IntenseWebs/opentofu
3
0
Fork 0
mirror of https://github.com/opentofu/opentofu.git synced 2025-02-20 11:48:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

provider/aws: Fix SG rule self reference bug

Browse Source
This commit is contained in:
Clint Shryock 2015-06-10 09:40:05 -05:00
parent bf3dd5241a
commit 5c50ba0c2a
1 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
builtin/providers/aws/resource_aws_security_group_rule.go
View File

@ -9,6 +9,7 @@ import (
"github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/awsutil"
"github.com/aws/aws-sdk-go/service/ec2" "github.com/aws/aws-sdk-go/service/ec2"
"github.com/hashicorp/terraform/helper/hashcode" "github.com/hashicorp/terraform/helper/hashcode"
"github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/helper/schema"
@ -91,8 +92,8 @@ func resourceAwsSecurityGroupRuleCreate(d *schema.ResourceData, meta interface{}
switch ruleType { switch ruleType {
case "ingress": case "ingress":
log.Printf("[DEBUG] Authorizing security group %s %s rule: %#v", log.Printf("[DEBUG] Authorizing security group %s %s rule: %s",
sg_id, "Ingress", perm) sg_id, "Ingress", awsutil.StringValue(perm))
req := &ec2.AuthorizeSecurityGroupIngressInput{ req := &ec2.AuthorizeSecurityGroupIngressInput{
GroupID: sg.GroupID, GroupID: sg.GroupID,
@ -202,8 +203,8 @@ func resourceAwsSecurityGroupRuleDelete(d *schema.ResourceData, meta interface{}
ruleType := d.Get("type").(string) ruleType := d.Get("type").(string)
switch ruleType { switch ruleType {
case "ingress": case "ingress":
log.Printf("[DEBUG] Revoking security group %#v %s rule: %#v", log.Printf("[DEBUG] Revoking rule (%s) from security group %s:\n%s",
sg_id, "ingress", perm) "ingress", sg_id, awsutil.StringValue(perm))
req := &ec2.RevokeSecurityGroupIngressInput{ req := &ec2.RevokeSecurityGroupIngressInput{
GroupID: sg.GroupID, GroupID: sg.GroupID,
IPPermissions: []*ec2.IPPermission{perm}, IPPermissions: []*ec2.IPPermission{perm},
@ -297,22 +298,29 @@ func expandIPPerm(d *schema.ResourceData, sg *ec2.SecurityGroup) *ec2.IPPermissi
perm.ToPort = aws.Long(int64(d.Get("to_port").(int))) perm.ToPort = aws.Long(int64(d.Get("to_port").(int)))
perm.IPProtocol = aws.String(d.Get("protocol").(string)) perm.IPProtocol = aws.String(d.Get("protocol").(string))
var groups []string // build a group map that behaves like a set
groups := make(map[string]bool)
if raw, ok := d.GetOk("source_security_group_id"); ok { if raw, ok := d.GetOk("source_security_group_id"); ok {
groups = append(groups, raw.(string)) groups[raw.(string)] = true
} }
if v, ok := d.GetOk("self"); ok && v.(bool) { if v, ok := d.GetOk("self"); ok && v.(bool) {
if sg.VPCID != nil && *sg.VPCID != "" { if sg.VPCID != nil && *sg.VPCID != "" {
groups = append(groups, *sg.GroupID) groups[*sg.GroupID] = true
} else { } else {
groups = append(groups, *sg.GroupName) groups[*sg.GroupName] = true
} }
} }
if len(groups) > 0 { if len(groups) > 0 {
perm.UserIDGroupPairs = make([]*ec2.UserIDGroupPair, len(groups)) perm.UserIDGroupPairs = make([]*ec2.UserIDGroupPair, len(groups))
for i, name := range groups { // build string list of group name/ids
var gl []string
for k, _ := range groups {
gl = append(gl, k)
}
for i, name := range gl {
ownerId, id := "", name ownerId, id := "", name
if items := strings.Split(id, "/"); len(items) > 1 { if items := strings.Split(id, "/"); len(items) > 1 {
ownerId, id = items[0], items[1] ownerId, id = items[0], items[1]