diff --git a/builtin/providers/aws/resource_aws_security_group.go b/builtin/providers/aws/resource_aws_security_group.go index 51a32f629..459aaeb30 100644 --- a/builtin/providers/aws/resource_aws_security_group.go +++ b/builtin/providers/aws/resource_aws_security_group.go @@ -84,6 +84,8 @@ func resourceAwsSecurityGroup() *schema.Resource { Type: schema.TypeString, Computed: true, }, + + "tags": tagsSchema(), }, } } @@ -226,6 +228,12 @@ func resourceAwsSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) er } } + if err := setTags(ec2conn, d); err != nil { + return err + } else { + d.SetPartial("tags") + } + return nil } @@ -308,6 +316,7 @@ func resourceAwsSecurityGroupRead(d *schema.ResourceData, meta interface{}) erro d.Set("vpc_id", sg.VpcId) d.Set("owner_id", sg.OwnerId) d.Set("ingress", ingressRules) + d.Set("tags", tagsToMap(sg.Tags)) return nil } diff --git a/builtin/providers/aws/resource_aws_security_group_test.go b/builtin/providers/aws/resource_aws_security_group_test.go index 0774b71dd..5ff4d4c49 100644 --- a/builtin/providers/aws/resource_aws_security_group_test.go +++ b/builtin/providers/aws/resource_aws_security_group_test.go @@ -276,6 +276,34 @@ func testAccCheckAWSSecurityGroupAttributes(group *ec2.SecurityGroupInfo) resour } } +func TestAccAWSSecurityGroup_tags(t *testing.T) { + var group ec2.SecurityGroupInfo + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckAWSSecurityGroupDestroy, + Steps: []resource.TestStep{ + resource.TestStep{ + Config: testAccAWSSecurityGroupConfigTags, + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSSecurityGroupExists("aws_security_group.foo", &group), + testAccCheckTags(&group.Tags, "foo", "bar"), + ), + }, + + resource.TestStep{ + Config: testAccAWSSecurityGroupConfigTagsUpdate, + Check: resource.ComposeTestCheckFunc( + testAccCheckAWSSecurityGroupExists("aws_security_group.foo", &group), + testAccCheckTags(&group.Tags, "foo", ""), + testAccCheckTags(&group.Tags, "bar", "baz"), + ), + }, + }, + }) +} + func testAccCheckAWSSecurityGroupAttributesChanged(group *ec2.SecurityGroupInfo) resource.TestCheckFunc { return func(s *terraform.State) error { p := []ec2.IPPerm{ @@ -432,3 +460,19 @@ resource "aws_security_group" "web" { } } ` + +const testAccAWSSecurityGroupConfigTags = ` +resource "aws_security_group" "foo" { + tags { + foo = "bar" + } +} +` + +const testAccAWSSecurityGroupConfigTagsUpdate = ` +resource "aws_security_group" "foo" { + tags { + bar = "baz" + } +} +` diff --git a/website/source/docs/providers/aws/r/security_group.html.markdown b/website/source/docs/providers/aws/r/security_group.html.markdown index 89323a996..4d8efed6a 100644 --- a/website/source/docs/providers/aws/r/security_group.html.markdown +++ b/website/source/docs/providers/aws/r/security_group.html.markdown @@ -10,17 +10,39 @@ Provides an security group resource. ## Example Usage +Basic usage + ``` resource "aws_security_group" "allow_all" { - name = "allow_all" + name = "allow_all" description = "Allow all inbound traffic" - ingress { - from_port = 0 - to_port = 65535 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } + ingress { + from_port = 0 + to_port = 65535 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } +} +``` + +Basic usage with tags: + +``` +resource "aws_security_group" "allow_all" { + name = "allow_all" + description = "Allow all inbound traffic" + + ingress { + from_port = 0 + to_port = 65535 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + tags { + Name = "allow_all" + } } ``` @@ -44,6 +66,7 @@ The `ingress` block supports: * `self` - (Optional) If true, the security group itself will be added as a source to this ingress rule. * `to_port` - (Required) The end range port. +* `tags` - (Optional) A mapping of tags to assign to the resource. ## Attributes Reference @@ -55,4 +78,3 @@ The following attributes are exported: * `name` - The name of the security group * `description` - The description of the security group * `ingress` - The ingress rules. See above for more. -