From 3a7cb3a73f59b5d346d9c0cecdf88554a0bf8a74 Mon Sep 17 00:00:00 2001 From: Angel Abad Date: Thu, 16 Jul 2020 22:42:29 +0200 Subject: [PATCH] Add data for Client Vpn Endpoint --- ...data_source_aws_ec2_client_vpn_endpoint.go | 189 ++++++++++++++++++ aws/provider.go | 1 + 2 files changed, 190 insertions(+) create mode 100644 aws/data_source_aws_ec2_client_vpn_endpoint.go diff --git a/aws/data_source_aws_ec2_client_vpn_endpoint.go b/aws/data_source_aws_ec2_client_vpn_endpoint.go new file mode 100644 index 000000000000..67a05d616f46 --- /dev/null +++ b/aws/data_source_aws_ec2_client_vpn_endpoint.go @@ -0,0 +1,189 @@ +package aws + +import ( + "errors" + "fmt" + "log" + + "github.com/aws/aws-sdk-go/aws/arn" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/ec2" + "github.com/hashicorp/terraform-plugin-sdk/helper/schema" + "github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags" +) + +func dataSourceAwsEc2ClientVpnEndpoint() *schema.Resource { + return &schema.Resource{ + Read: dataSourceAwsEc2ClientVpnEndpointRead, + + Schema: map[string]*schema.Schema{ + "arn": { + Type: schema.TypeString, + Computed: true, + }, + "id": { + Type: schema.TypeString, + Optional: true, + }, + "authentication_options": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "type": { + Type: schema.TypeString, + Computed: true, + }, + "active_directory_id": { + Type: schema.TypeString, + Computed: true, + }, + "root_certificate_chain_arn": { + Type: schema.TypeString, + Computed: true, + }, + }, + }, + }, + "client_cidr_block": { + Type: schema.TypeString, + Computed: true, + }, + "connection_log_options": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Resource{ + Schema: map[string]*schema.Schema{ + "cloudwatch_log_group": { + Type: schema.TypeString, + Computed: true, + }, + "cloudwatch_log_stream": { + Type: schema.TypeString, + Computed: true, + }, + "enabled": { + Type: schema.TypeBool, + Computed: true, + }, + }, + }, + }, + "description": { + Type: schema.TypeString, + Computed: true, + }, + "dns_name": { + Type: schema.TypeString, + Computed: true, + }, + "dns_servers": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "filter": dataSourceFiltersSchema(), + "security_group_ids": { + Type: schema.TypeList, + Computed: true, + Elem: &schema.Schema{Type: schema.TypeString}, + }, + "server_certificate_arn": { + Type: schema.TypeString, + Computed: true, + }, + "split_tunnel": { + Type: schema.TypeBool, + Computed: true, + }, + "tags": tagsSchemaComputed(), + "transport_protocol": { + Type: schema.TypeString, + Computed: true, + }, + "vpc_id": { + Type: schema.TypeString, + Computed: true, + }, + "vpn_port": { + Type: schema.TypeInt, + Computed: true, + }, + "vpn_protocol": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} + +func dataSourceAwsEc2ClientVpnEndpointRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*AWSClient).ec2conn + ignoreTagsConfig := meta.(*AWSClient).IgnoreTagsConfig + + input := &ec2.DescribeClientVpnEndpointsInput{} + + if v, ok := d.GetOk("filter"); ok { + input.Filters = buildAwsDataSourceFilters(v.(*schema.Set)) + } + + if v, ok := d.GetOk("id"); ok { + input.ClientVpnEndpointIds = []*string{aws.String(v.(string))} + } + + log.Printf("[DEBUG] Reading EC2 Transit Gateways: %s", input) + + resp, err := conn.DescribeClientVpnEndpoints(input) + if err != nil { + return fmt.Errorf("Error getting Client Vpn Endpoint: %v", err) + } + + if resp == nil || len(resp.ClientVpnEndpoints) == 0 { + return errors.New("Error reading EC2 Client Vpn Endpoint: no results found") + } + + if len(resp.ClientVpnEndpoints) > 1 { + return errors.New("Error reading EC2 Client Vpn Endpoint: multiple results found, try adjusting search criteria") + } + + endpoint := resp.ClientVpnEndpoints[0] + + d.SetId(aws.StringValue(endpoint.ClientVpnEndpointId)) + d.Set("dns_name", endpoint.DnsName) + d.Set("dns_servers", endpoint.DnsServers) + d.Set("client_cidr_block", endpoint.ClientCidrBlock) + d.Set("description", endpoint.Description) + d.Set("server_certificate_arn", endpoint.ServerCertificateArn) + d.Set("split_tunnel", endpoint.SplitTunnel) + d.Set("transport_protocol", endpoint.TransportProtocol) + d.Set("security_group_ids", endpoint.SecurityGroupIds) + d.Set("vpc_id", endpoint.VpcId) + d.Set("vpn_port", endpoint.VpnPort) + d.Set("vpn_protocol", endpoint.VpnProtocol) + + err = d.Set("authentication_options", flattenAuthOptsConfig(endpoint.AuthenticationOptions)) + if err != nil { + return fmt.Errorf("error setting authentication_options: %s", err) + } + + err = d.Set("connection_log_options", flattenConnLoggingConfig(endpoint.ConnectionLogOptions)) + if err != nil { + return fmt.Errorf("error setting connection_log_options: %s", err) + } + + if err := d.Set("tags", keyvaluetags.Ec2KeyValueTags(endpoint.Tags).IgnoreAws().IgnoreConfig(ignoreTagsConfig).Map()); err != nil { + return fmt.Errorf("Error setting tags: %s", err) + } + + arn := arn.ARN{ + Partition: meta.(*AWSClient).partition, + Service: "ec2", + Region: meta.(*AWSClient).region, + AccountID: meta.(*AWSClient).accountid, + Resource: fmt.Sprintf("client-vpn-endpoint/%s", d.Id()), + }.String() + d.Set("arn", arn) + + return nil +} diff --git a/aws/provider.go b/aws/provider.go index 34e5c2925841..dfda5deda16a 100644 --- a/aws/provider.go +++ b/aws/provider.go @@ -209,6 +209,7 @@ func Provider() *schema.Provider { "aws_ebs_snapshot_ids": dataSourceAwsEbsSnapshotIds(), "aws_ebs_volume": dataSourceAwsEbsVolume(), "aws_ebs_volumes": dataSourceAwsEbsVolumes(), + "aws_ec2_client_vpn_endpoint": dataSourceAwsEc2ClientVpnEndpoint(), "aws_ec2_coip_pool": dataSourceAwsEc2CoipPool(), "aws_ec2_coip_pools": dataSourceAwsEc2CoipPools(), "aws_ec2_instance_type_offering": dataSourceAwsEc2InstanceTypeOffering(),