provider/aws: Support additional changes to security groups of instance without forcing new

This commit is contained in:
innossh 2016-02-19 01:57:23 +09:00
parent 938ab99d51
commit 564dd360a2
1 changed files with 22 additions and 1 deletions

View File

@ -107,7 +107,6 @@ func resourceAwsInstance() *schema.Resource {
Type: schema.TypeSet,
Optional: true,
Computed: true,
ForceNew: true,
Elem: &schema.Schema{Type: schema.TypeString},
Set: schema.HashString,
},
@ -581,6 +580,28 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error {
}
}
if d.HasChange("security_groups") {
var groupIds []*string
if v := d.Get("security_groups").(*schema.Set); v.Len() > 0 {
resp, err := conn.DescribeSecurityGroups(&ec2.DescribeSecurityGroupsInput{
GroupNames: expandStringList(v.List()),
})
if err != nil {
return err
}
for _, v := range resp.SecurityGroups {
groupIds = append(groupIds, aws.String(*v.GroupId))
}
}
_, err := conn.ModifyInstanceAttribute(&ec2.ModifyInstanceAttributeInput{
InstanceId: aws.String(d.Id()),
Groups: groupIds,
})
if err != nil {
return err
}
}
if d.HasChange("vpc_security_group_ids") {
var groups []*string
if v := d.Get("vpc_security_group_ids").(*schema.Set); v.Len() > 0 {