provider/aws: Add support for ICMP Protocol in Network ACLs
- added icmp_type attribute - added icmp_code attribute - fixed an issue hiding the error
This commit is contained in:
parent
6749ea29a4
commit
339f2bd21f
|
@ -34,6 +34,18 @@ func expandNetworkAclEntries(configured []interface{}, entryType string) ([]*ec2
|
|||
RuleNumber: aws.Long(int64(data["rule_no"].(int))),
|
||||
CIDRBlock: aws.String(data["cidr_block"].(string)),
|
||||
}
|
||||
|
||||
// Specify additional required fields for ICMP
|
||||
if p == 1 {
|
||||
e.ICMPTypeCode = &ec2.ICMPTypeCode{}
|
||||
if v, ok := data["icmp_code"]; ok {
|
||||
e.ICMPTypeCode.Code = aws.Long(int64(v.(int)))
|
||||
}
|
||||
if v, ok := data["icmp_type"]; ok {
|
||||
e.ICMPTypeCode.Type = aws.Long(int64(v.(int)))
|
||||
}
|
||||
}
|
||||
|
||||
entries = append(entries, e)
|
||||
}
|
||||
return entries, nil
|
||||
|
|
|
@ -76,6 +76,14 @@ func resourceAwsNetworkAcl() *schema.Resource {
|
|||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
},
|
||||
"icmp_type": &schema.Schema{
|
||||
Type: schema.TypeInt,
|
||||
Optional: true,
|
||||
},
|
||||
"icmp_code": &schema.Schema{
|
||||
Type: schema.TypeInt,
|
||||
Optional: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
Set: resourceAwsNetworkAclEntryHash,
|
||||
|
@ -110,6 +118,14 @@ func resourceAwsNetworkAcl() *schema.Resource {
|
|||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
},
|
||||
"icmp_type": &schema.Schema{
|
||||
Type: schema.TypeInt,
|
||||
Optional: true,
|
||||
},
|
||||
"icmp_code": &schema.Schema{
|
||||
Type: schema.TypeInt,
|
||||
Optional: true,
|
||||
},
|
||||
},
|
||||
},
|
||||
Set: resourceAwsNetworkAclEntryHash,
|
||||
|
@ -377,9 +393,10 @@ func updateNetworkAclEntries(d *schema.ResourceData, entryType string, conn *ec2
|
|||
Protocol: add.Protocol,
|
||||
RuleAction: add.RuleAction,
|
||||
RuleNumber: add.RuleNumber,
|
||||
ICMPTypeCode: add.ICMPTypeCode,
|
||||
})
|
||||
if connErr != nil {
|
||||
return fmt.Errorf("Error creating %s entry: %s", entryType, err)
|
||||
return fmt.Errorf("Error creating %s entry: %s", entryType, connErr)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
|
@ -466,6 +483,13 @@ func resourceAwsNetworkAclEntryHash(v interface{}) int {
|
|||
buf.WriteString(fmt.Sprintf("%s-", v.(string)))
|
||||
}
|
||||
|
||||
if v, ok := m["icmp_type"]; ok {
|
||||
buf.WriteString(fmt.Sprintf("%d-", v.(int)))
|
||||
}
|
||||
if v, ok := m["icmp_code"]; ok {
|
||||
buf.WriteString(fmt.Sprintf("%d-", v.(int)))
|
||||
}
|
||||
|
||||
return hashcode.String(buf.String())
|
||||
}
|
||||
|
||||
|
@ -538,6 +562,11 @@ func networkAclEntriesToMapList(networkAcls []*ec2.NetworkACLEntry) []map[string
|
|||
acl["to_port"] = *entry.PortRange.To
|
||||
}
|
||||
|
||||
if entry.ICMPTypeCode != nil {
|
||||
acl["icmp_type"] = *entry.ICMPTypeCode.Type
|
||||
acl["icmp_code"] = *entry.ICMPTypeCode.Code
|
||||
}
|
||||
|
||||
result = append(result, acl)
|
||||
}
|
||||
|
||||
|
|
|
@ -62,6 +62,10 @@ Both `egress` and `ingress` support the following keys:
|
|||
protocol, you must specify a from and to port of 0.
|
||||
* `cidr_block` - (Optional) The CIDR block to match. This must be a
|
||||
valid network mask.
|
||||
* `icmp_type` - (Optional) The ICMP type to be used. Default 0.
|
||||
* `icmp_code` - (Optional) The ICMP type code to be used. Default 0.
|
||||
|
||||
~> Note: For more information on ICMP types and codes, see here: http://www.nthelp.com/icmp.html
|
||||
|
||||
## Attributes Reference
|
||||
|
||||
|
|
Loading…
Reference in New Issue