terraform/builtin/providers/aws/resource_aws_db_security_gr...

package aws

import (
	"bytes"
	"fmt"
	"log"
	"time"

	"github.com/awslabs/aws-sdk-go/aws"
	"github.com/awslabs/aws-sdk-go/service/rds"
	"github.com/hashicorp/terraform/helper/hashcode"
	"github.com/hashicorp/terraform/helper/multierror"
	"github.com/hashicorp/terraform/helper/resource"
	"github.com/hashicorp/terraform/helper/schema"
)

func resourceAwsDbSecurityGroup() *schema.Resource {
	return &schema.Resource{
		Create: resourceAwsDbSecurityGroupCreate,
		Read:   resourceAwsDbSecurityGroupRead,
		Delete: resourceAwsDbSecurityGroupDelete,

		Schema: map[string]*schema.Schema{
			"name": &schema.Schema{
				Type:     schema.TypeString,
				Required: true,
				ForceNew: true,
			},

			"description": &schema.Schema{
				Type:     schema.TypeString,
				Required: true,
				ForceNew: true,
			},

			"ingress": &schema.Schema{
				Type:     schema.TypeSet,
				Required: true,
				ForceNew: true,
				Elem: &schema.Resource{
					Schema: map[string]*schema.Schema{
						"cidr": &schema.Schema{
							Type:     schema.TypeString,
							Optional: true,
						},

						"security_group_name": &schema.Schema{
							Type:     schema.TypeString,
							Optional: true,
							Computed: true,
						},

						"security_group_id": &schema.Schema{
							Type:     schema.TypeString,
							Optional: true,
							Computed: true,
						},

						"security_group_owner_id": &schema.Schema{
							Type:     schema.TypeString,
							Optional: true,
							Computed: true,
						},
					},
				},
				Set: resourceAwsDbSecurityGroupIngressHash,
			},
		},
	}
}

func resourceAwsDbSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
	conn := meta.(*AWSClient).rdsconn

	var err error
	var errs []error

	opts := rds.CreateDBSecurityGroupInput{
		DBSecurityGroupName:        aws.String(d.Get("name").(string)),
		DBSecurityGroupDescription: aws.String(d.Get("description").(string)),
	}

	log.Printf("[DEBUG] DB Security Group create configuration: %#v", opts)
	_, err = conn.CreateDBSecurityGroup(&opts)
	if err != nil {
		return fmt.Errorf("Error creating DB Security Group: %s", err)
	}

	d.SetId(d.Get("name").(string))

	log.Printf("[INFO] DB Security Group ID: %s", d.Id())

	sg, err := resourceAwsDbSecurityGroupRetrieve(d, meta)
	if err != nil {
		return err
	}

	ingresses := d.Get("ingress").(*schema.Set)
	for _, ing := range ingresses.List() {
		err := resourceAwsDbSecurityGroupAuthorizeRule(ing, *sg.DBSecurityGroupName, conn)
		if err != nil {
			errs = append(errs, err)
		}
	}

	if len(errs) > 0 {
		return &multierror.Error{Errors: errs}
	}

	log.Println(
		"[INFO] Waiting for Ingress Authorizations to be authorized")

	stateConf := &resource.StateChangeConf{
		Pending: []string{"authorizing"},
		Target:  "authorized",
		Refresh: resourceAwsDbSecurityGroupStateRefreshFunc(d, meta),
		Timeout: 10 * time.Minute,
	}

	// Wait, catching any errors
	_, err = stateConf.WaitForState()
	if err != nil {
		return err
	}

	return resourceAwsDbSecurityGroupRead(d, meta)
}

func resourceAwsDbSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
	sg, err := resourceAwsDbSecurityGroupRetrieve(d, meta)
	if err != nil {
		return err
	}

	d.Set("name", *sg.DBSecurityGroupName)
	d.Set("description", *sg.DBSecurityGroupDescription)

