func resourceArmNetworkSecurityRuleCreate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*ArmClient)
secClient := client.secRuleClient
name := d.Get("name").(string)
nsgName := d.Get("network_security_group_name").(string)
resGroup := d.Get("resource_group_name").(string)
source_port_range := d.Get("source_port_range").(string)
destination_port_range := d.Get("destination_port_range").(string)
source_address_prefix := d.Get("source_address_prefix").(string)
destination_address_prefix := d.Get("destination_address_prefix").(string)
priority := d.Get("priority").(int)
access := d.Get("access").(string)
direction := d.Get("direction").(string)
protocol := d.Get("protocol").(string)
armMutexKV.Lock(nsgName)
defer armMutexKV.Unlock(nsgName)
properties := network.SecurityRulePropertiesFormat{
SourcePortRange: &source_port_range,
DestinationPortRange: &destination_port_range,
SourceAddressPrefix: &source_address_prefix,
DestinationAddressPrefix: &destination_address_prefix,
Priority: &priority,
Access: network.SecurityRuleAccess(access),
Direction: network.SecurityRuleDirection(direction),
Protocol: network.SecurityRuleProtocol(protocol),
}
if v, ok := d.GetOk("description"); ok {
description := v.(string)
properties.Description = &description
}
sgr := network.SecurityRule{
Name: &name,
Properties: &properties,
}
resp, err := secClient.CreateOrUpdate(resGroup, nsgName, name, sgr)
if err != nil {
return err
}
d.SetId(*resp.ID)
log.Printf("[DEBUG] Waiting for Network Security Rule (%s) to become available", name)
stateConf := &resource.StateChangeConf{
Pending: []string{"Accepted", "Updating"},
Target: "Succeeded",
Refresh: securityRuleStateRefreshFunc(client, resGroup, nsgName, name),
Timeout: 10 * time.Minute,
}
if _, err := stateConf.WaitForState(); err != nil {
return fmt.Errorf("Error waiting for Network Securty Rule (%s) to become available: %s", name, err)
}
return resourceArmNetworkSecurityRuleRead(d, meta)
}
func resourceArmNetworkSecurityRuleCreate(d *schema.ResourceData, meta interface{}) error {
client := meta.(*ArmClient)
secClient := client.secRuleClient
name := d.Get("name").(string)
nsgName := d.Get("network_security_group_name").(string)
resGroup := d.Get("resource_group_name").(string)
source_port_range := d.Get("source_port_range").(string)
destination_port_range := d.Get("destination_port_range").(string)
source_address_prefix := d.Get("source_address_prefix").(string)
destination_address_prefix := d.Get("destination_address_prefix").(string)
priority := int32(d.Get("priority").(int))
access := d.Get("access").(string)
direction := d.Get("direction").(string)
protocol := d.Get("protocol").(string)
armMutexKV.Lock(nsgName)
defer armMutexKV.Unlock(nsgName)
properties := network.SecurityRulePropertiesFormat{
SourcePortRange: &source_port_range,
DestinationPortRange: &destination_port_range,
SourceAddressPrefix: &source_address_prefix,
DestinationAddressPrefix: &destination_address_prefix,
Priority: &priority,
Access: network.SecurityRuleAccess(access),
Direction: network.SecurityRuleDirection(direction),
Protocol: network.SecurityRuleProtocol(protocol),
}
if v, ok := d.GetOk("description"); ok {
description := v.(string)
properties.Description = &description
}
sgr := network.SecurityRule{
Name: &name,
Properties: &properties,
}
_, err := secClient.CreateOrUpdate(resGroup, nsgName, name, sgr, make(chan struct{}))
if err != nil {
return err
}
read, err := secClient.Get(resGroup, nsgName, name)
if err != nil {
return err
}
if read.ID == nil {
return fmt.Errorf("Cannot read Security Group Rule %s/%s (resource group %s) ID",
nsgName, name, resGroup)
}
d.SetId(*read.ID)
return resourceArmNetworkSecurityRuleRead(d, meta)
}
func expandAzureRmSecurityRules(d *schema.ResourceData) ([]network.SecurityRule, error) {
sgRules := d.Get("security_rule").(*schema.Set).List()
rules := make([]network.SecurityRule, 0, len(sgRules))
for _, sgRaw := range sgRules {
data := sgRaw.(map[string]interface{})
source_port_range := data["source_port_range"].(string)
destination_port_range := data["destination_port_range"].(string)
source_address_prefix := data["source_address_prefix"].(string)
destination_address_prefix := data["destination_address_prefix"].(string)
priority := data["priority"].(int)
properties := network.SecurityRulePropertiesFormat{
SourcePortRange: &source_port_range,
DestinationPortRange: &destination_port_range,
SourceAddressPrefix: &source_address_prefix,
DestinationAddressPrefix: &destination_address_prefix,
Priority: &priority,
Access: network.SecurityRuleAccess(data["access"].(string)),
Direction: network.SecurityRuleDirection(data["direction"].(string)),
Protocol: network.SecurityRuleProtocol(data["protocol"].(string)),
}
if v := data["description"].(string); v != "" {
properties.Description = &v
}
name := data["name"].(string)
rule := network.SecurityRule{
Name: &name,
Properties: &properties,
}
rules = append(rules, rule)
}
return rules, nil
}