diff --git a/builtin/providers/aws/resource_aws_instance.go b/builtin/providers/aws/resource_aws_instance.go index a7fdb7edc..57446d349 100644 --- a/builtin/providers/aws/resource_aws_instance.go +++ b/builtin/providers/aws/resource_aws_instance.go @@ -1,6 +1,8 @@ package aws import ( + "crypto/sha1" + "encoding/hex" "fmt" "log" "strconv" @@ -25,12 +27,27 @@ func resource_aws_instance_create( rs := s.MergeDiff(d) delete(rs.Attributes, "source_dest_check") + // Figure out user data + userData := "" + if v, ok := rs.Attributes["user_data"]; ok { + userData = v + delete(rs.Attributes, "user_data") + } + + if userData != "" { + // Set the SHA1 hash of the data as an attribute so we can + // compare for diffs. + hash := sha1.Sum([]byte(userData)) + rs.Attributes["user_data_hash"] = hex.EncodeToString(hash[:]) + } + // Build the creation struct runOpts := &ec2.RunInstances{ ImageId: rs.Attributes["ami"], InstanceType: rs.Attributes["instance_type"], KeyName: rs.Attributes["key_name"], SubnetId: rs.Attributes["subnet_id"], + UserData: []byte(userData), } if raw := flatmap.Expand(rs.Attributes, "security_groups"); raw != nil { if sgs, ok := raw.([]interface{}); ok { @@ -180,6 +197,7 @@ func resource_aws_instance_diff( "security_groups": diff.AttrTypeCreate, "subnet_id": diff.AttrTypeCreate, "source_dest_check": diff.AttrTypeUpdate, + "user_data": diff.AttrTypeCreate, }, ComputedAttrs: []string{ diff --git a/builtin/providers/aws/resource_aws_instance_test.go b/builtin/providers/aws/resource_aws_instance_test.go index 5cafe6f54..5996da63d 100644 --- a/builtin/providers/aws/resource_aws_instance_test.go +++ b/builtin/providers/aws/resource_aws_instance_test.go @@ -34,6 +34,10 @@ func TestAccAWSInstance_normal(t *testing.T) { testAccCheckInstanceExists( "aws_instance.foo", &v), testCheck, + resource.TestCheckResourceAttr( + "aws_instance.foo", + "user_data_hash", + "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33"), ), }, }, @@ -161,6 +165,13 @@ const testAccInstanceConfig = ` resource "aws_security_group" "tf_test_foo" { name = "tf_test_foo" description = "foo" + + ingress { + protocol = "icmp" + from_port = -1 + to_port = -1 + cidr_blocks = ["0.0.0.0/0"] + } } resource "aws_instance" "foo" { @@ -168,6 +179,7 @@ resource "aws_instance" "foo" { ami = "ami-4fccb37f" instance_type = "m1.small" security_groups = ["${aws_security_group.tf_test_foo.name}"] + user_data = "foo" } ` diff --git a/builtin/providers/aws/resource_aws_security_group_test.go b/builtin/providers/aws/resource_aws_security_group_test.go index 0da802155..88299dbe2 100644 --- a/builtin/providers/aws/resource_aws_security_group_test.go +++ b/builtin/providers/aws/resource_aws_security_group_test.go @@ -2,8 +2,8 @@ package aws import ( "fmt" - "testing" "reflect" + "testing" "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/terraform" @@ -80,7 +80,6 @@ func testAccCheckAWSSecurityGroupDestroy(s *terraform.State) error { return nil } - func testAccCheckAWSSecurityGroupExists(n string, group *ec2.SecurityGroupInfo) resource.TestCheckFunc { return func(s *terraform.State) error { rs, ok := s.Resources[n] @@ -119,9 +118,9 @@ func testAccCheckAWSSecurityGroupExists(n string, group *ec2.SecurityGroupInfo) func testAccCheckAWSSecurityGroupAttributes(group *ec2.SecurityGroupInfo) resource.TestCheckFunc { return func(s *terraform.State) error { p := ec2.IPPerm{ - FromPort: 80, - ToPort: 8000, - Protocol: "tcp", + FromPort: 80, + ToPort: 8000, + Protocol: "tcp", SourceIPs: []string{"10.0.0.0/0"}, }