providers/aws: security group import imports rules
This commit is contained in:
Mitchell Hashimoto
parent
b728e55861
commit
6bdab07174
|
|
@ -40,14 +40,17 @@ func resourceAwsSecurityGroupImportState(
|
||||||
for ruleType, perms := range permMap {
|
for ruleType, perms := range permMap {
|
||||||
for _, perm := range perms {
|
for _, perm := range perms {
|
||||||
// Construct the rule. We do this by populating the absolute
|
// Construct the rule. We do this by populating the absolute
|
||||||
// minimum necessary for Refresh on the rule to work.
|
// minimum necessary for Refresh on the rule to work. This
|
||||||
|
// happens to be a lot of fields since they're almost all needed
|
||||||
|
// for de-dupping.
|
||||||
id := ipPermissionIDHash(sgId, ruleType, perm)
|
id := ipPermissionIDHash(sgId, ruleType, perm)
|
||||||
data := ruleResource.Data(nil)
|
d := ruleResource.Data(nil)
|
||||||
data.SetId(id)
|
d.SetId(id)
|
||||||
data.SetType("aws_security_group_rule")
|
d.SetType("aws_security_group_rule")
|
||||||
data.Set("security_group_id", sgId)
|
d.Set("security_group_id", sgId)
|
||||||
data.Set("type", ruleType)
|
d.Set("type", ruleType)
|
||||||
results = append(results, data)
|
setFromIPPerm(d, sg, perm)
|
||||||
|
results = append(results, d)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -239,27 +239,8 @@ func resourceAwsSecurityGroupRuleRead(d *schema.ResourceData, meta interface{})
|
||||||
|
|
||||||
log.Printf("[DEBUG] Found rule for Security Group Rule (%s): %s", d.Id(), rule)
|
log.Printf("[DEBUG] Found rule for Security Group Rule (%s): %s", d.Id(), rule)
|
||||||
|
|
||||||
d.Set("from_port", rule.FromPort)
|
|
||||||
d.Set("to_port", rule.ToPort)
|
|
||||||
d.Set("protocol", rule.IpProtocol)
|
|
||||||
d.Set("type", ruleType)
|
d.Set("type", ruleType)
|
||||||
|
setFromIPPerm(d, sg, rule)
|
||||||
var cb []string
|
|
||||||
for _, c := range p.IpRanges {
|
|
||||||
cb = append(cb, *c.CidrIp)
|
|
||||||
}
|
|
||||||
|
|
||||||
d.Set("cidr_blocks", cb)
|
|
||||||
|
|
||||||
if len(p.UserIdGroupPairs) > 0 {
|
|
||||||
s := p.UserIdGroupPairs[0]
|
|
||||||
if isVPC {
|
|
||||||
d.Set("source_security_group_id", *s.GroupId)
|
|
||||||
} else {
|
|
||||||
d.Set("source_security_group_id", *s.GroupName)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -515,3 +496,29 @@ func expandIPPerm(d *schema.ResourceData, sg *ec2.SecurityGroup) (*ec2.IpPermiss
|
||||||
|
|
||||||
return &perm, nil
|
return &perm, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func setFromIPPerm(d *schema.ResourceData, sg *ec2.SecurityGroup, rule *ec2.IpPermission) error {
|
||||||
|
isVPC := sg.VpcId != nil && *sg.VpcId != ""
|
||||||
|
|
||||||
|
d.Set("from_port", rule.FromPort)
|
||||||
|
d.Set("to_port", rule.ToPort)
|
||||||
|
d.Set("protocol", rule.IpProtocol)
|
||||||
|
|
||||||
|
var cb []string
|
||||||
|
for _, c := range rule.IpRanges {
|
||||||
|
cb = append(cb, *c.CidrIp)
|
||||||
|
}
|
||||||
|
|
||||||
|
d.Set("cidr_blocks", cb)
|
||||||
|
|
||||||
|
if len(rule.UserIdGroupPairs) > 0 {
|
||||||
|
s := rule.UserIdGroupPairs[0]
|
||||||
|
if isVPC {
|
||||||
|
d.Set("source_security_group_id", *s.GroupId)
|
||||||
|
} else {
|
||||||
|
d.Set("source_security_group_id", *s.GroupName)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,6 @@ func (n *EvalRefresh) Eval(ctx EvalContext) (interface{}, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Printf("STATE: %#v", state)
|
|
||||||
if n.Output != nil {
|
if n.Output != nil {
|
||||||
*n.Output = state
|
*n.Output = state
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue