provider/aws: Add CloudWatch Event Rule

2016-01-29 19:13:52 +00:00 · 2016-01-29 19:13:52 +00:00 · ab89e5e528
parent 65ac8649ef
commit ab89e5e528
5 changed files with 345 additions and 29 deletions
--- a/builtin/providers/aws/config.go
+++ b/builtin/providers/aws/config.go
@ -23,6 +23,7 @@ import (
 	"github.com/aws/aws-sdk-go/service/cloudformation"
 	"github.com/aws/aws-sdk-go/service/cloudtrail"
 	"github.com/aws/aws-sdk-go/service/cloudwatch"
+	"github.com/aws/aws-sdk-go/service/cloudwatchevents"
 	"github.com/aws/aws-sdk-go/service/cloudwatchlogs"
 	"github.com/aws/aws-sdk-go/service/codecommit"
 	"github.com/aws/aws-sdk-go/service/codedeploy"
@ -74,6 +75,7 @@ type AWSClient struct {
 	cloudtrailconn       *cloudtrail.CloudTrail
 	cloudwatchconn       *cloudwatch.CloudWatch
 	cloudwatchlogsconn   *cloudwatchlogs.CloudWatchLogs
+	cloudwatcheventsconn *cloudwatchevents.CloudWatchEvents
 	dsconn               *directoryservice.DirectoryService
 	dynamodbconn         *dynamodb.DynamoDB
 	ec2conn              *ec2.EC2
@ -256,6 +258,9 @@ func (c *Config) Client() (interface{}, error) {
 		log.Println("[INFO] Initializing CloudWatch SDK connection")
 		client.cloudwatchconn = cloudwatch.New(sess)

+		log.Println("[INFO] Initializing CloudWatch Events connection")
+		client.cloudwatcheventsconn = cloudwatchevents.New(sess)
+
 		log.Println("[INFO] Initializing CloudTrail connection")
 		client.cloudtrailconn = cloudtrail.New(sess)

--- a/builtin/providers/aws/provider.go
+++ b/builtin/providers/aws/provider.go
@ -121,6 +121,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_autoscaling_schedule":             resourceAwsAutoscalingSchedule(),
 			"aws_cloudformation_stack":             resourceAwsCloudFormationStack(),
 			"aws_cloudtrail":                       resourceAwsCloudTrail(),
+			"aws_cloudwatch_event_rule":            resourceAwsCloudWatchEventRule(),
 			"aws_cloudwatch_log_group":             resourceAwsCloudWatchLogGroup(),
 			"aws_autoscaling_lifecycle_hook":       resourceAwsAutoscalingLifecycleHook(),
 			"aws_cloudwatch_metric_alarm":          resourceAwsCloudWatchMetricAlarm(),
--- a/builtin/providers/aws/resource_aws_cloudwatch_event_rule.go
+++ b/builtin/providers/aws/resource_aws_cloudwatch_event_rule.go
@ -0,0 +1,252 @@
+package aws
+
+import (
+	"fmt"
+	"log"
+	"regexp"
+	"time"
+
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/helper/schema"
+
+	"github.com/aws/aws-sdk-go/aws"
+	events "github.com/aws/aws-sdk-go/service/cloudwatchevents"
+)
+
+func resourceAwsCloudWatchEventRule() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAwsCloudWatchEventRuleCreate,
+		Read:   resourceAwsCloudWatchEventRuleRead,
+		Update: resourceAwsCloudWatchEventRuleUpdate,
+		Delete: resourceAwsCloudWatchEventRuleDelete,
+
+		Schema: map[string]*schema.Schema{
+			"name": &schema.Schema{
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validateCloudWatchEventRuleName,
+			},
+			"schedule_expression": &schema.Schema{
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateMaxLength(256),
+			},
+			"event_pattern": &schema.Schema{
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateMaxLength(2048),
+				StateFunc:    normalizeJson,
+			},
+			"description": &schema.Schema{
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateMaxLength(512),
+			},
+			"role_arn": &schema.Schema{
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateMaxLength(1600),
+			},
+			"is_enabled": &schema.Schema{
+				Type:     schema.TypeBool,
+				Optional: true,
+				Default:  true,
+			},
+			"arn": &schema.Schema{
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+		},
+	}
+}
+
+func resourceAwsCloudWatchEventRuleCreate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).cloudwatcheventsconn
+
+	input := buildPutRuleInputStruct(d)
+	log.Printf("[DEBUG] Creating CloudWatch Event Rule: %s", input)
+
+	// IAM Roles take some time to propagate
+	var out *events.PutRuleOutput
+	err := resource.Retry(30*time.Second, func() error {
+		var err error
+		out, err = conn.PutRule(input)
+		pattern := regexp.MustCompile("cannot be assumed by principal '[a-z]+\\.amazonaws\\.com'\\.$")
+		if err != nil {
+			if awsErr, ok := err.(awserr.Error); ok {
+				if awsErr.Code() == "ValidationException" && pattern.MatchString(awsErr.Message()) {
+					log.Printf("[DEBUG] Retrying creation of CloudWatch Event Rule %q", *input.Name)
+					return err
+				}
+			}
+			return &resource.RetryError{
+				Err: err,
+			}
+		}
+		return nil
+	})
+	if err != nil {
+		return fmt.Errorf("Creating CloudWatch Event Rule failed: %s", err)
+	}
+
+	d.Set("arn", out.RuleArn)
+	d.SetId(d.Get("name").(string))
+
+	log.Printf("[INFO] CloudWatch Event Rule %q created", *out.RuleArn)
+
+	return resourceAwsCloudWatchEventRuleUpdate(d, meta)
+}
+
+func resourceAwsCloudWatchEventRuleRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).cloudwatcheventsconn
+
+	input := events.DescribeRuleInput{
+		Name: aws.String(d.Id()),
+	}
+	log.Printf("[DEBUG] Reading CloudWatch Event Rule: %s", input)
+	out, err := conn.DescribeRule(&input)
+	if awsErr, ok := err.(awserr.Error); ok {
+		if awsErr.Code() == "ResourceNotFoundException" {
+			log.Printf("[WARN] Removing CloudWatch Event Rule %q because it's gone.", d.Id())
+			d.SetId("")
+			return nil
+		}
+	}
+	if err != nil {
+		return err
+	}
+	log.Printf("[DEBUG] Found Event Rule: %s", out)
+
+	d.Set("arn", out.Arn)
+	d.Set("description", out.Description)
+	if out.EventPattern != nil {
+		d.Set("event_pattern", normalizeJson(*out.EventPattern))
+	}
+	d.Set("name", out.Name)
+	d.Set("role_arn", out.RoleArn)
+	d.Set("schedule_expression", out.ScheduleExpression)
+
+	boolState, err := getBooleanStateFromString(*out.State)
+	if err != nil {
+		return err
+	}
+	log.Printf("[DEBUG] Setting boolean state: %t", boolState)
+	d.Set("is_enabled", boolState)
+
+	return nil
+}
+
+func resourceAwsCloudWatchEventRuleUpdate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).cloudwatcheventsconn
+
+	if d.HasChange("is_enabled") && d.Get("is_enabled").(bool) {
+		log.Printf("[DEBUG] Enabling CloudWatch Event Rule %q", d.Id())
+		_, err := conn.EnableRule(&events.EnableRuleInput{
+			Name: aws.String(d.Id()),
+		})
+		if err != nil {
+			return err
+		}
+		log.Printf("[DEBUG] CloudWatch Event Rule (%q) enabled", d.Id())
+	}
+
+	input := buildPutRuleInputStruct(d)
+	log.Printf("[DEBUG] Updating CloudWatch Event Rule: %s", input)
+
+	// IAM Roles take some time to propagate
+	var out *events.PutRuleOutput
+	err := resource.Retry(30*time.Second, func() error {
+		var err error
+		out, err = conn.PutRule(input)
+		pattern := regexp.MustCompile("cannot be assumed by principal '[a-z]+\\.amazonaws\\.com'\\.$")
+		if err != nil {
+			if awsErr, ok := err.(awserr.Error); ok {
+				if awsErr.Code() == "ValidationException" && pattern.MatchString(awsErr.Message()) {
+					log.Printf("[DEBUG] Retrying update of CloudWatch Event Rule %q", *input.Name)
+					return err
+				}
+			}
+			return &resource.RetryError{
+				Err: err,
+			}
+		}
+		return nil
+	})
+	if err != nil {
+		return fmt.Errorf("Updating CloudWatch Event Rule failed: %s", err)
+	}
+
+	if d.HasChange("is_enabled") && !d.Get("is_enabled").(bool) {
+		log.Printf("[DEBUG] Disabling CloudWatch Event Rule %q", d.Id())
+		_, err := conn.DisableRule(&events.DisableRuleInput{
+			Name: aws.String(d.Id()),
+		})
+		if err != nil {
+			return err
+		}
+		log.Printf("[DEBUG] CloudWatch Event Rule (%q) disabled", d.Id())
+	}
+
+	return resourceAwsCloudWatchEventRuleRead(d, meta)
+}
+
+func resourceAwsCloudWatchEventRuleDelete(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).cloudwatcheventsconn
+
+	log.Printf("[INFO] Deleting CloudWatch Event Rule: %s", d.Id())
+	_, err := conn.DeleteRule(&events.DeleteRuleInput{
+		Name: aws.String(d.Id()),
+	})
+	if err != nil {
+		return fmt.Errorf("Error deleting CloudWatch Event Rule: %s", err)
+	}
+	log.Println("[INFO] CloudWatch Event Rule deleted")
+
+	d.SetId("")
+
+	return nil
+}
+
+func buildPutRuleInputStruct(d *schema.ResourceData) *events.PutRuleInput {
+	input := events.PutRuleInput{
+		Name: aws.String(d.Get("name").(string)),
+	}
+	if v, ok := d.GetOk("description"); ok {
+		input.Description = aws.String(v.(string))
+	}
+	if v, ok := d.GetOk("event_pattern"); ok {
+		input.EventPattern = aws.String(v.(string))
+	}
+	if v, ok := d.GetOk("role_arn"); ok {
+		input.RoleArn = aws.String(v.(string))
+	}
+	if v, ok := d.GetOk("schedule_expression"); ok {
+		input.ScheduleExpression = aws.String(v.(string))
+	}
+
+	input.State = aws.String(getStringStateFromBoolean(d.Get("is_enabled").(bool)))
+
+	return &input
+}
+
+// State is represented as (ENABLED|DISABLED) in the API
+func getBooleanStateFromString(state string) (bool, error) {
+	if state == "ENABLED" {
+		return true, nil
+	} else if state == "DISABLED" {
+		return false, nil
+	}
+	// We don't just blindly trust AWS as they tend to return
+	// unexpected values in similar cases (different casing etc.)
+	return false, fmt.Errorf("Failed converting state %q into boolean", state)
+}
+
+// State is represented as (ENABLED|DISABLED) in the API
+func getStringStateFromBoolean(isEnabled bool) string {
+	if isEnabled {
+		return "ENABLED"
+	}
+	return "DISABLED"
+}
--- a/builtin/providers/aws/validators.go
+++ b/builtin/providers/aws/validators.go
@ -4,6 +4,8 @@ import (
 	"fmt"
 	"regexp"
 	"time"
+
+	"github.com/hashicorp/terraform/helper/schema"
 )

 func validateRdsId(v interface{}, k string) (ws []string, errors []error) {
@ -134,3 +136,32 @@ func validateEcrRepositoryName(v interface{}, k string) (ws []string, errors []e

 	return
 }
+
+func validateCloudWatchEventRuleName(v interface{}, k string) (ws []string, errors []error) {
+	value := v.(string)
+	if len(value) > 64 {
+		errors = append(errors, fmt.Errorf(
+			"%q cannot be longer than 64 characters: %q", k, value))
+	}
+
+	// http://docs.aws.amazon.com/AmazonCloudWatchEvents/latest/APIReference/API_PutRule.html
+	pattern := `^[\.\-_A-Za-z0-9]+$`
+	if !regexp.MustCompile(pattern).MatchString(value) {
+		errors = append(errors, fmt.Errorf(
+			"%q doesn't comply with restrictions (%q): %q",
+			k, pattern, value))
+	}
+
+	return
+}
+
+func validateMaxLength(length int) schema.SchemaValidateFunc {
+	return func(v interface{}, k string) (ws []string, errors []error) {
+		value := v.(string)
+		if len(value) > length {
+			errors = append(errors, fmt.Errorf(
+				"%q cannot be longer than %d characters: %q", k, length, value))
+		}
+		return
+	}
+}
--- a/builtin/providers/aws/validators_test.go
+++ b/builtin/providers/aws/validators_test.go
@ -43,3 +43,30 @@ func TestValidateEcrRepositoryName(t *testing.T) {
 		}
 	}
 }
+
+func TestValidateCloudWatchEventRuleName(t *testing.T) {
+	validNames := []string{
+		"HelloWorl_d",
+		"hello-world",
+		"hello.World0125",
+	}
+	for _, v := range validNames {
+		_, errors := validateCloudWatchEventRuleName(v, "name")
+		if len(errors) != 0 {
+			t.Fatalf("%q should be a valid CW event rule name: %q", v, errors)
+		}
+	}
+
+	invalidNames := []string{
+		"special@character",
+		"slash/in-the-middle",
+		// Length > 64
+		"TooLooooooooooooooooooooooooooooooooooooooooooooooooooooooongName",
+	}
+	for _, v := range invalidNames {
+		_, errors := validateCloudWatchEventRuleName(v, "name")
+		if len(errors) == 0 {
+			t.Fatalf("%q should be an invalid CW event rule name", v)
+		}
+	}
+}