provider/aws: allow SG names to be generated

builtin/providers/aws/resource_aws_security_group.go

@@ -24,7 +24,8 @@ func resourceAwsSecurityGroup() *schema.Resource {
 		Schema: map[string]*schema.Schema{
 			"name": &schema.Schema{
 				Type:     schema.TypeString,
-				Required: true,
+				Optional: true,
+				Computed: true,
 				ForceNew: true,
 			},
 
@@ -144,9 +145,7 @@ func resourceAwsSecurityGroup() *schema.Resource {
 func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*AWSClient).ec2conn
 
-	securityGroupOpts := &ec2.CreateSecurityGroupInput{
-		GroupName: aws.String(d.Get("name").(string)),
-	}
+	securityGroupOpts := &ec2.CreateSecurityGroupInput{}
 
 	if v := d.Get("vpc_id"); v != nil {
 		securityGroupOpts.VPCID = aws.String(v.(string))
@@ -156,6 +155,14 @@ func resourceAwsSecurityGroupCreate(d *schema.ResourceData, meta interface{}) er
 		securityGroupOpts.Description = aws.String(v.(string))
 	}
 
+	var groupName string
+	if v, ok := d.GetOk("name"); ok {
+		groupName = v.(string)
+	} else {
+		groupName = resource.UniqueId()
+	}
+	securityGroupOpts.GroupName = aws.String(groupName)
+
 	log.Printf(
 		"[DEBUG] Security Group create configuration: %#v", securityGroupOpts)
 	createResp, err := conn.CreateSecurityGroup(securityGroupOpts)

builtin/providers/aws/resource_aws_security_group_test.go

@@ -3,6 +3,7 @@ package aws
 import (
 	"fmt"
 	"reflect"
+	"strings"
 	"testing"
 
 	"github.com/awslabs/aws-sdk-go/aws"
@@ -184,6 +185,33 @@ func TestAccAWSSecurityGroup_Change(t *testing.T) {
 	})
 }
 
+func TestAccAWSSecurityGroup_generatedName(t *testing.T) {
+	var group ec2.SecurityGroup
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSSecurityGroupDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccAWSSecurityGroupConfig_generatedName,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSSecurityGroupExists("aws_security_group.web", &group),
+					func(s *terraform.State) error {
+						if group.GroupName == nil {
+							return fmt.Errorf("bad: No SG name")
+						}
+						if !strings.HasPrefix(*group.GroupName, "terraform-") {
+							return fmt.Errorf("No terraform- prefix: %s", *group.GroupName)
+						}
+						return nil
+					},
+				),
+			},
+		},
+	})
+}
+
 func testAccCheckAWSSecurityGroupDestroy(s *terraform.State) error {
 	conn := testAccProvider.Meta().(*AWSClient).ec2conn
 
@@ -518,3 +546,20 @@ resource "aws_security_group" "foo" {
   }
 }
 `
+
+const testAccAWSSecurityGroupConfig_generatedName = `
+resource "aws_security_group" "web" {
+  description = "Used in the terraform acceptance tests"
+
+  ingress {
+    protocol = "tcp"
+    from_port = 80
+    to_port = 8000
+    cidr_blocks = ["10.0.0.0/8"]
+  }
+
+	tags {
+		Name = "tf-acc-test"
+	}
+}
+`