Merge pull request #1064 from hashicorp/aws-go-db-security-group

provider/aws: Convert AWS DB Security Group to aws-sdk-go
2015-02-27 08:49:48 -06:00 · 2015-02-27 08:49:48 -06:00 · c44d0e6301
parent c287cc6d65 f453d1863a
commit c44d0e6301
2 changed files with 64 additions and 51 deletions
--- a/builtin/providers/aws/resource_aws_db_security_group.go
+++ b/builtin/providers/aws/resource_aws_db_security_group.go
@ -6,11 +6,12 @@ import (
 	"log"
 	"time"

+	"github.com/hashicorp/aws-sdk-go/aws"
+	"github.com/hashicorp/aws-sdk-go/gen/rds"
 	"github.com/hashicorp/terraform/helper/hashcode"
 	"github.com/hashicorp/terraform/helper/multierror"
 	"github.com/hashicorp/terraform/helper/resource"
 	"github.com/hashicorp/terraform/helper/schema"
-	"github.com/mitchellh/goamz/rds"
 )

 func resourceAwsDbSecurityGroup() *schema.Resource {
@ -69,14 +70,14 @@ func resourceAwsDbSecurityGroup() *schema.Resource {
 }

 func resourceAwsDbSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
-	conn := meta.(*AWSClient).rdsconn
+	conn := meta.(*AWSClient).awsRDSconn

 	var err error
 	var errs []error

-	opts := rds.CreateDBSecurityGroup{
-		DBSecurityGroupName:        d.Get("name").(string),
-		DBSecurityGroupDescription: d.Get("description").(string),
+	opts := rds.CreateDBSecurityGroupMessage{
+		DBSecurityGroupName:        aws.String(d.Get("name").(string)),
+		DBSecurityGroupDescription: aws.String(d.Get("description").(string)),
 	}

 	log.Printf("[DEBUG] DB Security Group create configuration: %#v", opts)
@ -96,7 +97,7 @@ func resourceAwsDbSecurityGroupCreate(d *schema.ResourceData, meta interface{})

 	ingresses := d.Get("ingress").(*schema.Set)
 	for _, ing := range ingresses.List() {
-		err := resourceAwsDbSecurityGroupAuthorizeRule(ing, sg.Name, conn)
+		err := resourceAwsDbSecurityGroupAuthorizeRule(ing, *sg.DBSecurityGroupName, conn)
 		if err != nil {
 			errs = append(errs, err)
 		}
@ -131,24 +132,24 @@ func resourceAwsDbSecurityGroupRead(d *schema.ResourceData, meta interface{}) er
 		return err
 	}

-	d.Set("name", sg.Name)
-	d.Set("description", sg.Description)
+	d.Set("name", *sg.DBSecurityGroupName)
+	d.Set("description", *sg.DBSecurityGroupDescription)

 	// Create an empty schema.Set to hold all ingress rules
 	rules := &schema.Set{
 		F: resourceAwsDbSecurityGroupIngressHash,
 	}

-	for _, v := range sg.CidrIps {
-		rule := map[string]interface{}{"cidr": v}
+	for _, v := range sg.IPRanges {
+		rule := map[string]interface{}{"cidr": *v.CIDRIP}
 		rules.Add(rule)
 	}

-	for i, _ := range sg.EC2SecurityGroupOwnerIds {
+	for _, g := range sg.EC2SecurityGroups {
 		rule := map[string]interface{}{
-			"security_group_name":     sg.EC2SecurityGroupNames[i],
-			"security_group_id":       sg.EC2SecurityGroupIds[i],
-			"security_group_owner_id": sg.EC2SecurityGroupOwnerIds[i],
+			"security_group_name":     *g.EC2SecurityGroupName,
+			"security_group_id":       *g.EC2SecurityGroupID,
+			"security_group_owner_id": *g.EC2SecurityGroupOwnerID,
 		}
 		rules.Add(rule)
 	}
@ -159,17 +160,17 @@ func resourceAwsDbSecurityGroupRead(d *schema.ResourceData, meta interface{}) er
 }

 func resourceAwsDbSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
-	conn := meta.(*AWSClient).rdsconn
+	conn := meta.(*AWSClient).awsRDSconn

 	log.Printf("[DEBUG] DB Security Group destroy: %v", d.Id())

-	opts := rds.DeleteDBSecurityGroup{DBSecurityGroupName: d.Id()}
+	opts := rds.DeleteDBSecurityGroupMessage{DBSecurityGroupName: aws.String(d.Id())}

 	log.Printf("[DEBUG] DB Security Group destroy configuration: %v", opts)
-	_, err := conn.DeleteDBSecurityGroup(&opts)
+	err := conn.DeleteDBSecurityGroup(&opts)

 	if err != nil {
-		newerr, ok := err.(*rds.Error)
+		newerr, ok := err.(aws.APIError)
 		if ok && newerr.Code == "InvalidDBSecurityGroup.NotFound" {
 			return nil
 		}
@ -180,10 +181,10 @@ func resourceAwsDbSecurityGroupDelete(d *schema.ResourceData, meta interface{})
 }

 func resourceAwsDbSecurityGroupRetrieve(d *schema.ResourceData, meta interface{}) (*rds.DBSecurityGroup, error) {
-	conn := meta.(*AWSClient).rdsconn
+	conn := meta.(*AWSClient).awsRDSconn

-	opts := rds.DescribeDBSecurityGroups{
-		DBSecurityGroupName: d.Id(),
+	opts := rds.DescribeDBSecurityGroupsMessage{
+		DBSecurityGroupName: aws.String(d.Id()),
 	}

 	log.Printf("[DEBUG] DB Security Group describe configuration: %#v", opts)
@ -195,7 +196,7 @@ func resourceAwsDbSecurityGroupRetrieve(d *schema.ResourceData, meta interface{}
 	}

 	if len(resp.DBSecurityGroups) != 1 ||
-		resp.DBSecurityGroups[0].Name != d.Id() {
+		*resp.DBSecurityGroups[0].DBSecurityGroupName != d.Id() {
 		if err != nil {
 			return nil, fmt.Errorf("Unable to find DB Security Group: %#v", resp.DBSecurityGroups)
 		}
@ -207,27 +208,27 @@ func resourceAwsDbSecurityGroupRetrieve(d *schema.ResourceData, meta interface{}
 }

 // Authorizes the ingress rule on the db security group
-func resourceAwsDbSecurityGroupAuthorizeRule(ingress interface{}, dbSecurityGroupName string, conn *rds.Rds) error {
+func resourceAwsDbSecurityGroupAuthorizeRule(ingress interface{}, dbSecurityGroupName string, conn *rds.RDS) error {
 	ing := ingress.(map[string]interface{})

-	opts := rds.AuthorizeDBSecurityGroupIngress{
-		DBSecurityGroupName: dbSecurityGroupName,
+	opts := rds.AuthorizeDBSecurityGroupIngressMessage{
+		DBSecurityGroupName: aws.String(dbSecurityGroupName),
 	}

 	if attr, ok := ing["cidr"]; ok && attr != "" {
-		opts.Cidr = attr.(string)
+		opts.CIDRIP = aws.String(attr.(string))
 	}

 	if attr, ok := ing["security_group_name"]; ok && attr != "" {
-		opts.EC2SecurityGroupName = attr.(string)
+		opts.EC2SecurityGroupName = aws.String(attr.(string))
 	}

 	if attr, ok := ing["security_group_id"]; ok && attr != "" {
-		opts.EC2SecurityGroupId = attr.(string)
+		opts.EC2SecurityGroupID = aws.String(attr.(string))
 	}

 	if attr, ok := ing["security_group_owner_id"]; ok && attr != "" {
-		opts.EC2SecurityGroupOwnerId = attr.(string)
+		opts.EC2SecurityGroupOwnerID = aws.String(attr.(string))
 	}

 	log.Printf("[DEBUG] Authorize ingress rule configuration: %#v", opts)
@ -274,7 +275,13 @@ func resourceAwsDbSecurityGroupStateRefreshFunc(
 			return nil, "", err
 		}

-		statuses := append(v.EC2SecurityGroupStatuses, v.CidrStatuses...)
+		statuses := make([]string, 0, len(v.EC2SecurityGroups)+len(v.IPRanges))
+		for _, ec2g := range v.EC2SecurityGroups {
+			statuses = append(statuses, *ec2g.Status)
+		}
+		for _, ips := range v.IPRanges {
+			statuses = append(statuses, *ips.Status)
+		}

 		for _, stat := range statuses {
 			// Not done
--- a/builtin/providers/aws/resource_aws_db_security_group_test.go
+++ b/builtin/providers/aws/resource_aws_db_security_group_test.go
@ -4,9 +4,10 @@ import (
 	"fmt"
 	"testing"

+	"github.com/hashicorp/aws-sdk-go/aws"
+	"github.com/hashicorp/aws-sdk-go/gen/rds"
 	"github.com/hashicorp/terraform/helper/resource"
 	"github.com/hashicorp/terraform/terraform"
-	"github.com/mitchellh/goamz/rds"
 )

 func TestAccAWSDBSecurityGroup(t *testing.T) {
@ -27,7 +28,7 @@ func TestAccAWSDBSecurityGroup(t *testing.T) {
 					resource.TestCheckResourceAttr(
 						"aws_db_security_group.bar", "description", "just cuz"),
 					resource.TestCheckResourceAttr(
-						"aws_db_security_group.bar", "ingress.0.cidr", "10.0.0.1/24"),
+						"aws_db_security_group.bar", "ingress.3363517775.cidr", "10.0.0.1/24"),
 					resource.TestCheckResourceAttr(
 						"aws_db_security_group.bar", "ingress.#", "1"),
 				),
@ -37,7 +38,7 @@ func TestAccAWSDBSecurityGroup(t *testing.T) {
 }

 func testAccCheckAWSDBSecurityGroupDestroy(s *terraform.State) error {
-	conn := testAccProvider.Meta().(*AWSClient).rdsconn
+	conn := testAccProvider.Meta().(*AWSClient).awsRDSconn

 	for _, rs := range s.RootModule().Resources {
 		if rs.Type != "aws_db_security_group" {
@ -46,19 +47,19 @@ func testAccCheckAWSDBSecurityGroupDestroy(s *terraform.State) error {

 		// Try to find the Group
 		resp, err := conn.DescribeDBSecurityGroups(
-			&rds.DescribeDBSecurityGroups{
-				DBSecurityGroupName: rs.Primary.ID,
+			&rds.DescribeDBSecurityGroupsMessage{
+				DBSecurityGroupName: aws.String(rs.Primary.ID),
 			})

 		if err == nil {
 			if len(resp.DBSecurityGroups) != 0 &&
-				resp.DBSecurityGroups[0].Name == rs.Primary.ID {
+				*resp.DBSecurityGroups[0].DBSecurityGroupName == rs.Primary.ID {
 				return fmt.Errorf("DB Security Group still exists")
 			}
 		}

 		// Verify the error
-		newerr, ok := err.(*rds.Error)
+		newerr, ok := err.(aws.APIError)
 		if !ok {
 			return err
 		}
@ -72,24 +73,29 @@ func testAccCheckAWSDBSecurityGroupDestroy(s *terraform.State) error {

 func testAccCheckAWSDBSecurityGroupAttributes(group *rds.DBSecurityGroup) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
-		if len(group.CidrIps) == 0 {
-			return fmt.Errorf("no cidr: %#v", group.CidrIps)
+		if len(group.IPRanges) == 0 {
+			return fmt.Errorf("no cidr: %#v", group.IPRanges)
 		}

-		if group.CidrIps[0] != "10.0.0.1/24" {
-			return fmt.Errorf("bad cidr: %#v", group.CidrIps)
+		if *group.IPRanges[0].CIDRIP != "10.0.0.1/24" {
+			return fmt.Errorf("bad cidr: %#v", group.IPRanges)
 		}

-		if group.CidrStatuses[0] != "authorized" {
-			return fmt.Errorf("bad status: %#v", group.CidrStatuses)
+		statuses := make([]string, 0, len(group.IPRanges))
+		for _, ips := range group.IPRanges {
+			statuses = append(statuses, *ips.Status)
 		}

-		if group.Name != "secgroup-terraform" {
-			return fmt.Errorf("bad name: %#v", group.Name)
+		if statuses[0] != "authorized" {
+			return fmt.Errorf("bad status: %#v", statuses)
 		}

-		if group.Description != "just cuz" {
-			return fmt.Errorf("bad description: %#v", group.Description)
+		if *group.DBSecurityGroupName != "secgroup-terraform" {
+			return fmt.Errorf("bad name: %#v", *group.DBSecurityGroupName)
+		}
+
+		if *group.DBSecurityGroupDescription != "just cuz" {
+			return fmt.Errorf("bad description: %#v", *group.DBSecurityGroupDescription)
 		}

 		return nil
@ -107,10 +113,10 @@ func testAccCheckAWSDBSecurityGroupExists(n string, v *rds.DBSecurityGroup) reso
 			return fmt.Errorf("No DB Security Group ID is set")
 		}

-		conn := testAccProvider.Meta().(*AWSClient).rdsconn
+		conn := testAccProvider.Meta().(*AWSClient).awsRDSconn

-		opts := rds.DescribeDBSecurityGroups{
-			DBSecurityGroupName: rs.Primary.ID,
+		opts := rds.DescribeDBSecurityGroupsMessage{
+			DBSecurityGroupName: aws.String(rs.Primary.ID),
 		}

 		resp, err := conn.DescribeDBSecurityGroups(&opts)
@ -120,7 +126,7 @@ func testAccCheckAWSDBSecurityGroupExists(n string, v *rds.DBSecurityGroup) reso
 		}

 		if len(resp.DBSecurityGroups) != 1 ||
-			resp.DBSecurityGroups[0].Name != rs.Primary.ID {
+			*resp.DBSecurityGroups[0].DBSecurityGroupName != rs.Primary.ID {
 			return fmt.Errorf("DB Security Group not found")
 		}