provider/aws: Support ec2-classic and vpc in beanstalk recurring plans. (#6491)
* provider/aws: Support ec2-classic and vpc Fix Elastic Beanstalk recurring plans when additional security groups are supplied. In the previous version, only non-default vpc security groups would be handled by dropGeneratedSecurityGroup. * provider/aws: Elastic Beanstalk VPC Test
This commit is contained in:
parent
0abf0b2666
commit
05aef0e660
|
@ -685,20 +685,44 @@ func dropGeneratedSecurityGroup(settingValue string, meta interface{}) string {
|
|||
|
||||
groups := strings.Split(settingValue, ",")
|
||||
|
||||
resp, err := conn.DescribeSecurityGroups(&ec2.DescribeSecurityGroupsInput{
|
||||
GroupIds: aws.StringSlice(groups),
|
||||
})
|
||||
// Check to see if groups are ec2-classic or vpc security groups
|
||||
ec2Classic := true
|
||||
beanstalkSGRegexp := "sg-[0-9a-fA-F]{8}"
|
||||
for _, g := range groups {
|
||||
if ok, _ := regexp.MatchString(beanstalkSGRegexp, g); ok {
|
||||
ec2Classic = false
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
var resp *ec2.DescribeSecurityGroupsOutput
|
||||
var err error
|
||||
|
||||
if ec2Classic {
|
||||
resp, err = conn.DescribeSecurityGroups(&ec2.DescribeSecurityGroupsInput{
|
||||
GroupNames: aws.StringSlice(groups),
|
||||
})
|
||||
} else {
|
||||
resp, err = conn.DescribeSecurityGroups(&ec2.DescribeSecurityGroupsInput{
|
||||
GroupIds: aws.StringSlice(groups),
|
||||
})
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
log.Printf("[DEBUG] Elastic Beanstalk error describing SecurityGroups: %v", err)
|
||||
return settingValue
|
||||
}
|
||||
|
||||
log.Printf("[DEBUG] Elastic Beanstalk using ec2-classic security-groups: %t", ec2Classic)
|
||||
var legitGroups []string
|
||||
for _, group := range resp.SecurityGroups {
|
||||
log.Printf("[DEBUG] Elastic Beanstalk SecurityGroup: %v", *group.GroupName)
|
||||
if !strings.HasPrefix(*group.GroupName, "awseb") {
|
||||
legitGroups = append(legitGroups, *group.GroupId)
|
||||
if ec2Classic {
|
||||
legitGroups = append(legitGroups, *group.GroupName)
|
||||
} else {
|
||||
legitGroups = append(legitGroups, *group.GroupId)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -158,6 +158,26 @@ func TestAccAWSBeanstalkEnv_resource(t *testing.T) {
|
|||
})
|
||||
}
|
||||
|
||||
func TestAccAWSBeanstalkEnv_vpc(t *testing.T) {
|
||||
var app elasticbeanstalk.EnvironmentDescription
|
||||
|
||||
resource.Test(t, resource.TestCase{
|
||||
PreCheck: func() {
|
||||
testAccPreCheck(t)
|
||||
},
|
||||
Providers: testAccProviders,
|
||||
CheckDestroy: testAccCheckBeanstalkEnvDestroy,
|
||||
Steps: []resource.TestStep{
|
||||
resource.TestStep{
|
||||
Config: testAccBeanstalkEnv_VPC(acctest.RandString(5)),
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
testAccCheckBeanstalkEnvExists("aws_elastic_beanstalk_environment.default", &app),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func testAccCheckBeanstalkEnvDestroy(s *terraform.State) error {
|
||||
conn := testAccProvider.Meta().(*AWSClient).elasticbeanstalkconn
|
||||
|
||||
|
@ -488,3 +508,66 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" {
|
|||
}
|
||||
}
|
||||
`
|
||||
|
||||
func testAccBeanstalkEnv_VPC(name string) string {
|
||||
return fmt.Sprintf(`
|
||||
resource "aws_vpc" "tf_b_test" {
|
||||
cidr_block = "10.0.0.0/16"
|
||||
}
|
||||
|
||||
resource "aws_internet_gateway" "tf_b_test" {
|
||||
vpc_id = "${aws_vpc.tf_b_test.id}"
|
||||
}
|
||||
|
||||
resource "aws_route" "r" {
|
||||
route_table_id = "${aws_vpc.tf_b_test.main_route_table_id}"
|
||||
destination_cidr_block = "0.0.0.0/0"
|
||||
gateway_id = "${aws_internet_gateway.tf_b_test.id}"
|
||||
}
|
||||
|
||||
resource "aws_subnet" "main" {
|
||||
vpc_id = "${aws_vpc.tf_b_test.id}"
|
||||
cidr_block = "10.0.0.0/24"
|
||||
}
|
||||
|
||||
resource "aws_security_group" "default" {
|
||||
name = "tf-b-test-%s"
|
||||
vpc_id = "${aws_vpc.tf_b_test.id}"
|
||||
}
|
||||
|
||||
resource "aws_elastic_beanstalk_application" "default" {
|
||||
name = "tf-test-name"
|
||||
description = "tf-test-desc"
|
||||
}
|
||||
|
||||
resource "aws_elastic_beanstalk_environment" "default" {
|
||||
name = "tf-test-name"
|
||||
application = "${aws_elastic_beanstalk_application.default.name}"
|
||||
solution_stack_name = "64bit Amazon Linux running Python"
|
||||
|
||||
setting {
|
||||
namespace = "aws:ec2:vpc"
|
||||
name = "VPCId"
|
||||
value = "${aws_vpc.tf_b_test.id}"
|
||||
}
|
||||
|
||||
setting {
|
||||
namespace = "aws:ec2:vpc"
|
||||
name = "Subnets"
|
||||
value = "${aws_subnet.main.id}"
|
||||
}
|
||||
|
||||
setting {
|
||||
namespace = "aws:ec2:vpc"
|
||||
name = "AssociatePublicIpAddress"
|
||||
value = "true"
|
||||
}
|
||||
|
||||
setting {
|
||||
namespace = "aws:autoscaling:launchconfiguration"
|
||||
name = "SecurityGroups"
|
||||
value = "${aws_security_group.default.id}"
|
||||
}
|
||||
}
|
||||
`, name)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue