From 637d68140ca693e8987ece6f51ae0545e3857839 Mon Sep 17 00:00:00 2001 From: Jack Pearkes Date: Tue, 8 Jul 2014 17:47:03 -0400 Subject: [PATCH] providers/aws: ingress and egress rules --- .../aws/resource_aws_security_group.go | 20 ++++++++++++------- builtin/providers/aws/structure.go | 18 ++++++++--------- 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/builtin/providers/aws/resource_aws_security_group.go b/builtin/providers/aws/resource_aws_security_group.go index c080c32e5..9aadef1c4 100644 --- a/builtin/providers/aws/resource_aws_security_group.go +++ b/builtin/providers/aws/resource_aws_security_group.go @@ -37,14 +37,20 @@ func resource_aws_security_group_create( group := createResp.SecurityGroup log.Printf("[INFO] Security Group ID: %s", rs.ID) + ingressRules := []ec2.IPPerm{} + egressRules := []ec2.IPPerm{} // Expand the "ingress" array to goamz compat []ec2.IPPerm - v := flatmap.Expand(rs.Attributes, "ingress").([]interface{}) - ingressRules := expandIPPerms(v) + v, ok := flatmap.Expand(rs.Attributes, "ingress").([]interface{}) + if ok { + ingressRules = expandIPPerms(v) + } // Expand the "egress" array to goamz compat []ec2.IPPerm - v = flatmap.Expand(rs.Attributes, "egress").([]interface{}) - egressRules := expandIPPerms(v) + v, ok = flatmap.Expand(rs.Attributes, "egress").([]interface{}) + if ok { + egressRules = expandIPPerms(v) + } if len(egressRules) > 0 { _, err = ec2conn.AuthorizeSecurityGroupEgress(group, egressRules) @@ -53,7 +59,7 @@ func resource_aws_security_group_create( } } - if len(egressRules) > 0 { + if len(ingressRules) > 0 { _, err = ec2conn.AuthorizeSecurityGroup(group, ingressRules) if err != nil { return rs, fmt.Errorf("Error authorizing security group ingress rules: %s", err) @@ -126,6 +132,8 @@ func resource_aws_security_group_diff( "name": diff.AttrTypeCreate, "description": diff.AttrTypeCreate, "vpc_id": diff.AttrTypeUpdate, + "ingress": diff.AttrTypeUpdate, + "egress": diff.AttrTypeUpdate, }, ComputedAttrs: []string{ @@ -140,8 +148,6 @@ func resource_aws_security_group_update_state( s *terraform.ResourceState, sg *ec2.SecurityGroupInfo) (*terraform.ResourceState, error) { - log.Println(sg) - s.Attributes["description"] = sg.Description s.Attributes["name"] = sg.Name s.Attributes["vpc_id"] = sg.VpcId diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go index b165b86f7..ac6ff9c55 100644 --- a/builtin/providers/aws/structure.go +++ b/builtin/providers/aws/structure.go @@ -3,7 +3,6 @@ package aws import ( "github.com/mitchellh/goamz/ec2" "github.com/mitchellh/goamz/elb" - "log" ) // Takes the result of flatmap.Expand for an array of listeners and @@ -38,17 +37,18 @@ func expandIPPerms(configured []interface{}) []ec2.IPPerm { // an array of goamz/ec2 compatabile objects for _, perm := range configured { newP := perm.(map[string]interface{}) - log.Println(newP) - // Loop over the array of sg ids and built // compatibile goamz objects - groups := expandStringList(newP["security_groups"].([]interface{})) - expandedGroups := make([]ec2.UserSecurityGroup, 0, len(groups)) - for _, g := range groups { - newG := ec2.UserSecurityGroup{ - Id: g, + expandedGroups := []ec2.UserSecurityGroup{} + configGroups, ok := newP["security_groups"].([]interface{}) + if ok { + gs := expandStringList(configGroups) + for _, g := range gs { + newG := ec2.UserSecurityGroup{ + Id: g, + } + expandedGroups = append(expandedGroups, newG) } - expandedGroups = append(expandedGroups, newG) } // Create the permission objet