	// Create an empty schema.Set to hold all ingress rules
	rules := &schema.Set{
		F: resourceAwsDbSecurityGroupIngressHash,
	}

	for _, v := range sg.IPRanges {
		rule := map[string]interface{}{"cidr": *v.CIDRIP}
		rules.Add(rule)
	}

	for _, g := range sg.EC2SecurityGroups {
		rule := map[string]interface{}{
			"security_group_name":     *g.EC2SecurityGroupName,
			"security_group_id":       *g.EC2SecurityGroupID,
			"security_group_owner_id": *g.EC2SecurityGroupOwnerID,
		}
		rules.Add(rule)
	}

	d.Set("ingress", rules)

	return nil
}

func resourceAwsDbSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
	conn := meta.(*AWSClient).rdsconn

	log.Printf("[DEBUG] DB Security Group destroy: %v", d.Id())

	opts := rds.DeleteDBSecurityGroupInput{DBSecurityGroupName: aws.String(d.Id())}

	log.Printf("[DEBUG] DB Security Group destroy configuration: %v", opts)
	_, err := conn.DeleteDBSecurityGroup(&opts)

	if err != nil {
		newerr, ok := err.(aws.APIError)
		if ok && newerr.Code == "InvalidDBSecurityGroup.NotFound" {
			return nil
		}
		return err
	}

	return nil
}

func resourceAwsDbSecurityGroupRetrieve(d *schema.ResourceData, meta interface{}) (*rds.DBSecurityGroup, error) {
	conn := meta.(*AWSClient).rdsconn

	opts := rds.DescribeDBSecurityGroupsInput{
		DBSecurityGroupName: aws.String(d.Id()),
	}

	log.Printf("[DEBUG] DB Security Group describe configuration: %#v", opts)

	resp, err := conn.DescribeDBSecurityGroups(&opts)

	if err != nil {
		return nil, fmt.Errorf("Error retrieving DB Security Groups: %s", err)
	}

	if len(resp.DBSecurityGroups) != 1 ||
		*resp.DBSecurityGroups[0].DBSecurityGroupName != d.Id() {
		return nil, fmt.Errorf("Unable to find DB Security Group: %#v", resp.DBSecurityGroups)
	}

	return resp.DBSecurityGroups[0], nil
}

// Authorizes the ingress rule on the db security group
func resourceAwsDbSecurityGroupAuthorizeRule(ingress interface{}, dbSecurityGroupName string, conn *rds.RDS) error {
	ing := ingress.(map[string]interface{})

	opts := rds.AuthorizeDBSecurityGroupIngressInput{
		DBSecurityGroupName: aws.String(dbSecurityGroupName),
	}

	if attr, ok := ing["cidr"]; ok && attr != "" {
		opts.CIDRIP = aws.String(attr.(string))
	}

	if attr, ok := ing["security_group_name"]; ok && attr != "" {
		opts.EC2SecurityGroupName = aws.String(attr.(string))
	}

	if attr, ok := ing["security_group_id"]; ok && attr != "" {
		opts.EC2SecurityGroupID = aws.String(attr.(string))
	}

	if attr, ok := ing["security_group_owner_id"]; ok && attr != "" {
		opts.EC2SecurityGroupOwnerID = aws.String(attr.(string))
	}

	log.Printf("[DEBUG] Authorize ingress rule configuration: %#v", opts)

	_, err := conn.AuthorizeDBSecurityGroupIngress(&opts)

	if err != nil {
		return fmt.Errorf("Error authorizing security group ingress: %s", err)
	}

	return nil
}

func resourceAwsDbSecurityGroupIngressHash(v interface{}) int {
	var buf bytes.Buffer
	m := v.(map[string]interface{})

	if v, ok := m["cidr"]; ok {
		buf.WriteString(fmt.Sprintf("%s-", v.(string)))
	}

	if v, ok := m["security_group_name"]; ok {
		buf.WriteString(fmt.Sprintf("%s-", v.(string)))
	}

	if v, ok := m["security_group_id"]; ok {
		buf.WriteString(fmt.Sprintf("%s-", v.(string)))
	}

	if v, ok := m["security_group_owner_id"]; ok {
		buf.WriteString(fmt.Sprintf("%s-", v.(string)))
	}

	return hashcode.String(buf.String())
}

func resourceAwsDbSecurityGroupStateRefreshFunc(
	d *schema.ResourceData, meta interface{}) resource.StateRefreshFunc {
	return func() (interface{}, string, error) {
		v, err := resourceAwsDbSecurityGroupRetrieve(d, meta)

		if err != nil {
			log.Printf("Error on retrieving DB Security Group when waiting: %s", err)
			return nil, "", err
		}

		statuses := make([]string, 0, len(v.EC2SecurityGroups)+len(v.IPRanges))
		for _, ec2g := range v.EC2SecurityGroups {
			statuses = append(statuses, *ec2g.Status)
		}
		for _, ips := range v.IPRanges {
			statuses = append(statuses, *ips.Status)
		}

		for _, stat := range statuses {
			// Not done
			if stat != "authorized" {
				return nil, "authorizing", nil
			}
		}

		return v, "authorized", nil
	}
}
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`package aws`

			`import (`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`"bytes"`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`"fmt"`
			`"log"`
			`"time"`

go fmt db things 2015-04-15 22:02:52 +02:00			`"github.com/awslabs/aws-sdk-go/aws"`
			`"github.com/awslabs/aws-sdk-go/service/rds"`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`"github.com/hashicorp/terraform/helper/hashcode"`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`"github.com/hashicorp/terraform/helper/multierror"`
			`"github.com/hashicorp/terraform/helper/resource"`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`"github.com/hashicorp/terraform/helper/schema"`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`)`

Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`func resourceAwsDbSecurityGroup() *schema.Resource {`
			`return &schema.Resource{`
			`Create: resourceAwsDbSecurityGroupCreate,`
			`Read: resourceAwsDbSecurityGroupRead,`
			`Delete: resourceAwsDbSecurityGroupDelete,`

			`Schema: map[string]*schema.Schema{`
			`"name": &schema.Schema{`
			`Type: schema.TypeString,`
			`Required: true,`
			`ForceNew: true,`
			`},`

			`"description": &schema.Schema{`
			`Type: schema.TypeString,`
			`Required: true,`
			`ForceNew: true,`
			`},`

			`"ingress": &schema.Schema{`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`Type: schema.TypeSet,`
			`Required: true,`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`ForceNew: true,`
			`Elem: &schema.Resource{`
			`Schema: map[string]*schema.Schema{`
			`"cidr": &schema.Schema{`
			`Type: schema.TypeString,`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`Optional: true,`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`},`

			`"security_group_name": &schema.Schema{`
			`Type: schema.TypeString,`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`Optional: true,`
			`Computed: true,`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`},`

			`"security_group_id": &schema.Schema{`
			`Type: schema.TypeString,`
			`Optional: true,`
			`Computed: true,`
			`},`

			`"security_group_owner_id": &schema.Schema{`
			`Type: schema.TypeString,`
			`Optional: true,`
			`Computed: true,`
			`},`
			`},`
			`},`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`Set: resourceAwsDbSecurityGroupIngressHash,`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`},`
			`},`
			`}`
			`}`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`func resourceAwsDbSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {`
provider/aws: Remove goamz/rds consolidates the conversion of AWS RDS to aws-sdk-go 2015-02-27 17:50:21 +01:00			`conn := meta.(*AWSClient).rdsconn`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
			`var err error`
			`var errs []error`

go fmt db things 2015-04-15 22:02:52 +02:00			`opts := rds.CreateDBSecurityGroupInput{`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`DBSecurityGroupName: aws.String(d.Get("name").(string)),`
			`DBSecurityGroupDescription: aws.String(d.Get("description").(string)),`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

			`log.Printf("[DEBUG] DB Security Group create configuration: %#v", opts)`
			`_, err = conn.CreateDBSecurityGroup(&opts)`
			`if err != nil {`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`return fmt.Errorf("Error creating DB Security Group: %s", err)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`d.SetId(d.Get("name").(string))`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`log.Printf("[INFO] DB Security Group ID: %s", d.Id())`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`sg, err := resourceAwsDbSecurityGroupRetrieve(d, meta)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`if err != nil {`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`return err`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

Refactored the last two resources 2014-11-24 14:04:48 +01:00			`ingresses := d.Get("ingress").(*schema.Set)`
			`for _, ing := range ingresses.List() {`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`err := resourceAwsDbSecurityGroupAuthorizeRule(ing, *sg.DBSecurityGroupName, conn)`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`if err != nil {`
			`errs = append(errs, err)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`}`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`if len(errs) > 0 {`
			`return &multierror.Error{Errors: errs}`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

			`log.Println(`
			`"[INFO] Waiting for Ingress Authorizations to be authorized")`

			`stateConf := &resource.StateChangeConf{`
			`Pending: []string{"authorizing"},`
			`Target: "authorized",`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`Refresh: resourceAwsDbSecurityGroupStateRefreshFunc(d, meta),`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`Timeout: 10 * time.Minute,`
			`}`

			`// Wait, catching any errors`
			`_, err = stateConf.WaitForState()`
			`if err != nil {`
			`return err`
			`}`

Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`return resourceAwsDbSecurityGroupRead(d, meta)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`func resourceAwsDbSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {`
			`sg, err := resourceAwsDbSecurityGroupRetrieve(d, meta)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`if err != nil {`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`return err`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`d.Set("name", *sg.DBSecurityGroupName)`
			`d.Set("description", *sg.DBSecurityGroupDescription)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`// Create an empty schema.Set to hold all ingress rules`
			`rules := &schema.Set{`
			`F: resourceAwsDbSecurityGroupIngressHash,`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`for _, v := range sg.IPRanges {`
			`rule := map[string]interface{}{"cidr": *v.CIDRIP}`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`rules.Add(rule)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`for _, g := range sg.EC2SecurityGroups {`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`rule := map[string]interface{}{`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`"security_group_name": *g.EC2SecurityGroupName,`
			`"security_group_id": *g.EC2SecurityGroupID,`
			`"security_group_owner_id": *g.EC2SecurityGroupOwnerID,`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`}`
			`rules.Add(rule)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

Refactored the last two resources 2014-11-24 14:04:48 +01:00			`d.Set("ingress", rules)`

Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`return nil`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`func resourceAwsDbSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {`
provider/aws: Remove goamz/rds consolidates the conversion of AWS RDS to aws-sdk-go 2015-02-27 17:50:21 +01:00			`conn := meta.(*AWSClient).rdsconn`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00
			`log.Printf("[DEBUG] DB Security Group destroy: %v", d.Id())`

go fmt db things 2015-04-15 22:02:52 +02:00			`opts := rds.DeleteDBSecurityGroupInput{DBSecurityGroupName: aws.String(d.Id())}`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00
			`log.Printf("[DEBUG] DB Security Group destroy configuration: %v", opts)`
go fmt db things 2015-04-15 22:02:52 +02:00			`_, err := conn.DeleteDBSecurityGroup(&opts)`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00
			`if err != nil {`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`newerr, ok := err.(aws.APIError)`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00			`if ok && newerr.Code == "InvalidDBSecurityGroup.NotFound" {`
			`return nil`
			`}`
			`return err`
			`}`

			`return nil`
			`}`

			`func resourceAwsDbSecurityGroupRetrieve(d schema.ResourceData, meta interface{}) (rds.DBSecurityGroup, error) {`
provider/aws: Remove goamz/rds consolidates the conversion of AWS RDS to aws-sdk-go 2015-02-27 17:50:21 +01:00			`conn := meta.(*AWSClient).rdsconn`
Refactored about 90% Still need to update 2 resources and check the acceptance tests, but overall we’re nearly there :smiley: 2014-11-21 17:58:34 +01:00
go fmt db things 2015-04-15 22:02:52 +02:00			`opts := rds.DescribeDBSecurityGroupsInput{`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`DBSecurityGroupName: aws.String(d.Id()),`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

			`log.Printf("[DEBUG] DB Security Group describe configuration: %#v", opts)`

			`resp, err := conn.DescribeDBSecurityGroups(&opts)`

			`if err != nil {`
			`return nil, fmt.Errorf("Error retrieving DB Security Groups: %s", err)`
			`}`

			`if len(resp.DBSecurityGroups) != 1 \|\|`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`*resp.DBSecurityGroups[0].DBSecurityGroupName != d.Id() {`
provider/aws: convert aws rds subnet to aws-sdk-go 2015-02-26 23:32:34 +01:00			`return nil, fmt.Errorf("Unable to find DB Security Group: %#v", resp.DBSecurityGroups)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

go fmt db things 2015-04-15 22:02:52 +02:00			`return resp.DBSecurityGroups[0], nil`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

			`// Authorizes the ingress rule on the db security group`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`func resourceAwsDbSecurityGroupAuthorizeRule(ingress interface{}, dbSecurityGroupName string, conn *rds.RDS) error {`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`ing := ingress.(map[string]interface{})`

go fmt db things 2015-04-15 22:02:52 +02:00			`opts := rds.AuthorizeDBSecurityGroupIngressInput{`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`DBSecurityGroupName: aws.String(dbSecurityGroupName),`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

Refactored the last two resources 2014-11-24 14:04:48 +01:00			`if attr, ok := ing["cidr"]; ok && attr != "" {`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`opts.CIDRIP = aws.String(attr.(string))`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`}`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`if attr, ok := ing["security_group_name"]; ok && attr != "" {`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`opts.EC2SecurityGroupName = aws.String(attr.(string))`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

Refactored the last two resources 2014-11-24 14:04:48 +01:00			`if attr, ok := ing["security_group_id"]; ok && attr != "" {`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`opts.EC2SecurityGroupID = aws.String(attr.(string))`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`}`

			`if attr, ok := ing["security_group_owner_id"]; ok && attr != "" {`
provider/aws: Convert AWS DB Security Group to aws-sdk-go Part 1: converting the test next 2015-02-26 22:08:39 +01:00			`opts.EC2SecurityGroupOwnerID = aws.String(attr.(string))`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`}`

			`log.Printf("[DEBUG] Authorize ingress rule configuration: %#v", opts)`

			`_, err := conn.AuthorizeDBSecurityGroupIngress(&opts)`

			`if err != nil {`
			`return fmt.Errorf("Error authorizing security group ingress: %s", err)`
			`}`

			`return nil`
			`}`

Refactored the last two resources 2014-11-24 14:04:48 +01:00			`func resourceAwsDbSecurityGroupIngressHash(v interface{}) int {`
			`var buf bytes.Buffer`
			`m := v.(map[string]interface{})`

			`if v, ok := m["cidr"]; ok {`
			`buf.WriteString(fmt.Sprintf("%s-", v.(string)))`
			`}`

			`if v, ok := m["security_group_name"]; ok {`
			`buf.WriteString(fmt.Sprintf("%s-", v.(string)))`
			`}`

			`if v, ok := m["security_group_id"]; ok {`
			`buf.WriteString(fmt.Sprintf("%s-", v.(string)))`
			`}`

			`if v, ok := m["security_group_owner_id"]; ok {`
			`buf.WriteString(fmt.Sprintf("%s-", v.(string)))`
			`}`

			`return hashcode.String(buf.String())`
			`}`

			`func resourceAwsDbSecurityGroupStateRefreshFunc(`
			`d *schema.ResourceData, meta interface{}) resource.StateRefreshFunc {`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00			`return func() (interface{}, string, error) {`
Refactored the last two resources 2014-11-24 14:04:48 +01:00			`v, err := resourceAwsDbSecurityGroupRetrieve(d, meta)`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
			`if err != nil {`
			`log.Printf("Error on retrieving DB Security Group when waiting: %s", err)`
			`return nil, "", err`
			`}`

remove helper functions, flatten status in the function 2015-02-26 22:47:30 +01:00			`statuses := make([]string, 0, len(v.EC2SecurityGroups)+len(v.IPRanges))`
			`for _, ec2g := range v.EC2SecurityGroups {`
			`statuses = append(statuses, *ec2g.Status)`
			`}`
			`for _, ips := range v.IPRanges {`
			`statuses = append(statuses, *ips.Status)`
			`}`
providers/aws: db sec group 2014-07-23 04:22:52 +02:00
			`for _, stat := range statuses {`
			`// Not done`
			`if stat != "authorized" {`
			`return nil, "authorizing", nil`
			`}`
			`}`

			`return v, "authorized", nil`
			`}`
			`}`