providers/aws: actually return ingress rule on refresh, tests
This commit is contained in:
parent
a6bb0144a6
commit
bcc6f884b1
|
@ -24,8 +24,14 @@ func resource_aws_security_group_create(
|
||||||
|
|
||||||
securityGroupOpts := ec2.SecurityGroup{
|
securityGroupOpts := ec2.SecurityGroup{
|
||||||
Name: rs.Attributes["name"],
|
Name: rs.Attributes["name"],
|
||||||
Description: rs.Attributes["description"],
|
}
|
||||||
VpcId: rs.Attributes["vpc_id"],
|
|
||||||
|
if rs.Attributes["vpc_id"] != "" {
|
||||||
|
securityGroupOpts.VpcId = rs.Attributes["vpc_id"]
|
||||||
|
}
|
||||||
|
|
||||||
|
if rs.Attributes["description"] != "" {
|
||||||
|
securityGroupOpts.Description = rs.Attributes["description"]
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Printf("[DEBUG] Security Group create configuration: %#v", securityGroupOpts)
|
log.Printf("[DEBUG] Security Group create configuration: %#v", securityGroupOpts)
|
||||||
|
@ -118,12 +124,12 @@ func resource_aws_security_group_diff(
|
||||||
Attrs: map[string]diff.AttrType{
|
Attrs: map[string]diff.AttrType{
|
||||||
"name": diff.AttrTypeCreate,
|
"name": diff.AttrTypeCreate,
|
||||||
"description": diff.AttrTypeUpdate,
|
"description": diff.AttrTypeUpdate,
|
||||||
"vpc_id": diff.AttrTypeUpdate,
|
|
||||||
"ingress": diff.AttrTypeUpdate,
|
"ingress": diff.AttrTypeUpdate,
|
||||||
},
|
},
|
||||||
|
|
||||||
ComputedAttrs: []string{
|
ComputedAttrs: []string{
|
||||||
"owner_id",
|
"owner_id",
|
||||||
|
"vpc_id",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -139,7 +145,7 @@ func resource_aws_security_group_update_state(
|
||||||
s.Attributes["vpc_id"] = sg.VpcId
|
s.Attributes["vpc_id"] = sg.VpcId
|
||||||
s.Attributes["owner_id"] = sg.OwnerId
|
s.Attributes["owner_id"] = sg.OwnerId
|
||||||
|
|
||||||
// Flatten our sg values
|
// Flatten our ingress values
|
||||||
toFlatten := make(map[string]interface{})
|
toFlatten := make(map[string]interface{})
|
||||||
toFlatten["ingress"] = flattenIPPerms(sg.IPPerms)
|
toFlatten["ingress"] = flattenIPPerms(sg.IPPerms)
|
||||||
|
|
||||||
|
@ -192,6 +198,8 @@ func resource_aws_security_group_validation() *config.Validator {
|
||||||
"description",
|
"description",
|
||||||
"vpc_id",
|
"vpc_id",
|
||||||
"owner_id",
|
"owner_id",
|
||||||
|
"ingress.*.cidr_blocks.*",
|
||||||
|
"ingress.*.security_groups.*",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -81,6 +81,7 @@ func flattenIPPerms(list []ec2.IPPerm) []map[string]interface{} {
|
||||||
n["to_port"] = perm.ToPort
|
n["to_port"] = perm.ToPort
|
||||||
n["cidr_blocks"] = perm.SourceIPs
|
n["cidr_blocks"] = perm.SourceIPs
|
||||||
n["security_groups"] = flattenSecurityGroups(perm.SourceGroups)
|
n["security_groups"] = flattenSecurityGroups(perm.SourceGroups)
|
||||||
|
result = append(result, n)
|
||||||
}
|
}
|
||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
|
@ -20,19 +20,19 @@ func testConf() map[string]string {
|
||||||
"availability_zones.#": "2",
|
"availability_zones.#": "2",
|
||||||
"availability_zones.0": "us-east-1a",
|
"availability_zones.0": "us-east-1a",
|
||||||
"availability_zones.1": "us-east-1b",
|
"availability_zones.1": "us-east-1b",
|
||||||
"egress.#": "1",
|
"ingress.#": "1",
|
||||||
"egress.0.protocol": "icmp",
|
"ingress.0.protocol": "icmp",
|
||||||
"egress.0.from_port": "1",
|
"ingress.0.from_port": "1",
|
||||||
"egress.0.to_port": "-1",
|
"ingress.0.to_port": "-1",
|
||||||
"egress.0.cidr_blocks.#": "1",
|
"ingress.0.cidr_blocks.#": "1",
|
||||||
"egress.0.cidr_blocks.0": "0.0.0.0/0",
|
"ingress.0.cidr_blocks.0": "0.0.0.0/0",
|
||||||
"egress.0.security_groups.#": "1",
|
"ingress.0.security_groups.#": "1",
|
||||||
"egress.0.security_groups.0": "sg-11111",
|
"ingress.0.security_groups.0": "sg-11111",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func Test_expandIPPerms(t *testing.T) {
|
func Test_expandIPPerms(t *testing.T) {
|
||||||
expanded := flatmap.Expand(testConf(), "egress").([]interface{})
|
expanded := flatmap.Expand(testConf(), "ingress").([]interface{})
|
||||||
perms := expandIPPerms(expanded)
|
perms := expandIPPerms(expanded)
|
||||||
expected := ec2.IPPerm{
|
expected := ec2.IPPerm{
|
||||||
Protocol: "icmp",
|
Protocol: "icmp",
|
||||||
|
@ -55,6 +55,35 @@ func Test_expandIPPerms(t *testing.T) {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func Test_flattenIPPerms(t *testing.T) {
|
||||||
|
rawIp := []ec2.IPPerm{
|
||||||
|
ec2.IPPerm{
|
||||||
|
Protocol: "icmp",
|
||||||
|
FromPort: 1,
|
||||||
|
ToPort: -1,
|
||||||
|
SourceIPs: []string{"0.0.0.0/0"},
|
||||||
|
SourceGroups: []ec2.UserSecurityGroup{
|
||||||
|
ec2.UserSecurityGroup{
|
||||||
|
Id: "sg-11111",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
toFlatten := make(map[string]interface{})
|
||||||
|
toFlatten["ingress"] = flattenIPPerms(rawIp)
|
||||||
|
|
||||||
|
perms := flatmap.Flatten(toFlatten)
|
||||||
|
|
||||||
|
if perms["ingress.0.protocol"] != "icmp" {
|
||||||
|
t.Fatalf("bad protocol")
|
||||||
|
}
|
||||||
|
|
||||||
|
if perms["ingress.0.security_groups.0"] != "sg-11111" {
|
||||||
|
t.Fatalf("bad security group")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func Test_expandListeners(t *testing.T) {
|
func Test_expandListeners(t *testing.T) {
|
||||||
expanded := flatmap.Expand(testConf(), "listener").([]interface{})
|
expanded := flatmap.Expand(testConf(), "listener").([]interface{})
|
||||||
listeners := expandListeners(expanded)
|
listeners := expandListeners(expanded)
|
||||||
|
|
Loading…
Reference in New Issue