diff --git a/builtin/providers/aws/resource_aws_security_group.go b/builtin/providers/aws/resource_aws_security_group.go index c619e7088..50dfccd64 100644 --- a/builtin/providers/aws/resource_aws_security_group.go +++ b/builtin/providers/aws/resource_aws_security_group.go @@ -146,11 +146,11 @@ func resourceAwsSecurityGroup() *schema.Resource { func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error { conn := meta.(*AWSClient).ec2conn - securityGroupOpts := &ec2.CreateSecurityGroupInput{} + securityGroupOpts := &ec2.CreateSecurityGroupInput{} - if v := d.Get("vpc_id"); v != nil { - securityGroupOpts.VPCID = aws.String(v.(string)) - } + if v := d.Get("vpc_id"); v != nil { + securityGroupOpts.VPCID = aws.String(v.(string)) + } if v := d.Get("description"); v != nil { securityGroupOpts.Description = aws.String(v.(string)) @@ -186,42 +186,42 @@ func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) er Timeout: 1 * time.Minute, } - resp, err := stateConf.WaitForState() - if err != nil { + resp, err := stateConf.WaitForState() + if err != nil { return fmt.Errorf( "Error waiting for Security Group (%s) to become available: %s", d.Id(), err) } - // AWS defaults all Security Groups to have an ALLOW ALL egress rule. Here we - // revoke that rule, so users don't unknowningly have/use it. - group := resp.(*ec2.SecurityGroup) - if group.VPCID != nil && *group.VPCID != "" { - log.Printf("[DEBUG] Revoking default egress rule for Security Group for %s", d.Id()) + // AWS defaults all Security Groups to have an ALLOW ALL egress rule. Here we + // revoke that rule, so users don't unknowningly have/use it. + group := resp.(*ec2.SecurityGroup) + if group.VPCID != nil && *group.VPCID != "" { + log.Printf("[DEBUG] Revoking default egress rule for Security Group for %s", d.Id()) - req := &ec2.RevokeSecurityGroupEgressInput{ - GroupID: createResp.GroupID, - IPPermissions: []*ec2.IPPermission{ - &ec2.IPPermission{ - FromPort: aws.Long(int64(0)), - ToPort: aws.Long(int64(0)), - IPRanges: []*ec2.IPRange{ - &ec2.IPRange{ - CIDRIP: aws.String("0.0.0.0/0"), - }, - }, - IPProtocol: aws.String("-1"), - }, - }, - } + req := &ec2.RevokeSecurityGroupEgressInput{ + GroupID: createResp.GroupID, + IPPermissions: []*ec2.IPPermission{ + &ec2.IPPermission{ + FromPort: aws.Long(int64(0)), + ToPort: aws.Long(int64(0)), + IPRanges: []*ec2.IPRange{ + &ec2.IPRange{ + CIDRIP: aws.String("0.0.0.0/0"), + }, + }, + IPProtocol: aws.String("-1"), + }, + }, + } - if _, err = conn.RevokeSecurityGroupEgress(req); err != nil { - return fmt.Errorf( - "Error revoking default egress rule for Security Group (%s): %s", - d.Id(), err) - } + if _, err = conn.RevokeSecurityGroupEgress(req); err != nil { + return fmt.Errorf( + "Error revoking default egress rule for Security Group (%s): %s", + d.Id(), err) + } - } + } return resourceAwsSecurityGroupUpdate(d, meta) } @@ -436,12 +436,12 @@ func resourceAwsSecurityGroupUpdateRules( } os := o.(*schema.Set) - ns := n.(*schema.Set) + ns := n.(*schema.Set) - remove := expandIPPerms(group, os.Difference(ns).List()) - add := expandIPPerms(group, ns.Difference(os).List()) + remove := expandIPPerms(group, os.Difference(ns).List()) + add := expandIPPerms(group, ns.Difference(os).List()) - // TODO: We need to handle partial state better in the in-between + // TODO: We need to handle partial state better in the in-between // in this update. // TODO: It'd be nicer to authorize before removing, but then we have