Skip to content

Commit

Permalink
resource_arm_application_gateway: extend docs
Browse files Browse the repository at this point in the history
  • Loading branch information
bs-matil committed May 6, 2019
1 parent 1da0216 commit a740044
Show file tree
Hide file tree
Showing 3 changed files with 189 additions and 80 deletions.
69 changes: 36 additions & 33 deletions azurerm/resource_arm_application_gateway.go
Original file line number Diff line number Diff line change
Expand Up @@ -624,7 +624,7 @@ func resourceArmApplicationGateway() *schema.Resource {
},
},

// TODO: @tombuildsstuff deprecate this in favour of a full `ssl_protocol` block in the future
// TODO: remove in 2.0
"disabled_ssl_protocols": {
Type: schema.TypeList,
Optional: true,
Expand All @@ -644,20 +644,20 @@ func resourceArmApplicationGateway() *schema.Resource {
"ssl_policy": {
Type: schema.TypeList,
Optional: true,
Computed: true,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"disabled_protocols": {
Type: schema.TypeList,
Optional: true,
Computed: true,
Elem: &schema.Schema{
Type: schema.TypeString,
DiffSuppressFunc: suppress.CaseDifference,
Type: schema.TypeString,
ValidateFunc: validation.StringInSlice([]string{
string(network.TLSv10),
string(network.TLSv11),
string(network.TLSv12),
}, true),
}, false),
},
},

Expand All @@ -669,7 +669,7 @@ func resourceArmApplicationGateway() *schema.Resource {
ValidateFunc: validation.StringInSlice([]string{
string(network.Custom),
string(network.Predefined),
}, true),
}, false),
},
},

Expand All @@ -682,21 +682,19 @@ func resourceArmApplicationGateway() *schema.Resource {
Type: schema.TypeList,
Optional: true,
Elem: &schema.Schema{
Type: schema.TypeString,
DiffSuppressFunc: suppress.CaseDifference,
ValidateFunc: validation.StringInSlice(possibleArmApplicationGatewaySslCipherSuiteValues(), true),
Type: schema.TypeString,
ValidateFunc: validation.StringInSlice(possibleArmApplicationGatewaySslCipherSuiteValues(), false),
},
},

"min_protocol_version": {
Type: schema.TypeString,
Optional: true,
DiffSuppressFunc: suppress.CaseDifference,
Type: schema.TypeString,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{
string(network.TLSv10),
string(network.TLSv11),
string(network.TLSv12),
}, true),
}, false),
},
},
},
Expand Down Expand Up @@ -1637,40 +1635,39 @@ func flattenApplicationGatewayConnectionDraining(input *network.ApplicationGatew

func expandApplicationGatewaySslPolicy(d *schema.ResourceData) *network.ApplicationGatewaySslPolicy {
policy := network.ApplicationGatewaySslPolicy{}
disabledSSLPolicies := make([]network.ApplicationGatewaySslProtocol, 0)

vs := d.Get("ssl_policy").([]interface{})
if len(vs) == 0 {
return &policy
vsdsp := d.Get("disabled_ssl_protocols").([]interface{})

if len(vsdsp) == 0 && len(vs) == 0 {
policy = network.ApplicationGatewaySslPolicy{
DisabledSslProtocols: &disabledSSLPolicies,
}
}
v := vs[0].(map[string]interface{})

disabledSSLPolicies := make([]network.ApplicationGatewaySslProtocol, 0)
for _, policy := range v["disabled_protocols"].([]interface{}) {
for _, policy := range vsdsp {
disabledSSLPolicies = append(disabledSSLPolicies, network.ApplicationGatewaySslProtocol(policy.(string)))
}
if len(disabledSSLPolicies) == 0 {
for _, policy := range d.Get("disabled_ssl_protocols").([]interface{}) {
disabledSSLPolicies = append(disabledSSLPolicies, network.ApplicationGatewaySslProtocol(policy.(string)))
}
}

if len(disabledSSLPolicies) > 0 {
policy = network.ApplicationGatewaySslPolicy{
DisabledSslProtocols: &disabledSSLPolicies,
}
} else {
if len(vs) > 0 {
v := vs[0].(map[string]interface{})
policyType := network.ApplicationGatewaySslPolicyType(v["policy_type"].(string))

for _, policy := range v["disabled_protocols"].([]interface{}) {
disabledSSLPolicies = append(disabledSSLPolicies, network.ApplicationGatewaySslProtocol(policy.(string)))
}

if policyType == network.Predefined {
policyName := network.ApplicationGatewaySslPolicyName(v["policy_name"].(string))

policy = network.ApplicationGatewaySslPolicy{
PolicyType: policyType,
PolicyName: policyName,
}
} else if policyType == network.Custom {
minProtocolVersion := network.ApplicationGatewaySslProtocol(v["min_protocol_version"].(string))

cipherSuites := make([]network.ApplicationGatewaySslCipherSuite, 0)

for _, cipherSuite := range v["cipher_suites"].([]interface{}) {
cipherSuites = append(cipherSuites, network.ApplicationGatewaySslCipherSuite(cipherSuite.(string)))
}
Expand All @@ -1683,6 +1680,12 @@ func expandApplicationGatewaySslPolicy(d *schema.ResourceData) *network.Applicat
}
}

if len(disabledSSLPolicies) > 0 {
policy = network.ApplicationGatewaySslPolicy{
DisabledSslProtocols: &disabledSSLPolicies,
}
}

return &policy
}

Expand All @@ -1698,21 +1701,21 @@ func flattenApplicationGatewaySslPolicy(input *network.ApplicationGatewaySslPoli
output["policy_type"] = input.PolicyType
output["min_protocol_version"] = input.MinProtocolVersion

cipherSuites := make([]interface{}, 0)
if input.CipherSuites != nil {
cipherSuites := make([]interface{}, 0)
for _, v := range *input.CipherSuites {
cipherSuites = append(cipherSuites, string(v))
}
output["cipher_suites"] = cipherSuites
}
output["cipher_suites"] = cipherSuites

disabledSslProtocols := make([]interface{}, 0)
if input.DisabledSslProtocols != nil {
disabledSslProtocols := make([]interface{}, 0)
for _, v := range *input.DisabledSslProtocols {
disabledSslProtocols = append(disabledSslProtocols, string(v))
}
output["disabled_protocols"] = disabledSslProtocols
}
output["disabled_protocols"] = disabledSslProtocols

results = append(results, output)
return results
Expand Down
Loading

0 comments on commit a740044

Please sign in to comment.