diff --git a/builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2.go b/builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2.go index 39a675967..2a6075ab5 100644 --- a/builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2.go +++ b/builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2.go @@ -236,6 +236,42 @@ func resourceNetworkingSecGroupRuleV2DetermineProtocol(v string) rules.RuleProto protocol = rules.ProtocolUDP case "icmp": protocol = rules.ProtocolICMP + case "ah": + protocol = rules.ProtocolAH + case "dccp": + protocol = rules.ProtocolDCCP + case "egp": + protocol = rules.ProtocolEGP + case "esp": + protocol = rules.ProtocolESP + case "gre": + protocol = rules.ProtocolGRE + case "igmp": + protocol = rules.ProtocolIGMP + case "ipv6-encap": + protocol = rules.ProtocolIPv6Encap + case "ipv6-frag": + protocol = rules.ProtocolIPv6Frag + case "ipv6-icmp": + protocol = rules.ProtocolIPv6ICMP + case "ipv6-nonxt": + protocol = rules.ProtocolIPv6NoNxt + case "ipv6-opts": + protocol = rules.ProtocolIPv6Opts + case "ipv6-route": + protocol = rules.ProtocolIPv6Route + case "ospf": + protocol = rules.ProtocolOSPF + case "pgm": + protocol = rules.ProtocolPGM + case "rsvp": + protocol = rules.ProtocolRSVP + case "sctp": + protocol = rules.ProtocolSCTP + case "udplite": + protocol = rules.ProtocolUDPLite + case "vrrp": + protocol = rules.ProtocolVRRP } return protocol diff --git a/builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2_test.go b/builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2_test.go index 7dd62e60b..e9bc6834e 100644 --- a/builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2_test.go +++ b/builtin/providers/openstack/resource_openstack_networking_secgroup_rule_v2_test.go @@ -85,6 +85,115 @@ func TestAccNetworkingV2SecGroupRule_timeout(t *testing.T) { }) } +func TestAccNetworkingV2SecGroupRule_protocols(t *testing.T) { + var secgroup_1 groups.SecGroup + var secgroup_rule_ah rules.SecGroupRule + var secgroup_rule_dccp rules.SecGroupRule + var secgroup_rule_egp rules.SecGroupRule + var secgroup_rule_esp rules.SecGroupRule + var secgroup_rule_gre rules.SecGroupRule + var secgroup_rule_igmp rules.SecGroupRule + var secgroup_rule_ipv6_encap rules.SecGroupRule + var secgroup_rule_ipv6_frag rules.SecGroupRule + var secgroup_rule_ipv6_icmp rules.SecGroupRule + var secgroup_rule_ipv6_nonxt rules.SecGroupRule + var secgroup_rule_ipv6_opts rules.SecGroupRule + var secgroup_rule_ipv6_route rules.SecGroupRule + var secgroup_rule_ospf rules.SecGroupRule + var secgroup_rule_pgm rules.SecGroupRule + var secgroup_rule_rsvp rules.SecGroupRule + var secgroup_rule_sctp rules.SecGroupRule + var secgroup_rule_udplite rules.SecGroupRule + var secgroup_rule_vrrp rules.SecGroupRule + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckNetworkingV2SecGroupRuleDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccNetworkingV2SecGroupRule_protocols, + Check: resource.ComposeTestCheckFunc( + testAccCheckNetworkingV2SecGroupExists( + "openstack_networking_secgroup_v2.secgroup_1", &secgroup_1), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ah", &secgroup_rule_ah), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_dccp", &secgroup_rule_dccp), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_egp", &secgroup_rule_egp), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_esp", &secgroup_rule_esp), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_gre", &secgroup_rule_gre), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_igmp", &secgroup_rule_igmp), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_encap", &secgroup_rule_ipv6_encap), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_frag", &secgroup_rule_ipv6_frag), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_icmp", &secgroup_rule_ipv6_icmp), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_nonxt", &secgroup_rule_ipv6_nonxt), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_opts", &secgroup_rule_ipv6_opts), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_route", &secgroup_rule_ipv6_route), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ospf", &secgroup_rule_ospf), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_pgm", &secgroup_rule_pgm), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_rsvp", &secgroup_rule_rsvp), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_sctp", &secgroup_rule_sctp), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_udplite", &secgroup_rule_udplite), + testAccCheckNetworkingV2SecGroupRuleExists( + "openstack_networking_secgroup_rule_v2.secgroup_rule_vrrp", &secgroup_rule_vrrp), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ah", "protocol", "ah"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_dccp", "protocol", "dccp"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_egp", "protocol", "egp"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_esp", "protocol", "esp"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_gre", "protocol", "gre"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_igmp", "protocol", "igmp"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_encap", "protocol", "ipv6-encap"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_frag", "protocol", "ipv6-frag"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_icmp", "protocol", "ipv6-icmp"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_nonxt", "protocol", "ipv6-nonxt"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_opts", "protocol", "ipv6-opts"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ipv6_route", "protocol", "ipv6-route"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_ospf", "protocol", "ospf"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_pgm", "protocol", "pgm"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_rsvp", "protocol", "rsvp"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_sctp", "protocol", "sctp"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_udplite", "protocol", "udplite"), + resource.TestCheckResourceAttr( + "openstack_networking_secgroup_rule_v2.secgroup_rule_vrrp", "protocol", "vrrp"), + ), + }, + }, + }) +} + func testAccCheckNetworkingV2SecGroupRuleDestroy(s *terraform.State) error { config := testAccProvider.Meta().(*Config) networkingClient, err := config.networkingV2Client(OS_REGION_NAME) @@ -226,3 +335,154 @@ resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_2" { } } ` + +const testAccNetworkingV2SecGroupRule_protocols = ` +resource "openstack_networking_secgroup_v2" "secgroup_1" { + name = "secgroup_1" + description = "terraform security group rule acceptance test" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_ah" { + direction = "ingress" + ethertype = "IPv4" + protocol = "ah" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_dccp" { + direction = "ingress" + ethertype = "IPv4" + protocol = "dccp" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_egp" { + direction = "ingress" + ethertype = "IPv4" + protocol = "egp" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_esp" { + direction = "ingress" + ethertype = "IPv4" + protocol = "esp" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_gre" { + direction = "ingress" + ethertype = "IPv4" + protocol = "gre" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_igmp" { + direction = "ingress" + ethertype = "IPv4" + protocol = "igmp" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_ipv6_encap" { + direction = "ingress" + ethertype = "IPv6" + protocol = "ipv6-encap" + remote_ip_prefix = "::/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_ipv6_frag" { + direction = "ingress" + ethertype = "IPv6" + protocol = "ipv6-frag" + remote_ip_prefix = "::/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_ipv6_icmp" { + direction = "ingress" + ethertype = "IPv6" + protocol = "ipv6-icmp" + remote_ip_prefix = "::/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_ipv6_nonxt" { + direction = "ingress" + ethertype = "IPv6" + protocol = "ipv6-nonxt" + remote_ip_prefix = "::/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_ipv6_opts" { + direction = "ingress" + ethertype = "IPv6" + protocol = "ipv6-opts" + remote_ip_prefix = "::/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_ipv6_route" { + direction = "ingress" + ethertype = "IPv6" + protocol = "ipv6-route" + remote_ip_prefix = "::/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_ospf" { + direction = "ingress" + ethertype = "IPv4" + protocol = "ospf" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_pgm" { + direction = "ingress" + ethertype = "IPv4" + protocol = "pgm" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_rsvp" { + direction = "ingress" + ethertype = "IPv4" + protocol = "rsvp" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_sctp" { + direction = "ingress" + ethertype = "IPv4" + protocol = "sctp" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_udplite" { + direction = "ingress" + ethertype = "IPv4" + protocol = "udplite" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} + +resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_vrrp" { + direction = "ingress" + ethertype = "IPv4" + protocol = "vrrp" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "${openstack_networking_secgroup_v2.secgroup_1.id}" +} +` diff --git a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/rules/requests.go b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/rules/requests.go index 77f7e37a4..59ba721d6 100644 --- a/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/rules/requests.go +++ b/vendor/github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/rules/requests.go @@ -47,13 +47,31 @@ type RuleEtherType string // Constants useful for CreateOpts const ( - DirIngress RuleDirection = "ingress" - DirEgress RuleDirection = "egress" - ProtocolTCP RuleProtocol = "tcp" - ProtocolUDP RuleProtocol = "udp" - ProtocolICMP RuleProtocol = "icmp" - EtherType4 RuleEtherType = "IPv4" - EtherType6 RuleEtherType = "IPv6" + DirIngress RuleDirection = "ingress" + DirEgress RuleDirection = "egress" + EtherType4 RuleEtherType = "IPv4" + EtherType6 RuleEtherType = "IPv6" + ProtocolAH RuleProtocol = "ah" + ProtocolDCCP RuleProtocol = "dccp" + ProtocolEGP RuleProtocol = "egp" + ProtocolESP RuleProtocol = "esp" + ProtocolGRE RuleProtocol = "gre" + ProtocolICMP RuleProtocol = "icmp" + ProtocolIGMP RuleProtocol = "igmp" + ProtocolIPv6Encap RuleProtocol = "ipv6-encap" + ProtocolIPv6Frag RuleProtocol = "ipv6-frag" + ProtocolIPv6ICMP RuleProtocol = "ipv6-icmp" + ProtocolIPv6NoNxt RuleProtocol = "ipv6-nonxt" + ProtocolIPv6Opts RuleProtocol = "ipv6-opts" + ProtocolIPv6Route RuleProtocol = "ipv6-route" + ProtocolOSPF RuleProtocol = "ospf" + ProtocolPGM RuleProtocol = "pgm" + ProtocolRSVP RuleProtocol = "rsvp" + ProtocolSCTP RuleProtocol = "sctp" + ProtocolTCP RuleProtocol = "tcp" + ProtocolUDP RuleProtocol = "udp" + ProtocolUDPLite RuleProtocol = "udplite" + ProtocolVRRP RuleProtocol = "vrrp" ) // CreateOptsBuilder is what types must satisfy to be used as Create diff --git a/vendor/vendor.json b/vendor/vendor.json index 6a662482d..f4627b03b 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -1827,10 +1827,10 @@ "revisionTime": "2017-03-10T01:59:53Z" }, { - "checksumSHA1": "CsS/kI3VeLcSHzMKviFVDwqwgvk=", + "checksumSHA1": "E/5q7DTCoOD15K1KGFXSwFCGDE4=", "path": "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/security/rules", - "revision": "0f64da0e36de86a0ca1a8f2fc1b0570a0d3f7504", - "revisionTime": "2017-03-10T01:59:53Z" + "revision": "ce1e02c3ccfdb7fab257340dc4d603ec3035fa11", + "revisionTime": "2017-05-08T02:10:49Z" }, { "checksumSHA1": "zKOhFTL5BDZPMC58ZzZkryjskno=", diff --git a/website/source/docs/providers/openstack/r/networking_secgroup_rule_v2.html.markdown b/website/source/docs/providers/openstack/r/networking_secgroup_rule_v2.html.markdown index 67db99516..a0c181493 100644 --- a/website/source/docs/providers/openstack/r/networking_secgroup_rule_v2.html.markdown +++ b/website/source/docs/providers/openstack/r/networking_secgroup_rule_v2.html.markdown @@ -46,9 +46,28 @@ The following arguments are supported: * `ethertype` - (Required) The layer 3 protocol type, valid values are __IPv4__ or __IPv6__. Changing this creates a new security group rule. -* `protocol` - (Optional) The layer 4 protocol type, valid values are __tcp__, - __udp__ or __icmp__. This is required if you want to specify a port range. - Changing this creates a new security group rule. +* `protocol` - (Optional) The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range. + * __tcp__ + * __udp__ + * __icmp__ + * __ah__ + * __dccp__ + * __egp__ + * __esp__ + * __gre__ + * __igmp__ + * __ipv6-encap__ + * __ipv6-frag__ + * __ipv6-icmp__ + * __ipv6-nonxt__ + * __ipv6-opts__ + * __ipv6-route__ + * __ospf__ + * __pgm__ + * __rsvp__ + * __sctp__ + * __udplite__ + * __vrrp__ * `port_range_min` - (Optional) The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new