From e0fccf2dcc57c618827b920e21dcf629bf86f24c Mon Sep 17 00:00:00 2001 From: Paul Hinze Date: Tue, 23 Jun 2015 09:25:55 -0500 Subject: [PATCH] provider/aws: fix sg rule crash Fixes crash in #2431 Decided that `findResourceSecurityGroup` should return an error when the SG is not found, since the callers cannot happily continue with a `nil` SG Also passes through a few error cases that were being swallowed. /cc @catsby --- .../aws/resource_aws_security_group_rule.go | 22 +++++++------------ 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/builtin/providers/aws/resource_aws_security_group_rule.go b/builtin/providers/aws/resource_aws_security_group_rule.go index ce8b20498a..0ec0dfe3c3 100644 --- a/builtin/providers/aws/resource_aws_security_group_rule.go +++ b/builtin/providers/aws/resource_aws_security_group_rule.go @@ -87,7 +87,7 @@ func resourceAwsSecurityGroupRuleCreate(d *schema.ResourceData, meta interface{} sg, err := findResourceSecurityGroup(conn, sg_id) if err != nil { - return fmt.Errorf("sorry") + return err } perm := expandIPPerm(d, sg) @@ -205,7 +205,7 @@ func resourceAwsSecurityGroupRuleDelete(d *schema.ResourceData, meta interface{} sg, err := findResourceSecurityGroup(conn, sg_id) if err != nil { - return fmt.Errorf("sorry") + return err } perm := expandIPPerm(d, sg) @@ -255,18 +255,12 @@ func findResourceSecurityGroup(conn *ec2.EC2, id string) (*ec2.SecurityGroup, er } resp, err := conn.DescribeSecurityGroups(req) if err != nil { - if ec2err, ok := err.(awserr.Error); ok { - if ec2err.Code() == "InvalidSecurityGroupID.NotFound" || - ec2err.Code() == "InvalidGroup.NotFound" { - resp = nil - err = nil - } - } - - if err != nil { - log.Printf("Error on findResourceSecurityGroup: %s", err) - return nil, err - } + return nil, err + } + if len(resp.SecurityGroups) != 1 { + return nil, fmt.Errorf( + "Expected to find one security group with ID %q, got: %#v", + id, resp.SecurityGroups) } return resp.SecurityGroups[0], nil