-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
resources.products.tf
131 lines (107 loc) · 7.08 KB
/
resources.products.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# --------
# PRODUCTS
# --------
locals {
# Path where the product files are located
products_path = "${var.artifacts_path}/products"
# Name of the files holding the information and policy
product_information_file = var.product_information_filename
product_policy_file = var.product_policy_filename
product_policy_fallback_file = "policy.xml"
# Lists all files in products folder
all_product_files = fileset(local.products_path, "**")
# Extracts directory names and removes duplicates. Each directory holds information about one API.
products = toset(distinct([for key in local.all_product_files : dirname(key)]))
}
# Create product
resource "azurerm_api_management_product" "main" {
for_each = toset([for product in local.products : product if fileexists("${local.products_path}/${product}/${local.product_information_file}")])
product_id = each.key
api_management_name = data.azurerm_api_management.main.name
resource_group_name = data.azurerm_api_management.main.resource_group_name
display_name = jsondecode(file("${local.products_path}/${each.key}/${local.product_information_file}")).properties.displayName
description = try(jsondecode(file("${local.products_path}/${each.key}/${local.product_information_file}")).properties.description, null)
published = jsondecode(file("${local.products_path}/${each.key}/${local.product_information_file}")).properties.published
terms = try(jsondecode(file("${local.products_path}/${each.key}/${local.product_information_file}")).properties.terms, null)
subscription_required = jsondecode(file("${local.products_path}/${each.key}/${local.product_information_file}")).properties.subscriptionRequired
approval_required = jsondecode(file("${local.products_path}/${each.key}/${local.product_information_file}")).properties.approvalRequired
subscriptions_limit = try(jsondecode(file("${local.products_path}/${each.key}/${local.product_information_file}")).properties.subscriptionsLimit, null)
}
# Add API(s) to product
resource "azurerm_api_management_product_api" "main" {
# Create set with "<product name>/<api name>". In this way we can then itterate over all APIs for each product
for_each = toset(flatten(
[for directory in local.products :
[for api in jsondecode(file("${local.products_path}/${directory}/${local.product_information_file}")).properties.apis :
"${directory}/${api}"] if
fileexists("${local.products_path}/${directory}/${local.product_information_file}") &&
can(jsondecode(file("${local.products_path}/${directory}/${local.product_information_file}")).properties.apis)
]))
api_management_name = data.azurerm_api_management.main.name
resource_group_name = data.azurerm_api_management.main.resource_group_name
# Using regex to extract key product ID. The product ID is at the start of the string before the slash ("/")
product_id = azurerm_api_management_product.main[regex("[^/]+", each.key)].product_id
# Using regex to extract the API name. The API name is at the end of the string after the slash ("/")
api_name = azurerm_api_management_api.main[regex("[^/]+$", each.key)].name
}
# Add group(s) to product
resource "azurerm_api_management_product_group" "main" {
# Create set with "<product name>/<api name>". In this way we can then itterate over all groups for each product
for_each = toset(flatten(
[for directory in local.products :
[for group in jsondecode(file("${local.products_path}/${directory}/${local.product_information_file}")).properties.groups :
"${directory}/${group}"] if
fileexists("${local.products_path}/${directory}/${local.product_information_file}") &&
can(jsondecode(file("${local.products_path}/${directory}/${local.product_information_file}")).properties.groups)
]))
api_management_name = data.azurerm_api_management.main.name
resource_group_name = data.azurerm_api_management.main.resource_group_name
# Using regex to extract key product ID. The product ID is at the start of the string before the slash ("/")
product_id = azurerm_api_management_product.main[regex("[^/]+", each.key)].product_id
# Using regex to extract the group name. The group name is at the end of the string after the slash ("/")
# We do not reference another resource in Terraform configuration here, since a group may be both an Azure AD group, a local group and an already existing built-in group in APIM.
# Also, we need to run the same lower and replace as done in azurerm_api_management_group.aad and azurerm_api_management_group.local, since group names may only contain alphanumeric characters, underscores and dashes up to 80 characters in length.
group_name = lower(replace(regex("[^/]+$", each.key), "/[ .]/", "-"))
# Groups needs to be created at APIM scope before assigned to product
depends_on = [
azurerm_api_management_group.aad,
azurerm_api_management_group.local
]
}
# Assign tag(s) to Product
resource "azurerm_api_management_product_tag" "main" {
# Create set with "<product name>/<tag name>". In this way we can then itterate over all tags for each product
for_each = toset(flatten(
[for directory in local.products :
[for tag in jsondecode(file("${local.products_path}/${directory}/${local.product_information_file}")).properties.tags :
"${directory}/${tag}"] if
fileexists("${local.products_path}/${directory}/${local.product_information_file}") &&
can(jsondecode(file("${local.products_path}/${directory}/${local.product_information_file}")).properties.tags)
]))
api_management_name = data.azurerm_api_management.main.name
resource_group_name = data.azurerm_api_management.main.resource_group_name
# Using regex to extract key product ID. The product ID is at the start of the string before the slash ("/")
api_management_product_id = azurerm_api_management_product.main[regex("[^/]+", each.key)].product_id
# Using regex to extract the tag name. The tag name is at the end of the string after the slash ("/")
name = azurerm_api_management_tag.main[regex("[^/]+$", each.key)].name
}
# Create Product policy
resource "azurerm_api_management_product_policy" "main" {
# Only create if policy file and product information file exists.
for_each = toset([
for directory in local.products : directory if
fileexists("${local.products_path}/${directory}/${local.product_information_file}") &&
(
fileexists("${local.products_path}/${directory}/${local.product_policy_file}") ||
(
var.product_policy_fallback_to_default_filename &&
fileexists("${local.products_path}/${directory}/${local.product_policy_fallback_file}")
)
)
])
api_management_name = data.azurerm_api_management.main.name
resource_group_name = data.azurerm_api_management.main.resource_group_name
product_id = azurerm_api_management_product.main[each.key].product_id
# Using the value configured in local.product_policy_file if it exists. If the file doesn't exist, it looks for the fallback file (policy.xml).
xml_content = try(file("${local.products_path}/${each.key}/${local.product_policy_file}"), file("${local.products_path}/${each.key}/${local.product_policy_fallback_file}"))
}