provider/aws: aws_vpc_peering_connection: import fix
When importing an `aws_vpc_peering_connection`, the code assumes that the account under Terraform control is the initiator (requester) of the VPC peering request. This holds true when the peering connection is between two VPCs in the same account, or when the peering connection has been initiated from the controlled account to another. However, when the peering connection has been initiated from a foreign account towards the account under management, importing the peering connection into the statefile results in values of `peer_vpc_id` and `vpc_id` being the opposite way round to what they should be, and in the `peer_owner_id` being set to the managed account's ID rather than the foreign account's ID. This patch checks the Accepter and Requester Owner IDs against the AWS connection's reported owner ID, and reverses the mapping if it is determined that the VPC peering connection is owned by the foreign account.
This commit is contained in:
parent
510c82c6d7
commit
24baa38408
|
@ -99,7 +99,9 @@ func resourceAwsVPCPeeringCreate(d *schema.ResourceData, meta interface{}) error
|
|||
}
|
||||
|
||||
func resourceAwsVPCPeeringRead(d *schema.ResourceData, meta interface{}) error {
|
||||
conn := meta.(*AWSClient).ec2conn
|
||||
client := meta.(*AWSClient)
|
||||
conn := client.ec2conn
|
||||
|
||||
pcRaw, status, err := resourceAwsVPCPeeringConnectionStateRefreshFunc(conn, d.Id())()
|
||||
// Allow a failed VPC Peering Connection to fallthrough,
|
||||
// to allow rest of the logic below to do its work.
|
||||
|
@ -134,10 +136,22 @@ func resourceAwsVPCPeeringRead(d *schema.ResourceData, meta interface{}) error {
|
|||
}
|
||||
log.Printf("[DEBUG] VPC Peering Connection response: %#v", pc)
|
||||
|
||||
d.Set("accept_status", pc.Status.Code)
|
||||
log.Printf("[DEBUG] Account ID %s, VPC PeerConn Requester %s, Accepter %s",
|
||||
client.accountid, *pc.RequesterVpcInfo.OwnerId, *pc.AccepterVpcInfo.OwnerId)
|
||||
|
||||
if (client.accountid == *pc.AccepterVpcInfo.OwnerId) && (client.accountid != *pc.RequesterVpcInfo.OwnerId) {
|
||||
// We're the accepter
|
||||
d.Set("peer_owner_id", pc.RequesterVpcInfo.OwnerId)
|
||||
d.Set("peer_vpc_id", pc.RequesterVpcInfo.VpcId)
|
||||
d.Set("vpc_id", pc.AccepterVpcInfo.VpcId)
|
||||
} else {
|
||||
// We're the requester
|
||||
d.Set("peer_owner_id", pc.AccepterVpcInfo.OwnerId)
|
||||
d.Set("peer_vpc_id", pc.AccepterVpcInfo.VpcId)
|
||||
d.Set("vpc_id", pc.RequesterVpcInfo.VpcId)
|
||||
}
|
||||
|
||||
d.Set("accept_status", pc.Status.Code)
|
||||
|
||||
// When the VPC Peering Connection is pending acceptance,
|
||||
// the details about accepter and/or requester peering
|
||||
|
|
Loading…
Reference in New Issue