ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1718 from ravenac95/encrypted-ebs-volume-fix 

provider/aws: Fix connecting encrypted ebs volumes to aws_instances
This commit is contained in:
Mitchell Hashimoto 2015-04-28 20:21:12 -07:00
parent cbc2891c54 e8e42decc9
commit 57af67b314
2 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
builtin/providers/aws/resource_aws_instance.go
View File

@ -427,6 +427,7 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error {
bd := v.(map[string]interface{}) bd := v.(map[string]interface{})
ebs := &ec2.EBSBlockDevice{ ebs := &ec2.EBSBlockDevice{
DeleteOnTermination: aws.Boolean(bd["delete_on_termination"].(bool)), DeleteOnTermination: aws.Boolean(bd["delete_on_termination"].(bool)),
Encrypted: aws.Boolean(bd["encrypted"].(bool)),
} }
if v, ok := bd["snapshot_id"].(string); ok && v != "" { if v, ok := bd["snapshot_id"].(string); ok && v != "" {

27
builtin/providers/aws/resource_aws_instance_test.go
View File

@ -128,6 +128,11 @@ func TestAccAWSInstance_blockDevices(t *testing.T) {
fmt.Errorf("block device doesn't exist: /dev/sdc") fmt.Errorf("block device doesn't exist: /dev/sdc")
} }
// Check if the encrypted block device exists
if _, ok := blockDevices["/dev/sdd"]; !ok {
fmt.Errorf("block device doesn't exist: /dev/sdd")
}
return nil return nil
} }
} }
@ -149,7 +154,7 @@ func TestAccAWSInstance_blockDevices(t *testing.T) {
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_instance.foo", "root_block_device.0.volume_type", "gp2"), "aws_instance.foo", "root_block_device.0.volume_type", "gp2"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_instance.foo", "ebs_block_device.#", "2"), "aws_instance.foo", "ebs_block_device.#", "3"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_instance.foo", "ebs_block_device.2576023345.device_name", "/dev/sdb"), "aws_instance.foo", "ebs_block_device.2576023345.device_name", "/dev/sdb"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
@ -164,6 +169,12 @@ func TestAccAWSInstance_blockDevices(t *testing.T) {
"aws_instance.foo", "ebs_block_device.2554893574.volume_type", "io1"), "aws_instance.foo", "ebs_block_device.2554893574.volume_type", "io1"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_instance.foo", "ebs_block_device.2554893574.iops", "100"), "aws_instance.foo", "ebs_block_device.2554893574.iops", "100"),
resource.TestCheckResourceAttr(
"aws_instance.foo", "ebs_block_device.2634515331.device_name", "/dev/sdd"),
resource.TestCheckResourceAttr(
"aws_instance.foo", "ebs_block_device.2634515331.encrypted", "true"),
resource.TestCheckResourceAttr(
"aws_instance.foo", "ebs_block_device.2634515331.volume_size", "12"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_instance.foo", "ephemeral_block_device.#", "1"), "aws_instance.foo", "ephemeral_block_device.#", "1"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
@ -546,7 +557,11 @@ const testAccInstanceConfigBlockDevices = `
resource "aws_instance" "foo" { resource "aws_instance" "foo" {
# us-west-2 # us-west-2
ami = "ami-55a7ea65" ami = "ami-55a7ea65"
instance_type = "m1.small"
# In order to attach an encrypted volume to an instance you need to have an
# m3.medium or larger. See "Supported Instance Types" in:
# http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html
instance_type = "m3.medium"
root_block_device { root_block_device {
volume_type = "gp2" volume_type = "gp2"
@ -562,6 +577,14 @@ resource "aws_instance" "foo" {
volume_type = "io1" volume_type = "io1"
iops = 100 iops = 100
} }
# Encrypted ebs block device
ebs_block_device {
device_name = "/dev/sdd"
volume_size = 12
encrypted = true
}
ephemeral_block_device { ephemeral_block_device {
device_name = "/dev/sde" device_name = "/dev/sde"
virtual_name = "ephemeral0" virtual_name = "ephemeral0"