func ExampleWAF_UpdateIPSet() {
	svc := waf.New(session.New())

	params := &waf.UpdateIPSetInput{
		ChangeToken: aws.String("ChangeToken"), // Required
		IPSetId:     aws.String("ResourceId"),  // Required
		Updates: []*waf.IPSetUpdate{ // Required
			{ // Required
				Action: aws.String("ChangeAction"), // Required
				IPSetDescriptor: &waf.IPSetDescriptor{ // Required
					Type:  aws.String("IPSetDescriptorType"),  // Required
					Value: aws.String("IPSetDescriptorValue"), // Required
				},
			},
			// More values...
		},
	}
	resp, err := svc.UpdateIPSet(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_UpdateByteMatchSet() {
	svc := waf.New(nil)

	params := &waf.UpdateByteMatchSetInput{
		ByteMatchSetId: aws.String("ResourceId"),  // Required
		ChangeToken:    aws.String("ChangeToken"), // Required
		Updates: []*waf.ByteMatchSetUpdate{ // Required
			{ // Required
				Action: aws.String("ChangeAction"), // Required
				ByteMatchTuple: &waf.ByteMatchTuple{ // Required
					FieldToMatch: &waf.FieldToMatch{ // Required
						Type: aws.String("MatchFieldType"), // Required
						Data: aws.String("MatchFieldData"),
					},
					PositionalConstraint: aws.String("PositionalConstraint"), // Required
					TargetString:         []byte("PAYLOAD"),                  // Required
					TextTransformation:   aws.String("TextTransformation"),   // Required
				},
			},
			// More values...
		},
	}
	resp, err := svc.UpdateByteMatchSet(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_UpdateRule() {
	svc := waf.New(session.New())

	params := &waf.UpdateRuleInput{
		ChangeToken: aws.String("ChangeToken"), // Required
		RuleId:      aws.String("ResourceId"),  // Required
		Updates: []*waf.RuleUpdate{ // Required
			{ // Required
				Action: aws.String("ChangeAction"), // Required
				Predicate: &waf.Predicate{ // Required
					DataId:  aws.String("ResourceId"),    // Required
					Negated: aws.Bool(true),              // Required
					Type:    aws.String("PredicateType"), // Required
				},
			},
			// More values...
		},
	}
	resp, err := svc.UpdateRule(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
Exemple #4
0
func ExampleWAF_CreateSizeConstraintSet() {
	sess, err := session.NewSession()
	if err != nil {
		fmt.Println("failed to create session,", err)
		return
	}

	svc := waf.New(sess)

	params := &waf.CreateSizeConstraintSetInput{
		ChangeToken: aws.String("ChangeToken"),  // Required
		Name:        aws.String("ResourceName"), // Required
	}
	resp, err := svc.CreateSizeConstraintSet(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_UpdateWebACL() {
	svc := waf.New(session.New())

	params := &waf.UpdateWebACLInput{
		ChangeToken: aws.String("ChangeToken"), // Required
		WebACLId:    aws.String("ResourceId"),  // Required
		DefaultAction: &waf.WafAction{
			Type: aws.String("WafActionType"), // Required
		},
		Updates: []*waf.WebACLUpdate{
			{ // Required
				Action: aws.String("ChangeAction"), // Required
				ActivatedRule: &waf.ActivatedRule{ // Required
					Action: &waf.WafAction{ // Required
						Type: aws.String("WafActionType"), // Required
					},
					Priority: aws.Int64(1),             // Required
					RuleId:   aws.String("ResourceId"), // Required
				},
			},
			// More values...
		},
	}
	resp, err := svc.UpdateWebACL(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
Exemple #6
0
func ExampleWAF_ListXssMatchSets() {
	sess, err := session.NewSession()
	if err != nil {
		fmt.Println("failed to create session,", err)
		return
	}

	svc := waf.New(sess)

	params := &waf.ListXssMatchSetsInput{
		Limit:      aws.Int64(1), // Required
		NextMarker: aws.String("NextMarker"),
	}
	resp, err := svc.ListXssMatchSets(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
Exemple #7
0
func ExampleWAF_GetSampledRequests() {
	sess, err := session.NewSession()
	if err != nil {
		fmt.Println("failed to create session,", err)
		return
	}

	svc := waf.New(sess)

	params := &waf.GetSampledRequestsInput{
		MaxItems: aws.Int64(1),             // Required
		RuleId:   aws.String("ResourceId"), // Required
		TimeWindow: &waf.TimeWindow{ // Required
			EndTime:   aws.Time(time.Now()), // Required
			StartTime: aws.Time(time.Now()), // Required
		},
		WebAclId: aws.String("ResourceId"), // Required
	}
	resp, err := svc.GetSampledRequests(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
Exemple #8
0
func ExampleWAF_CreateWebACL() {
	sess, err := session.NewSession()
	if err != nil {
		fmt.Println("failed to create session,", err)
		return
	}

	svc := waf.New(sess)

	params := &waf.CreateWebACLInput{
		ChangeToken: aws.String("ChangeToken"), // Required
		DefaultAction: &waf.WafAction{ // Required
			Type: aws.String("WafActionType"), // Required
		},
		MetricName: aws.String("MetricName"),   // Required
		Name:       aws.String("ResourceName"), // Required
	}
	resp, err := svc.CreateWebACL(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_UpdateXssMatchSet() {
	svc := waf.New(session.New())

	params := &waf.UpdateXssMatchSetInput{
		ChangeToken: aws.String("ChangeToken"), // Required
		Updates: []*waf.XssMatchSetUpdate{ // Required
			{ // Required
				Action: aws.String("ChangeAction"), // Required
				XssMatchTuple: &waf.XssMatchTuple{ // Required
					FieldToMatch: &waf.FieldToMatch{ // Required
						Type: aws.String("MatchFieldType"), // Required
						Data: aws.String("MatchFieldData"),
					},
					TextTransformation: aws.String("TextTransformation"), // Required
				},
			},
			// More values...
		},
		XssMatchSetId: aws.String("ResourceId"), // Required
	}
	resp, err := svc.UpdateXssMatchSet(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_GetChangeToken() {
	svc := waf.New(session.New())

	var params *waf.GetChangeTokenInput
	resp, err := svc.GetChangeToken(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_GetXssMatchSet() {
	svc := waf.New(session.New())

	params := &waf.GetXssMatchSetInput{
		XssMatchSetId: aws.String("ResourceId"), // Required
	}
	resp, err := svc.GetXssMatchSet(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_GetChangeTokenStatus() {
	svc := waf.New(session.New())

	params := &waf.GetChangeTokenStatusInput{
		ChangeToken: aws.String("ChangeToken"), // Required
	}
	resp, err := svc.GetChangeTokenStatus(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_ListWebACLs() {
	svc := waf.New(session.New())

	params := &waf.ListWebACLsInput{
		Limit:      aws.Int64(1), // Required
		NextMarker: aws.String("NextMarker"),
	}
	resp, err := svc.ListWebACLs(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_CreateSqlInjectionMatchSet() {
	svc := waf.New(session.New())

	params := &waf.CreateSqlInjectionMatchSetInput{
		ChangeToken: aws.String("ChangeToken"),  // Required
		Name:        aws.String("ResourceName"), // Required
	}
	resp, err := svc.CreateSqlInjectionMatchSet(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func ExampleWAF_DeleteWebACL() {
	svc := waf.New(session.New())

	params := &waf.DeleteWebACLInput{
		ChangeToken: aws.String("ChangeToken"), // Required
		WebACLId:    aws.String("ResourceId"),  // Required
	}
	resp, err := svc.DeleteWebACL(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
Exemple #16
0
func ExampleWAF_UpdateSizeConstraintSet() {
	sess, err := session.NewSession()
	if err != nil {
		fmt.Println("failed to create session,", err)
		return
	}

	svc := waf.New(sess)

	params := &waf.UpdateSizeConstraintSetInput{
		ChangeToken:         aws.String("ChangeToken"), // Required
		SizeConstraintSetId: aws.String("ResourceId"),  // Required
		Updates: []*waf.SizeConstraintSetUpdate{ // Required
			{ // Required
				Action: aws.String("ChangeAction"), // Required
				SizeConstraint: &waf.SizeConstraint{ // Required
					ComparisonOperator: aws.String("ComparisonOperator"), // Required
					FieldToMatch: &waf.FieldToMatch{ // Required
						Type: aws.String("MatchFieldType"), // Required
						Data: aws.String("MatchFieldData"),
					},
					Size:               aws.Int64(1),                     // Required
					TextTransformation: aws.String("TextTransformation"), // Required
				},
			},
			// More values...
		},
	}
	resp, err := svc.UpdateSizeConstraintSet(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
Exemple #17
0
func ExampleWAF_GetWebACL() {
	sess, err := session.NewSession()
	if err != nil {
		fmt.Println("failed to create session,", err)
		return
	}

	svc := waf.New(sess)

	params := &waf.GetWebACLInput{
		WebACLId: aws.String("ResourceId"), // Required
	}
	resp, err := svc.GetWebACL(params)

	if err != nil {
		// Print the error, cast err to awserr.Error to get the Code and
		// Message from an error.
		fmt.Println(err.Error())
		return
	}

	// Pretty-print the response data.
	fmt.Println(resp)
}
func TestInterface(t *testing.T) {
	assert.Implements(t, (*wafiface.WAFAPI)(nil), waf.New(nil))
}
Exemple #19
0
func init() {
	Before("@waf", func() {
		World["client"] = waf.New(smoke.Session)
	})
}
Exemple #20
0
// Client configures and returns a fully initialized AWSClient
func (c *Config) Client() (interface{}, error) {
	// Get the auth and region. This can fail if keys/regions were not
	// specified and we're attempting to use the environment.
	log.Println("[INFO] Building AWS region structure")
	err := c.ValidateRegion()
	if err != nil {
		return nil, err
	}

	var client AWSClient
	// store AWS region in client struct, for region specific operations such as
	// bucket storage in S3
	client.region = c.Region

	log.Println("[INFO] Building AWS auth structure")
	creds, err := GetCredentials(c)
	if err != nil {
		return nil, err
	}
	// Call Get to check for credential provider. If nothing found, we'll get an
	// error, and we can present it nicely to the user
	cp, err := creds.Get()
	if err != nil {
		if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoCredentialProviders" {
			return nil, errors.New(`No valid credential sources found for AWS Provider.
  Please see https://terraform.io/docs/providers/aws/index.html for more information on
  providing credentials for the AWS Provider`)
		}

		return nil, fmt.Errorf("Error loading credentials for AWS Provider: %s", err)
	}

	log.Printf("[INFO] AWS Auth provider used: %q", cp.ProviderName)

	awsConfig := &aws.Config{
		Credentials:      creds,
		Region:           aws.String(c.Region),
		MaxRetries:       aws.Int(c.MaxRetries),
		HTTPClient:       cleanhttp.DefaultClient(),
		S3ForcePathStyle: aws.Bool(c.S3ForcePathStyle),
	}

	if logging.IsDebugOrHigher() {
		awsConfig.LogLevel = aws.LogLevel(aws.LogDebugWithHTTPBody)
		awsConfig.Logger = awsLogger{}
	}

	if c.Insecure {
		transport := awsConfig.HTTPClient.Transport.(*http.Transport)
		transport.TLSClientConfig = &tls.Config{
			InsecureSkipVerify: true,
		}
	}

	// Set up base session
	sess, err := session.NewSession(awsConfig)
	if err != nil {
		return nil, errwrap.Wrapf("Error creating AWS session: {{err}}", err)
	}

	// Removes the SDK Version handler, so we only have the provider User-Agent
	// Ex: "User-Agent: APN/1.0 HashiCorp/1.0 Terraform/0.7.9-dev"
	sess.Handlers.Build.Remove(request.NamedHandler{Name: "core.SDKVersionUserAgentHandler"})
	sess.Handlers.Build.PushFrontNamed(addTerraformVersionToUserAgent)

	if extraDebug := os.Getenv("TERRAFORM_AWS_AUTHFAILURE_DEBUG"); extraDebug != "" {
		sess.Handlers.UnmarshalError.PushFrontNamed(debugAuthFailure)
	}

	// Some services exist only in us-east-1, e.g. because they manage
	// resources that can span across multiple regions, or because
	// signature format v4 requires region to be us-east-1 for global
	// endpoints:
	// http://docs.aws.amazon.com/general/latest/gr/sigv4_changes.html
	usEast1Sess := sess.Copy(&aws.Config{Region: aws.String("us-east-1")})

	// Some services have user-configurable endpoints
	awsEc2Sess := sess.Copy(&aws.Config{Endpoint: aws.String(c.Ec2Endpoint)})
	awsElbSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.ElbEndpoint)})
	awsIamSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.IamEndpoint)})
	awsS3Sess := sess.Copy(&aws.Config{Endpoint: aws.String(c.S3Endpoint)})
	dynamoSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.DynamoDBEndpoint)})
	kinesisSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.KinesisEndpoint)})

	// These two services need to be set up early so we can check on AccountID
	client.iamconn = iam.New(awsIamSess)
	client.stsconn = sts.New(sess)

	if !c.SkipCredsValidation {
		err = c.ValidateCredentials(client.stsconn)
		if err != nil {
			return nil, err
		}
	}

	if !c.SkipRequestingAccountId {
		partition, accountId, err := GetAccountInfo(client.iamconn, client.stsconn, cp.ProviderName)
		if err == nil {
			client.partition = partition
			client.accountid = accountId
		}
	}

	authErr := c.ValidateAccountId(client.accountid)
	if authErr != nil {
		return nil, authErr
	}

	client.acmconn = acm.New(sess)
	client.apigateway = apigateway.New(sess)
	client.appautoscalingconn = applicationautoscaling.New(sess)
	client.autoscalingconn = autoscaling.New(sess)
	client.cfconn = cloudformation.New(sess)
	client.cloudfrontconn = cloudfront.New(sess)
	client.cloudtrailconn = cloudtrail.New(sess)
	client.cloudwatchconn = cloudwatch.New(sess)
	client.cloudwatcheventsconn = cloudwatchevents.New(sess)
	client.cloudwatchlogsconn = cloudwatchlogs.New(sess)
	client.codecommitconn = codecommit.New(usEast1Sess)
	client.codedeployconn = codedeploy.New(sess)
	client.dsconn = directoryservice.New(sess)
	client.dynamodbconn = dynamodb.New(dynamoSess)
	client.ec2conn = ec2.New(awsEc2Sess)
	client.ecrconn = ecr.New(sess)
	client.ecsconn = ecs.New(sess)
	client.efsconn = efs.New(sess)
	client.elasticacheconn = elasticache.New(sess)
	client.elasticbeanstalkconn = elasticbeanstalk.New(sess)
	client.elastictranscoderconn = elastictranscoder.New(sess)
	client.elbconn = elb.New(awsElbSess)
	client.elbv2conn = elbv2.New(awsElbSess)
	client.emrconn = emr.New(sess)
	client.esconn = elasticsearch.New(sess)
	client.firehoseconn = firehose.New(sess)
	client.glacierconn = glacier.New(sess)
	client.kinesisconn = kinesis.New(kinesisSess)
	client.kmsconn = kms.New(sess)
	client.lambdaconn = lambda.New(sess)
	client.lightsailconn = lightsail.New(usEast1Sess)
	client.opsworksconn = opsworks.New(usEast1Sess)
	client.r53conn = route53.New(usEast1Sess)
	client.rdsconn = rds.New(sess)
	client.redshiftconn = redshift.New(sess)
	client.simpledbconn = simpledb.New(sess)
	client.s3conn = s3.New(awsS3Sess)
	client.sesConn = ses.New(sess)
	client.snsconn = sns.New(sess)
	client.sqsconn = sqs.New(sess)
	client.ssmconn = ssm.New(sess)
	client.wafconn = waf.New(sess)

	return &client, nil
}
func init() {
	gucumber.Before("@waf", func() {
		gucumber.World["client"] = waf.New(smoke.Session)
	})
}