providers/aws: security group import

This commit is contained in:
Mitchell Hashimoto 2016-05-04 13:34:04 -07:00
parent b728f8c018
commit 84fa3e5c9e
No known key found for this signature in database
GPG Key ID: 744E147AA52F5B0A
2 changed files with 58 additions and 0 deletions

View File

@ -0,0 +1,55 @@
package aws
import (
"fmt"
"github.com/aws/aws-sdk-go/service/ec2"
"github.com/hashicorp/terraform/helper/schema"
)
// Security group import fans out to multiple resources due to the
// security group rules. Instead of creating one resource with nested
// rules, we use the best practices approach of one resource per rule.
func resourceAwsSecurityGroupImportState(
d *schema.ResourceData,
meta interface{}) ([]*schema.ResourceData, error) {
conn := meta.(*AWSClient).ec2conn
// First query the security group
sgRaw, _, err := SGStateRefreshFunc(conn, d.Id())()
if err != nil {
return nil, err
}
if sgRaw == nil {
return nil, fmt.Errorf("security group not found")
}
sg := sgRaw.(*ec2.SecurityGroup)
sgId := d.Id()
// Start building our results
results := make([]*schema.ResourceData, 1,
1+len(sg.IpPermissions)+len(sg.IpPermissionsEgress))
results[0] = d
// Construct the rules
ruleResource := resourceAwsSecurityGroupRule()
permMap := map[string][]*ec2.IpPermission{
"ingress": sg.IpPermissions,
"egress": sg.IpPermissionsEgress,
}
for ruleType, perms := range permMap {
for _, perm := range perms {
// Construct the rule. We do this by populating the absolute
// minimum necessary for Refresh on the rule to work.
id := ipPermissionIDHash(sgId, ruleType, perm)
data := ruleResource.Data(nil)
data.SetId(id)
data.SetType("aws_security_group_rule")
data.Set("security_group_id", sgId)
data.Set("type", ruleType)
results = append(results, data)
}
}
return results, nil
}

View File

@ -23,6 +23,9 @@ func resourceAwsSecurityGroup() *schema.Resource {
Read: resourceAwsSecurityGroupRead, Read: resourceAwsSecurityGroupRead,
Update: resourceAwsSecurityGroupUpdate, Update: resourceAwsSecurityGroupUpdate,
Delete: resourceAwsSecurityGroupDelete, Delete: resourceAwsSecurityGroupDelete,
Importer: &schema.ResourceImporter{
State: resourceAwsSecurityGroupImportState,
},
Schema: map[string]*schema.Schema{ Schema: map[string]*schema.Schema{
"name": &schema.Schema{ "name": &schema.Schema{