, props); err != nil {
 		return fmt.Errorf("creating Firewall Policy %q (Resource Group %q): %+v", name, resourceGroup, err)
 	}
@@ -276,6 +282,9 @@ func resourceArmFirewallPolicyDelete(d *schema.ResourceData, meta interface{}) e
 		return err
 	}
 
+	locks.ByName(id.Name, azureFirewallPolicyResourceName)
+	defer locks.UnlockByName(id.Name, azureFirewallPolicyResourceName)
+
 	future, err := client.Delete(ctx, id.ResourceGroup, id.Name)
 	if err != nil {
 		return fmt.Errorf("deleting Firewall Policy %q (Resource Group %q): %+v", id.Name, id.ResourceGroup, err)

azurerm/internal/services/network/firewall_policy_rule_collection_group_data_source.go

@@ -0,0 +1,67 @@
+package network
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/network/parse"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/network/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func dataSourceArmFirewallPolicyRuleCollectionGroup() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceArmFirewallPolicyRuleCollectionGroupRead,
+
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(5 * time.Minute),
+		},
+
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validate.FirewallPolicyRuleCollectionGroupName(),
+			},
+
+			"firewall_policy_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.FirewallPolicyID,
+			},
+		},
+	}
+}
+
+func dataSourceArmFirewallPolicyRuleCollectionGroupRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Network.FirewallPolicyRuleGroupClient
+	ctx, cancel := timeouts.ForCreateUpdate(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	name := d.Get("name").(string)
+	policyId, err := parse.FirewallPolicyID(d.Get("firewall_policy_id").(string))
+	if err != nil {
+		return err
+	}
+
+	resp, err := client.Get(ctx, policyId.ResourceGroup, policyId.Name, name)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			return fmt.Errorf("Firewall Policy Rule Collection Group %q (Resource Group %q / Policy %q) was not found", name, policyId.ResourceGroup, policyId.Name)
+		}
+
+		return fmt.Errorf("retrieving Firewall Policy Rule Collection Group %q (Resource Group %q / Policy %q): %+v", name, policyId.ResourceGroup, policyId.Name, err)
+	}
+
+	if resp.ID == nil || *resp.ID == "" {
+		return fmt.Errorf("empty or nil ID returned for Firewall Policy Rule Collection Group %q (Resource Group %q / Policy %q) ID", name, policyId.ResourceGroup, policyId.Name)
+	}
+
+	d.SetId(*resp.ID)
+
+	return nil
+}