provider/aws: Support ec2-classic and vpc in beanstalk recurring plans. (#6491)
* provider/aws: Support ec2-classic and vpc Fix Elastic Beanstalk recurring plans when additional security groups are supplied. In the previous version, only non-default vpc security groups would be handled by dropGeneratedSecurityGroup. * provider/aws: Elastic Beanstalk VPC Test
This commit is contained in:
parent
0abf0b2666
commit
05aef0e660
|
@ -685,20 +685,44 @@ func dropGeneratedSecurityGroup(settingValue string, meta interface{}) string {
|
||||||
|
|
||||||
groups := strings.Split(settingValue, ",")
|
groups := strings.Split(settingValue, ",")
|
||||||
|
|
||||||
resp, err := conn.DescribeSecurityGroups(&ec2.DescribeSecurityGroupsInput{
|
// Check to see if groups are ec2-classic or vpc security groups
|
||||||
GroupIds: aws.StringSlice(groups),
|
ec2Classic := true
|
||||||
})
|
beanstalkSGRegexp := "sg-[0-9a-fA-F]{8}"
|
||||||
|
for _, g := range groups {
|
||||||
|
if ok, _ := regexp.MatchString(beanstalkSGRegexp, g); ok {
|
||||||
|
ec2Classic = false
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var resp *ec2.DescribeSecurityGroupsOutput
|
||||||
|
var err error
|
||||||
|
|
||||||
|
if ec2Classic {
|
||||||
|
resp, err = conn.DescribeSecurityGroups(&ec2.DescribeSecurityGroupsInput{
|
||||||
|
GroupNames: aws.StringSlice(groups),
|
||||||
|
})
|
||||||
|
} else {
|
||||||
|
resp, err = conn.DescribeSecurityGroups(&ec2.DescribeSecurityGroupsInput{
|
||||||
|
GroupIds: aws.StringSlice(groups),
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("[DEBUG] Elastic Beanstalk error describing SecurityGroups: %v", err)
|
log.Printf("[DEBUG] Elastic Beanstalk error describing SecurityGroups: %v", err)
|
||||||
return settingValue
|
return settingValue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.Printf("[DEBUG] Elastic Beanstalk using ec2-classic security-groups: %t", ec2Classic)
|
||||||
var legitGroups []string
|
var legitGroups []string
|
||||||
for _, group := range resp.SecurityGroups {
|
for _, group := range resp.SecurityGroups {
|
||||||
log.Printf("[DEBUG] Elastic Beanstalk SecurityGroup: %v", *group.GroupName)
|
log.Printf("[DEBUG] Elastic Beanstalk SecurityGroup: %v", *group.GroupName)
|
||||||
if !strings.HasPrefix(*group.GroupName, "awseb") {
|
if !strings.HasPrefix(*group.GroupName, "awseb") {
|
||||||
legitGroups = append(legitGroups, *group.GroupId)
|
if ec2Classic {
|
||||||
|
legitGroups = append(legitGroups, *group.GroupName)
|
||||||
|
} else {
|
||||||
|
legitGroups = append(legitGroups, *group.GroupId)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -158,6 +158,26 @@ func TestAccAWSBeanstalkEnv_resource(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAccAWSBeanstalkEnv_vpc(t *testing.T) {
|
||||||
|
var app elasticbeanstalk.EnvironmentDescription
|
||||||
|
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() {
|
||||||
|
testAccPreCheck(t)
|
||||||
|
},
|
||||||
|
Providers: testAccProviders,
|
||||||
|
CheckDestroy: testAccCheckBeanstalkEnvDestroy,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccBeanstalkEnv_VPC(acctest.RandString(5)),
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckBeanstalkEnvExists("aws_elastic_beanstalk_environment.default", &app),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
func testAccCheckBeanstalkEnvDestroy(s *terraform.State) error {
|
func testAccCheckBeanstalkEnvDestroy(s *terraform.State) error {
|
||||||
conn := testAccProvider.Meta().(*AWSClient).elasticbeanstalkconn
|
conn := testAccProvider.Meta().(*AWSClient).elasticbeanstalkconn
|
||||||
|
|
||||||
|
@ -488,3 +508,66 @@ resource "aws_elastic_beanstalk_environment" "tfenvtest" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
`
|
`
|
||||||
|
|
||||||
|
func testAccBeanstalkEnv_VPC(name string) string {
|
||||||
|
return fmt.Sprintf(`
|
||||||
|
resource "aws_vpc" "tf_b_test" {
|
||||||
|
cidr_block = "10.0.0.0/16"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_internet_gateway" "tf_b_test" {
|
||||||
|
vpc_id = "${aws_vpc.tf_b_test.id}"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_route" "r" {
|
||||||
|
route_table_id = "${aws_vpc.tf_b_test.main_route_table_id}"
|
||||||
|
destination_cidr_block = "0.0.0.0/0"
|
||||||
|
gateway_id = "${aws_internet_gateway.tf_b_test.id}"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_subnet" "main" {
|
||||||
|
vpc_id = "${aws_vpc.tf_b_test.id}"
|
||||||
|
cidr_block = "10.0.0.0/24"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_security_group" "default" {
|
||||||
|
name = "tf-b-test-%s"
|
||||||
|
vpc_id = "${aws_vpc.tf_b_test.id}"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_elastic_beanstalk_application" "default" {
|
||||||
|
name = "tf-test-name"
|
||||||
|
description = "tf-test-desc"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_elastic_beanstalk_environment" "default" {
|
||||||
|
name = "tf-test-name"
|
||||||
|
application = "${aws_elastic_beanstalk_application.default.name}"
|
||||||
|
solution_stack_name = "64bit Amazon Linux running Python"
|
||||||
|
|
||||||
|
setting {
|
||||||
|
namespace = "aws:ec2:vpc"
|
||||||
|
name = "VPCId"
|
||||||
|
value = "${aws_vpc.tf_b_test.id}"
|
||||||
|
}
|
||||||
|
|
||||||
|
setting {
|
||||||
|
namespace = "aws:ec2:vpc"
|
||||||
|
name = "Subnets"
|
||||||
|
value = "${aws_subnet.main.id}"
|
||||||
|
}
|
||||||
|
|
||||||
|
setting {
|
||||||
|
namespace = "aws:ec2:vpc"
|
||||||
|
name = "AssociatePublicIpAddress"
|
||||||
|
value = "true"
|
||||||
|
}
|
||||||
|
|
||||||
|
setting {
|
||||||
|
namespace = "aws:autoscaling:launchconfiguration"
|
||||||
|
name = "SecurityGroups"
|
||||||
|
value = "${aws_security_group.default.id}"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
`, name)
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue