update security groups in-place

This commit is contained in:
Gavin James 2015-04-23 20:46:29 +01:00
parent 1ef9731a2f
commit c986c65238
2 changed files with 70 additions and 2 deletions

View File

@ -58,12 +58,10 @@ func resourceAwsElb() *schema.Resource {
},
},
// TODO: could be not ForceNew
"security_groups": &schema.Schema{
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
Optional: true,
ForceNew: true,
Computed: true,
Set: func(v interface{}) int {
return hashcode.String(v.(string))
@ -436,6 +434,22 @@ func resourceAwsElbUpdate(d *schema.ResourceData, meta interface{}) error {
}
}
if d.HasChange("security_groups") {
groups := d.Get("security_groups").(*schema.Set).List()
applySecurityGroupsOpts := elb.ApplySecurityGroupsToLoadBalancerInput{
LoadBalancerName: aws.String(d.Id()),
SecurityGroups: expandStringList(groups),
}
_, err := elbconn.ApplySecurityGroupsToLoadBalancer(&applySecurityGroupsOpts)
if err != nil {
return fmt.Errorf("Failure applying security groups: %s", err)
}
d.SetPartial("security_groups")
}
if err := setTagsELB(elbconn, d); err != nil {
return err
}

View File

@ -335,6 +335,32 @@ func TestAccAWSELBUpdate_ConnectionDraining(t *testing.T) {
})
}
func TestAccAWSELB_SecurityGroups(t *testing.T) {
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSELBDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSELBConfig,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(
"aws_elb.bar", "security_groups.#", "0",
),
),
},
resource.TestStep{
Config: testAccAWSELBConfigSecurityGroups,
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(
"aws_elb.bar", "security_groups.#", "1",
),
),
},
},
})
}
func testAccCheckAWSELBDestroy(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).elbconn
@ -694,3 +720,31 @@ resource "aws_elb" "bar" {
connection_draining = false
}
`
const testAccAWSELBConfigSecurityGroups = `
resource "aws_elb" "bar" {
name = "foobar-terraform-test"
availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"]
listener {
instance_port = 8000
instance_protocol = "http"
lb_port = 80
lb_protocol = "http"
}
security_groups = ["${aws_security_group.bar.id}"]
}
resource "aws_security_group" "bar" {
name = "terraform-elb-acceptance-test"
description = "Used in the terraform acceptance tests for the elb resource"
ingress {
protocol = "tcp"
from_port = 80
to_port = 80
cidr_blocks = ["0.0.0.0/0"]
}
}
`