Merge pull request #1618 from hashicorp/b-aws-fix-vpc-security-id-update
provider/aws: Fix issue with updating VPC Security Group IDs for an Instance
This commit is contained in:
Clint
commit
daeaba5cd4
|
|
@ -358,10 +358,11 @@ func resourceAwsInstanceCreate(d *schema.ResourceData, meta interface{}) error {
|
||||||
// Security group names.
|
// Security group names.
|
||||||
// For a nondefault VPC, you must use security group IDs instead.
|
// For a nondefault VPC, you must use security group IDs instead.
|
||||||
// See http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html
|
// See http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html
|
||||||
if hasSubnet {
|
sgs := v.(*schema.Set).List()
|
||||||
|
if len(sgs) > 0 && hasSubnet {
|
||||||
log.Printf("[WARN] Deprecated. Attempting to use 'security_groups' within a VPC instance. Use 'vpc_security_group_ids' instead.")
|
log.Printf("[WARN] Deprecated. Attempting to use 'security_groups' within a VPC instance. Use 'vpc_security_group_ids' instead.")
|
||||||
}
|
}
|
||||||
for _, v := range v.(*schema.Set).List() {
|
for _, v := range sgs {
|
||||||
str := v.(string)
|
str := v.(string)
|
||||||
groups = append(groups, aws.String(str))
|
groups = append(groups, aws.String(str))
|
||||||
}
|
}
|
||||||
|
|
@ -620,13 +621,17 @@ func resourceAwsInstanceRead(d *schema.ResourceData, meta interface{}) error {
|
||||||
// IDs, we use IDs.
|
// IDs, we use IDs.
|
||||||
useID := instance.SubnetID != nil && *instance.SubnetID != ""
|
useID := instance.SubnetID != nil && *instance.SubnetID != ""
|
||||||
if v := d.Get("security_groups"); v != nil {
|
if v := d.Get("security_groups"); v != nil {
|
||||||
match := false
|
match := useID
|
||||||
|
sgs := v.(*schema.Set).List()
|
||||||
|
if len(sgs) > 0 {
|
||||||
|
match = false
|
||||||
for _, v := range v.(*schema.Set).List() {
|
for _, v := range v.(*schema.Set).List() {
|
||||||
if strings.HasPrefix(v.(string), "sg-") {
|
if strings.HasPrefix(v.(string), "sg-") {
|
||||||
match = true
|
match = true
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
useID = match
|
useID = match
|
||||||
}
|
}
|
||||||
|
|
@ -677,6 +682,23 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if d.HasChange("vpc_security_group_ids") {
|
||||||
|
var groups []*string
|
||||||
|
if v := d.Get("vpc_security_group_ids"); v != nil {
|
||||||
|
for _, v := range v.(*schema.Set).List() {
|
||||||
|
groups = append(groups, aws.String(v.(string)))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
_, err := conn.ModifyInstanceAttribute(&ec2.ModifyInstanceAttributeInput{
|
||||||
|
InstanceID: aws.String(d.Id()),
|
||||||
|
Groups: groups,
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// TODO(mitchellh): wait for the attributes we modified to
|
// TODO(mitchellh): wait for the attributes we modified to
|
||||||
// persist the change...
|
// persist the change...
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -316,6 +316,10 @@ func TestAccAWSInstance_NetworkInstanceVPCSecurityGroupIDs(t *testing.T) {
|
||||||
Check: resource.ComposeTestCheckFunc(
|
Check: resource.ComposeTestCheckFunc(
|
||||||
testAccCheckInstanceExists(
|
testAccCheckInstanceExists(
|
||||||
"aws_instance.foo_instance", &v),
|
"aws_instance.foo_instance", &v),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_instance.foo_instance", "security_groups.#", "0"),
|
||||||
|
resource.TestCheckResourceAttr(
|
||||||
|
"aws_instance.foo_instance", "vpc_security_group_ids.#", "1"),
|
||||||
),
|
),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue