From 4f1504cda5fb0c80d6db719a6ac2b3ae619d5248 Mon Sep 17 00:00:00 2001
From: Michal Jankowski <Michal.Jankowski@synchronoss.com>
Date: Wed, 7 Dec 2016 14:50:06 -0800
Subject: [PATCH] =?UTF-8?q?-=20Exercise=20SecondaryPrivateIpAddressCount?=
 =?UTF-8?q?=20from=20AWS=20SDK=20-=20Update=20Terraform=E2=80=99s=20docume?=
 =?UTF-8?q?ntation?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../aws/resource_aws_network_interface.go     | 61 +++++++++++++++++++
 .../aws/r/network_interface.markdown          |  5 +-
 2 files changed, 64 insertions(+), 2 deletions(-)

diff --git a/builtin/providers/aws/resource_aws_network_interface.go b/builtin/providers/aws/resource_aws_network_interface.go
index 5c9f8263e..857237141 100644
--- a/builtin/providers/aws/resource_aws_network_interface.go
+++ b/builtin/providers/aws/resource_aws_network_interface.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"fmt"
 	"log"
+	"math"
 	"strconv"
 	"time"
 
@@ -33,6 +34,12 @@ func resourceAwsNetworkInterface() *schema.Resource {
 				ForceNew: true,
 			},
 
+			"private_ip": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+			},
+
 			"private_ips": &schema.Schema{
 				Type:     schema.TypeSet,
 				Optional: true,
@@ -41,6 +48,12 @@ func resourceAwsNetworkInterface() *schema.Resource {
 				Set:      schema.HashString,
 			},
 
+			"private_ips_count": &schema.Schema{
+				Type:     schema.TypeInt,
+				Optional: true,
+				Computed: true,
+			},
+
 			"security_groups": &schema.Schema{
 				Type:     schema.TypeSet,
 				Optional: true,
@@ -110,6 +123,10 @@ func resourceAwsNetworkInterfaceCreate(d *schema.ResourceData, meta interface{})
 		request.Description = aws.String(v.(string))
 	}
 
+	if v, ok := d.GetOk("private_ips_count"); ok {
+		request.SecondaryPrivateIpAddressCount = aws.Int64(int64(v.(int)))
+	}
+
 	log.Printf("[DEBUG] Creating network interface")
 	resp, err := conn.CreateNetworkInterface(request)
 	if err != nil {
@@ -144,6 +161,7 @@ func resourceAwsNetworkInterfaceRead(d *schema.ResourceData, meta interface{}) e
 
 	eni := describeResp.NetworkInterfaces[0]
 	d.Set("subnet_id", eni.SubnetId)
+	d.Set("private_ip", eni.PrivateIpAddress)
 	d.Set("private_ips", flattenNetworkInterfacesPrivateIPAddresses(eni.PrivateIpAddresses))
 	d.Set("security_groups", flattenGroupIdentifiers(eni.Groups))
 	d.Set("source_dest_check", eni.SourceDestCheck)
@@ -300,6 +318,49 @@ func resourceAwsNetworkInterfaceUpdate(d *schema.ResourceData, meta interface{})
 
 	d.SetPartial("source_dest_check")
 
+	if d.HasChange("private_ips_count") {
+		o, n := d.GetChange("private_ips_count")
+		private_ips := d.Get("private_ips").(*schema.Set).List()
+		private_ips_filtered := private_ips[:0]
+		primary_ip := d.Get("private_ip")
+
+		for _, ip := range private_ips {
+			if ip != primary_ip {
+				private_ips_filtered = append(private_ips_filtered, ip)
+			}
+		}
+
+		if o != nil && o != 0 && n != nil && n != len(private_ips_filtered) {
+
+			diff := n.(int) - o.(int)
+
+			// Surplus of IPs, add the diff
+			if diff > 0 {
+				input := &ec2.AssignPrivateIpAddressesInput{
+					NetworkInterfaceId:             aws.String(d.Id()),
+					SecondaryPrivateIpAddressCount: aws.Int64(int64(diff)),
+				}
+				_, err := conn.AssignPrivateIpAddresses(input)
+				if err != nil {
+					return fmt.Errorf("Failure to assign Private IPs: %s", err)
+				}
+			}
+
+			if diff < 0 {
+				input := &ec2.UnassignPrivateIpAddressesInput{
+					NetworkInterfaceId: aws.String(d.Id()),
+					PrivateIpAddresses: expandStringList(private_ips_filtered[0:int(math.Abs(float64(diff)))]),
+				}
+				_, err := conn.UnassignPrivateIpAddresses(input)
+				if err != nil {
+					return fmt.Errorf("Failure to unassign Private IPs: %s", err)
+				}
+			}
+
+			d.SetPartial("private_ips_count")
+		}
+	}
+
 	if d.HasChange("security_groups") {
 		request := &ec2.ModifyNetworkInterfaceAttributeInput{
 			NetworkInterfaceId: aws.String(d.Id()),
diff --git a/website/source/docs/providers/aws/r/network_interface.markdown b/website/source/docs/providers/aws/r/network_interface.markdown
index e52033ed3..636d1bcb4 100644
--- a/website/source/docs/providers/aws/r/network_interface.markdown
+++ b/website/source/docs/providers/aws/r/network_interface.markdown
@@ -31,6 +31,7 @@ The following arguments are supported:
 * `subnet_id` - (Required) Subnet ID to create the ENI in.
 * `description` - (Optional) A description for the network interface.
 * `private_ips` - (Optional) List of private IPs to assign to the ENI.
+* `private_ips_count` - (Optional) Number of private IPs to assign to the ENI.
 * `security_groups` - (Optional) List of security group IDs to assign to the ENI.
 * `attachment` - (Optional) Block to define the attachment of the ENI. Documented below.
 * `source_dest_check` - (Optional) Whether to enable source destination checking for the ENI. Default true.
@@ -57,8 +58,8 @@ The following attributes are exported:
 
 ## Import
 
-Network Interfaces can be imported using the `id`, e.g. 
+Network Interfaces can be imported using the `id`, e.g.
 
 ```
 $ terraform import aws_network_interface.test eni-e5aa89a3
-```
\ No newline at end of file
+```