From 1a80044397680757fe0727dfa371126c0ba4b0bb Mon Sep 17 00:00:00 2001 From: Paul Stack Date: Thu, 23 Mar 2017 19:16:56 +0200 Subject: [PATCH] provider/aws: Specify that aws_network_acl_rule requires a cidr block (#13013) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes: #13011 ``` % make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSNetworkAclRule_' 2 ↵ ✚ ==> Checking that code complies with gofmt requirements... go generate $(go list ./... | grep -v /terraform/vendor/) 2017/03/23 17:45:25 Generated command/internal_plugin_list.go TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSNetworkAclRule_ -timeout 120m === RUN TestAccAWSNetworkAclRule_basic --- PASS: TestAccAWSNetworkAclRule_basic (41.10s) === RUN TestAccAWSNetworkAclRule_missingParam --- PASS: TestAccAWSNetworkAclRule_missingParam (21.21s) === RUN TestAccAWSNetworkAclRule_ipv6 --- PASS: TestAccAWSNetworkAclRule_ipv6 (53.00s) PASS ok github.com/hashicorp/terraform/builtin/providers/aws 115.333s ``` --- .../aws/resource_aws_network_acl_rule.go | 15 ++++++-- .../aws/resource_aws_network_acl_rule_test.go | 37 +++++++++++++++++++ .../aws/r/network_acl_rule.html.markdown | 2 + 3 files changed, 50 insertions(+), 4 deletions(-) diff --git a/builtin/providers/aws/resource_aws_network_acl_rule.go b/builtin/providers/aws/resource_aws_network_acl_rule.go index 9064ddc27..6b5f0c299 100644 --- a/builtin/providers/aws/resource_aws_network_acl_rule.go +++ b/builtin/providers/aws/resource_aws_network_acl_rule.go @@ -109,12 +109,19 @@ func resourceAwsNetworkAclRuleCreate(d *schema.ResourceData, meta interface{}) e }, } - if v, ok := d.GetOk("cidr_block"); ok { - params.CidrBlock = aws.String(v.(string)) + cidr, hasCidr := d.GetOk("cidr_block") + ipv6Cidr, hasIpv6Cidr := d.GetOk("ipv6_cidr_block") + + if hasCidr == false && hasIpv6Cidr == false { + return fmt.Errorf("Either `cidr_block` or `ipv6_cidr_block` must be defined") } - if v, ok := d.GetOk("ipv6_cidr_block"); ok { - params.Ipv6CidrBlock = aws.String(v.(string)) + if hasCidr { + params.CidrBlock = aws.String(cidr.(string)) + } + + if hasIpv6Cidr { + params.Ipv6CidrBlock = aws.String(ipv6Cidr.(string)) } // Specify additional required fields for ICMP. For the list diff --git a/builtin/providers/aws/resource_aws_network_acl_rule_test.go b/builtin/providers/aws/resource_aws_network_acl_rule_test.go index b8bed27ca..e793ebf53 100644 --- a/builtin/providers/aws/resource_aws_network_acl_rule_test.go +++ b/builtin/providers/aws/resource_aws_network_acl_rule_test.go @@ -2,6 +2,7 @@ package aws import ( "fmt" + "regexp" "strconv" "testing" @@ -32,6 +33,21 @@ func TestAccAWSNetworkAclRule_basic(t *testing.T) { }) } +func TestAccAWSNetworkAclRule_missingParam(t *testing.T) { + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSNetworkAclRuleDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAWSNetworkAclRuleMissingParam, + ExpectError: regexp.MustCompile("Either `cidr_block` or `ipv6_cidr_block` must be defined"), + }, + }, + }) +} + func TestAccAWSNetworkAclRule_ipv6(t *testing.T) { var networkAcl ec2.NetworkAcl @@ -214,6 +230,27 @@ resource "aws_network_acl_rule" "wibble" { } ` +const testAccAWSNetworkAclRuleMissingParam = ` +provider "aws" { + region = "us-east-1" +} +resource "aws_vpc" "foo" { + cidr_block = "10.3.0.0/16" +} +resource "aws_network_acl" "bar" { + vpc_id = "${aws_vpc.foo.id}" +} +resource "aws_network_acl_rule" "baz" { + network_acl_id = "${aws_network_acl.bar.id}" + rule_number = 200 + egress = false + protocol = "tcp" + rule_action = "allow" + from_port = 22 + to_port = 22 +} +` + const testAccAWSNetworkAclRuleIpv6Config = ` resource "aws_vpc" "foo" { cidr_block = "10.3.0.0/16" diff --git a/website/source/docs/providers/aws/r/network_acl_rule.html.markdown b/website/source/docs/providers/aws/r/network_acl_rule.html.markdown index cfd9eb6e6..87912249a 100644 --- a/website/source/docs/providers/aws/r/network_acl_rule.html.markdown +++ b/website/source/docs/providers/aws/r/network_acl_rule.html.markdown @@ -29,6 +29,8 @@ resource "aws_network_acl_rule" "bar" { } ``` +~> **Note:** One of either `cidr_block` or `ipv6_cidr_block` is required. + ## Argument Reference The following arguments are supported: