Merge pull request #402 from longnguyen11288/add-sg-tags

Added security group tagging
This commit is contained in:
Mitchell Hashimoto 2014-10-20 23:18:22 -07:00
commit d5b418d82b
3 changed files with 83 additions and 8 deletions

View File

@ -84,6 +84,8 @@ func resourceAwsSecurityGroup() *schema.Resource {
Type: schema.TypeString,
Computed: true,
},
"tags": tagsSchema(),
},
}
}
@ -226,6 +228,12 @@ func resourceAwsSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) er
}
}
if err := setTags(ec2conn, d); err != nil {
return err
} else {
d.SetPartial("tags")
}
return nil
}
@ -308,6 +316,7 @@ func resourceAwsSecurityGroupRead(d *schema.ResourceData, meta interface{}) erro
d.Set("vpc_id", sg.VpcId)
d.Set("owner_id", sg.OwnerId)
d.Set("ingress", ingressRules)
d.Set("tags", tagsToMap(sg.Tags))
return nil
}

View File

@ -276,6 +276,34 @@ func testAccCheckAWSSecurityGroupAttributes(group *ec2.SecurityGroupInfo) resour
}
}
func TestAccAWSSecurityGroup_tags(t *testing.T) {
var group ec2.SecurityGroupInfo
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSSecurityGroupDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSSecurityGroupConfigTags,
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSSecurityGroupExists("aws_security_group.foo", &group),
testAccCheckTags(&group.Tags, "foo", "bar"),
),
},
resource.TestStep{
Config: testAccAWSSecurityGroupConfigTagsUpdate,
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSSecurityGroupExists("aws_security_group.foo", &group),
testAccCheckTags(&group.Tags, "foo", ""),
testAccCheckTags(&group.Tags, "bar", "baz"),
),
},
},
})
}
func testAccCheckAWSSecurityGroupAttributesChanged(group *ec2.SecurityGroupInfo) resource.TestCheckFunc {
return func(s *terraform.State) error {
p := []ec2.IPPerm{
@ -432,3 +460,19 @@ resource "aws_security_group" "web" {
}
}
`
const testAccAWSSecurityGroupConfigTags = `
resource "aws_security_group" "foo" {
tags {
foo = "bar"
}
}
`
const testAccAWSSecurityGroupConfigTagsUpdate = `
resource "aws_security_group" "foo" {
tags {
bar = "baz"
}
}
`

View File

@ -10,17 +10,39 @@ Provides an security group resource.
## Example Usage
Basic usage
```
resource "aws_security_group" "allow_all" {
name = "allow_all"
name = "allow_all"
description = "Allow all inbound traffic"
ingress {
from_port = 0
to_port = 65535
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 0
to_port = 65535
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
```
Basic usage with tags:
```
resource "aws_security_group" "allow_all" {
name = "allow_all"
description = "Allow all inbound traffic"
ingress {
from_port = 0
to_port = 65535
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
tags {
Name = "allow_all"
}
}
```
@ -44,6 +66,7 @@ The `ingress` block supports:
* `self` - (Optional) If true, the security group itself will be added as
a source to this ingress rule.
* `to_port` - (Required) The end range port.
* `tags` - (Optional) A mapping of tags to assign to the resource.
## Attributes Reference
@ -55,4 +78,3 @@ The following attributes are exported:
* `name` - The name of the security group
* `description` - The description of the security group
* `ingress` - The ingress rules. See above for more.