provider/aws: aws_vpc_peering_connection: import fix

When importing an `aws_vpc_peering_connection`, the code assumes that
the account under Terraform control is the initiator (requester) of the
VPC peering request. This holds true when the peering connection is
between two VPCs in the same account, or when the peering connection has
been initiated from the controlled account to another.

However, when the peering connection has been initiated from a foreign
account towards the account under management, importing the peering
connection into the statefile results in values of `peer_vpc_id` and
`vpc_id` being the opposite way round to what they should be, and in the
`peer_owner_id` being set to the managed account's ID rather than the
foreign account's ID.

This patch checks the Accepter and Requester Owner IDs against the AWS
connection's reported owner ID, and reverses the mapping if it is
determined that the VPC peering connection is owned by the foreign
account.
This commit is contained in:
Doug Neal 2016-12-08 23:09:05 +00:00
parent 510c82c6d7
commit 24baa38408
1 changed files with 18 additions and 4 deletions

View File

@ -99,7 +99,9 @@ func resourceAwsVPCPeeringCreate(d *schema.ResourceData, meta interface{}) error
}
func resourceAwsVPCPeeringRead(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).ec2conn
client := meta.(*AWSClient)
conn := client.ec2conn
pcRaw, status, err := resourceAwsVPCPeeringConnectionStateRefreshFunc(conn, d.Id())()
// Allow a failed VPC Peering Connection to fallthrough,
// to allow rest of the logic below to do its work.
@ -134,10 +136,22 @@ func resourceAwsVPCPeeringRead(d *schema.ResourceData, meta interface{}) error {
}
log.Printf("[DEBUG] VPC Peering Connection response: %#v", pc)
log.Printf("[DEBUG] Account ID %s, VPC PeerConn Requester %s, Accepter %s",
client.accountid, *pc.RequesterVpcInfo.OwnerId, *pc.AccepterVpcInfo.OwnerId)
if (client.accountid == *pc.AccepterVpcInfo.OwnerId) && (client.accountid != *pc.RequesterVpcInfo.OwnerId) {
// We're the accepter
d.Set("peer_owner_id", pc.RequesterVpcInfo.OwnerId)
d.Set("peer_vpc_id", pc.RequesterVpcInfo.VpcId)
d.Set("vpc_id", pc.AccepterVpcInfo.VpcId)
} else {
// We're the requester
d.Set("peer_owner_id", pc.AccepterVpcInfo.OwnerId)
d.Set("peer_vpc_id", pc.AccepterVpcInfo.VpcId)
d.Set("vpc_id", pc.RequesterVpcInfo.VpcId)
}
d.Set("accept_status", pc.Status.Code)
d.Set("peer_owner_id", pc.AccepterVpcInfo.OwnerId)
d.Set("peer_vpc_id", pc.AccepterVpcInfo.VpcId)
d.Set("vpc_id", pc.RequesterVpcInfo.VpcId)
// When the VPC Peering Connection is pending acceptance,
// the details about accepter and/or requester peering