providers/aws: security group import
This commit is contained in:
Mitchell Hashimoto
parent
b728f8c018
commit
84fa3e5c9e
|
|
@ -0,0 +1,55 @@
|
||||||
|
package aws
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
|
||||||
|
"github.com/aws/aws-sdk-go/service/ec2"
|
||||||
|
"github.com/hashicorp/terraform/helper/schema"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Security group import fans out to multiple resources due to the
|
||||||
|
// security group rules. Instead of creating one resource with nested
|
||||||
|
// rules, we use the best practices approach of one resource per rule.
|
||||||
|
func resourceAwsSecurityGroupImportState(
|
||||||
|
d *schema.ResourceData,
|
||||||
|
meta interface{}) ([]*schema.ResourceData, error) {
|
||||||
|
conn := meta.(*AWSClient).ec2conn
|
||||||
|
|
||||||
|
// First query the security group
|
||||||
|
sgRaw, _, err := SGStateRefreshFunc(conn, d.Id())()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if sgRaw == nil {
|
||||||
|
return nil, fmt.Errorf("security group not found")
|
||||||
|
}
|
||||||
|
sg := sgRaw.(*ec2.SecurityGroup)
|
||||||
|
sgId := d.Id()
|
||||||
|
|
||||||
|
// Start building our results
|
||||||
|
results := make([]*schema.ResourceData, 1,
|
||||||
|
1+len(sg.IpPermissions)+len(sg.IpPermissionsEgress))
|
||||||
|
results[0] = d
|
||||||
|
|
||||||
|
// Construct the rules
|
||||||
|
ruleResource := resourceAwsSecurityGroupRule()
|
||||||
|
permMap := map[string][]*ec2.IpPermission{
|
||||||
|
"ingress": sg.IpPermissions,
|
||||||
|
"egress": sg.IpPermissionsEgress,
|
||||||
|
}
|
||||||
|
for ruleType, perms := range permMap {
|
||||||
|
for _, perm := range perms {
|
||||||
|
// Construct the rule. We do this by populating the absolute
|
||||||
|
// minimum necessary for Refresh on the rule to work.
|
||||||
|
id := ipPermissionIDHash(sgId, ruleType, perm)
|
||||||
|
data := ruleResource.Data(nil)
|
||||||
|
data.SetId(id)
|
||||||
|
data.SetType("aws_security_group_rule")
|
||||||
|
data.Set("security_group_id", sgId)
|
||||||
|
data.Set("type", ruleType)
|
||||||
|
results = append(results, data)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return results, nil
|
||||||
|
}
|
||||||
|
|
@ -23,6 +23,9 @@ func resourceAwsSecurityGroup() *schema.Resource {
|
||||||
Read: resourceAwsSecurityGroupRead,
|
Read: resourceAwsSecurityGroupRead,
|
||||||
Update: resourceAwsSecurityGroupUpdate,
|
Update: resourceAwsSecurityGroupUpdate,
|
||||||
Delete: resourceAwsSecurityGroupDelete,
|
Delete: resourceAwsSecurityGroupDelete,
|
||||||
|
Importer: &schema.ResourceImporter{
|
||||||
|
State: resourceAwsSecurityGroupImportState,
|
||||||
|
},
|
||||||
|
|
||||||
Schema: map[string]*schema.Schema{
|
Schema: map[string]*schema.Schema{
|
||||||
"name": &schema.Schema{
|
"name": &schema.Schema{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue